Ning, P., Cui, Y., and Reeves, D. S. 2002b. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security. Washington, D.C., 245--254. Home/Search Document Details and Download
Summary Related Articles Check |
This paper is cited in the following contexts:
Techniques and Tools for Analyzing Intrusion Alerts - Ning, Cui, Reeves, Xu (2004) (1 citation) Self-citation (Ning Cui Reeves) (Correct)
No context found.
Ning, P., Cui, Y., and Reeves, D. S. 2002b. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security. Washington, D.C., 245--254.
Adapting Query Optimization Techniques for Efficient Intrusion.. - Ning, Xu (2002) Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proc. of the 9th ACM Conf. on Computer and Communications Security, 2002.
Alert Correlation through Triggering Events and Common Resources - Dingbang Xu And Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 245--254, Washington, D.C., November 2002.
Building Attack Scenarios through Integration of.. - Correlation Methods Peng Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 245--254, Washington, D.C., November 2002.
Reasoning about Complementary Intrusion Evidence - Zhai, Ning, Iyer, Reeves (2004) Self-citation (Ning Reeves) (Correct)
No context found.
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 245--254, Washington, D.C., November 2002.
Privacy-Preserving Alert Correlation: A Concept Hierarchy.. - Dingbang Xu And (2005) (1 citation) Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 245--254, Washington, D.C., November 2002.
Learning Attack Strategies from Intrusion Alerts - Ning, Xu (2003) (3 citations) Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, pages 245-- 254, Washington, D.C., November 2002.
Learning Attack Strategies from Intrusion Alerts - Ning, Xu (2003) (3 citations) Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proc. of the 9th ACM Conf. on Comp. and Comm. Security, 2002.
Adapting Query Optimization Techniques for Efficient Intrusion.. - Ning, Xu (2002) Self-citation (Ning) (Correct)
No context found.
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, D.C., November 2002.
Constructing Attack Scenarios through Correlation of.. - Ning, Cui, Reeves (2002) (15 citations) Self-citation (Ning Cui Reeves) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts (full version). Technical Report TR-2002-13, North Carolina State University, Department of Computer Science, August 2002.
Constructing Attack Scenarios through Correlation of.. - Ning, Cui, Reeves (2002) (15 citations) Self-citation (Ning Cui Reeves) (Correct)
....attack scenarios (i.e. steps that attackers use in their attacks) from alerts and facilitate intrusion analysis. # Results in this technical report overlap with TR 2001 13 and TR 2002 01. The intention of this technical report is to provide a full version for the paper to appear in ACM CCS 02 [14]. Several alert correlation methods have been proposed to address this problem. These methods fall into three classes. The first class (e.g. Spice [17] the probabilistic alert correlation [19] and the MIRADOR method [4] correlates alerts based on the similarities between alert attributes. ....
....and a specific mechanism for alert correlation, which leads to our implementation of the method. Recent work by Cuppens and Miege [5] has substantial similarity to our work, which is done independently. The comparison of [5] with our work can be found in a later version of this technical report [14] The contribution of this paper is three fold. First, we develop a framework for alert correlation by addressing the limitations of JIGSAW. Unlike JIGSAW, our method can deal with attack attempts and correlate alerts as long as there are signs of connections between them, even if some related ....
P. Ning, Y. Cui, and D. S Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security (to appear), Washington, D.C., November 2002. Available at http://infosec.csc.ncsu.edu/pubs/ccs02.pdf.
A Comprehensive Approach to Intrusion Detection Alert.. - Valeur, Vigna.. (2004) (1 citation) (Correct)
No context found.
P. Ning, Y. Cui, and D.S. Reeves, "Constructing Attack Scenarios through Correlation of Intrusion Alerts," Proc. ACM Conf. Computer and Comm. Security, pp. 245-254, Nov. 2002.
Using Alert Verification to Identify Successful Intrusion.. - Kruegel, Robertson, Vigna (Correct)
No context found.
Ning, P.; Cui, Y.; Reeves, D.: Constructing Attack Scenarios through Correlation of Intrusion Alerts. In: Proceedings of the ACM Conference on Computer and Communications Security. pages 245-254. Washington, D.C. November 2002.
Log Correlation for Intrusion Detection: A Proof of.. - Abad, Taylor, Sengul.. (2003) (4 citations) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proc. of the 9th ACM Conference on Computer & Communications Security, pages 245--254, Nov. 2002.
Alert Verification - Determining the Success of Intrusion.. - Kruegel, Robertson (2004) (Correct)
No context found.
Ning, P., Cui, Y., und Reeves, D.: Constructing Attack Scenarios through Correlation of Intrusion Alerts. In: Proceedings of the ACM Conference on Computer and Communications Security. S. 245--254. Washington, D.C. November 2002.
Artificial Immune Systems - Aickelin, Dasgupta (2003) (1 citation) (Correct)
No context found.
Ning, P., Cui, Y. and Reeves, S., 2002, Constructing attack scenarios through correlation of intrusion alerts, in: Proc. 9th ACM Conf. on Computer and Communications Security, pp. 245--254.
Towards Collaborative Security and P2P Intrusion Detection - Locasto, al. (2005) (Correct)
No context found.
P. Ning, Y. Cui, and D. Reeves, "Constructing Attack Scenarios Through Correlation of Intrusion Alerts," in Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 245--254, November 2002.
A Log Analysis based Intrusion Detection System for the creation.. - Muscat (Correct)
No context found.
Peng Ning, Yun Cui, Douglas S.Reeves, 2003. Constructing Attack Scenarios through correlation of intrusion alerts.
On The Feasibility of Distributed Intrusion Detection - Columbia University Dnad (2004) (Correct)
No context found.
Peng Ning, Yun Cui, and Douglas Reeves. Constructing Attack Scenarios Through Correlation of Intrusion Alerts.
Danger Theory: The Link between AIS and IDS? - Aickelin, Bentley, Cayzer.. (2003) (Correct)
No context found.
Ning, P, Cui Y, Reeves S (2002), Constructing Attack Scenarios through Correlation of Intrusion Alerts, 9th Conference on Computer & Communications Security, pp 245-254.
Visualizing and Identifying Intrusion Context from System Calls.. - Li, Das (2004) (Correct)
No context found.
P. Ning, Y. Cui, and D. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM conference on Computer and communications security, pages 245--254, 2002.
Alarm Reduction and Correlation in Defence of IP Networks - Tobias Chyssler Simin (2004) (Correct)
No context found.
P. Ning. Y. Cui and D. S. Reeves. Constructing Attack Scenarios through Correlation of Intrusion Alerts. Proc. of the 9th ACM conference on Computer and communications security. ACM Press, 2002. Pages 245 254.
Danger Theory: The Link between AIS and IDS? - Aickelin, Bentley, Cayzer.. (2003) (Correct)
No context found.
Ning, P, Cui Y, Reeves S (2002), Constructing Attack Scenarios through Correlation of Intrusion Alerts, 9th Conference on Computer & Communications Security, pp 245-254.
Log Correlation for Intrusion Detection: A Proof of.. - Abad, Taylor, Sengul.. (2003) (4 citations) (Correct)
No context found.
P. Ning, Y. Cui, and D. S. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In Proc. of the 9th ACM Conference on Computer & Communications Security, pages 245--254, Nov. 2002.
Danger Theory: The Link between AIS and IDS? - Aickelin, Bentley, Cayzer.. (2003) (Correct)
No context found.
Ning, P, Cui Y, Reeves S (2002), Constructing Attack Scenarios through Correlation of Intrusion Alerts, 9th Conference on Computer & Communications Security, pp 245-254.
Danger Theory: The Link between AIS and IDS? - Aickelin, Bentley, Cayzer.. (Correct)
No context found.
Ning, P, Cui Y, Reeves S (2002), Constructing Attack Scenarios through Correlation of Intrusion Alerts, 9th Conference on Computer & Communications Security, pp 245-254.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC