[1] FARAJI DANESHGAR F, ABBASPOUR M. Extracting fuzzy attack patterns using an online fuzzy adaptive alert correlation framework[J]. Security and Communication Networks, 2016, 9(14):2245-2260. [2] WANG C H, CHIOU Y C. Alert correlation system with automatic extraction of attack strategies by using dynamic feature weights[J]. International Journal of Computer and Communication Engineering, 2016, 5(1):1-10. [3] SADIGHIAN A, FERNANDEZ J M, LEMAY A, et al. ONTIDS:a highly flexible context-aware and ontology-based alert correlation framework[C]//Proceedings of the 2013 International Symposium on Foundations and Practice of Security, LNCS 8352. Cham:Springe, 2013:161-177. [4] 任维武,胡亮,赵阔. 基于数据挖掘和本体的入侵警报关联模型[J]. 吉林大学学报(工学版), 2015, 45(3):899-906. (REN W W, HU L, ZHAO K. Intrusion alert correlation model based on data mining and ontology[J]. Journal of Jilin University (Engineering and Technology Edition), 2015, 45(3):899-906.) [5] LIN Z, LI S, MA Y. Real-time intrusion alert correlation system based on prerequisites and consequence[C]//Proceedings of the 6th International Conference on Wireless Communications Networking and Mobile Computing. Piscataway:IEEE, 2010:1-5. [6] WANG W, JIANG R, JIA Y, et al. KGBIAC:Knowledge Graph Based Intelligent Alert Correlation framework[C]//Proceedings of the 2017 International Symposium on Cyberspace Safety and Security, LNCS 10581. Cham:Springer, 2017:523-530. [7] AHMADIAN RAMAKI A, RASOOLZADEGAN A. Causal knowledge analysis for detecting and modeling multi-step attacks[J]. Security and Communication Networks, 2016, 9(18):6042-6065. [8] 张晓洪. 基于多源事件融合的网络安全态势评估方法研究[D]. 天津:天津理工大学, 2016:1-69. (ZHANG X H. The research on network security situation evaluation based on mutli-source events fusion[D]. Tianjin:Tianjin University of Technology, 2016:1-69.) [9] 彭梦停,胡建伟,崔艳鹏. 基于数据挖掘的攻击场景提取方法研究[J].计算机应用与软件, 2018, 35(10):317-322. (PENG M T, HU J W, CUI Y P. Research of attack scenarios extraction based on data mining[J]. Computer Applications and Software, 2018, 35(10):317-322.) [10] 李之棠,王莉,李东. 一种新的在线攻击意图识别方法研究[J]. 小型微型计算机系统, 2008, 29(7):1347-1352. (LI Z T, WANG L, LI D. Novel online attack strategy recognition technique[J]. Journal of Chinese Computer Systems, 2008, 29(7):1347-1352.) [11] BAMASAK O, ZHANG N. A distributed reputation management scheme for mobile agent-based e-commerce applications[C]//Proceedings of the 2005 IEEE International Conference on e-technology, e-Commerce and e-Service. Piscataway:IEEE, 2005:270-275. [12] AGRAWAL R, SRIKANT R. Mining sequential pattern[C]//Proceedings of the 11th International Conference on Data Engineering. Piscataway:IEEE, 1995:3-14. [13] PEI J, HAN J, MORTAZAVI-ASL B, et al. PrefixSpan:mining sequential patterns efficiently by prefix-projected pattern growth[C]//Proceedings of the 17th IEEE International Conference of Data Engineering. Piscataway:IEEE, 2001:215-224. [14] MIT Lincoln Laboratory. 2000 DARPA intrusion detection scenario specific datasets[EB/OL].[2019-05-12].http://www.ll.mit.edu/r-d/datasets/2000-darpa-intrusion-detection-scenario-specific-datasets. [15] 王莉. 网络多步攻击识别方法研究[D]. 武汉:华中科技大学, 2007:1-132. (WANG L. Study on method of network multi-stage attack plan recognition[D]. Wuhan:Huazhong University of Science and Technology, 2007:1-132.) |