Real Time Intrusion Prediction based on Optimized Alerts with Hidden Markov Model
F. Xiao, S. Jin, and X. Li, ”A Novel Data Mining-Based
Method for Alert Reduction and Analysis,” Journal of
Network, vol. 5, 2010, pp. 88-97.
 D. Yu, and D. A. Frincke, ”Improving the quality of alerts
and predicting intruder’s next goal with Hidden Colored
Petri-Net,” Computer Networks, vol. 51, 2007, pp. 632-654.
 K. Scarfone, and P. Mell, ”Guide to Intrusion Detection
and Prevention Systems,” Technical Report NIST SP 800-
94, National Institute of Standards and Technology, 2007.
 N. Stakhanova, S. Basu, and J. Wong, ”Taxonomy of
Intrusion Response Systems,” Journal of Information and
Computer Security, vol. 1, 2007, pp. 169-184.
 D. B. Payne, and H. G. Gunhold, ”Policy-based security
configuration management application to intrusion detection
and prevention,” 2009 IEEE International Conference on
Communications, Dresden, Germany, 2009.
 A. Curtis, and J. Carver, ”Adaptive agent-based intrusion
response,” Ph.D thesis, Texas A&M University, USA, 2001.
 W. Lee, W. Fan, and M. Miller, ”Toward cost-sensitive
modeling for intrusion detection and response,” Journal of
Computer Security, vol. 10, 2002, pp. 5-22.
 D. B. Payne, and H. G. Gunhold, ”Evaluating the Impact
of Automated Intrusion Response Mechanisms,” Proceed-
ings of the 18th Annual Computer Security Applications
Conference, Los Alamitos, USA, 2002.
 C. P. Mu, and Y. Li, ”An intrusion response decision-making
model based on hierarchical task network planning,” Expert
systems with applications, vol. 37, 2010, pp. 2465-2472.
 RealSecure Signatures Reference Guide. Internet Security
literature/RealSecure/RS Signatures 6.0.pdf.
 K. Haslum, A. Abraham, and S. Knapskog, ”Dips: A
framework for distributed intrusion prediction and preven-
tion using hidden markov models and online fuzzy risk
assessment,” In Third International Symposium on Infor-
mation Assurance and Security, 2007, pp. 183-188.
 K. Haslum, M. E. G. Moe, and S. J. Knapskog, ”Real-
time intrusion prevention and security analysis of networks
using HMMs,” 33rd IEEE Conference on Local Computer
Networks, Montreal, Canada, 2008.
 B. Zhu, and A. A. Ghorbani, ”Alert correlation for ex-
tracting attack strategies,” International Journal of Network
Security, vol. 3, 2006, pp. 244-258.
 C. Kruegel, F. Valeur, and G. Vigna, ”Alert Correlation,”
in Intrusion Detection and Correlation, first edition, vol. 14,
Ed. New York: Springer, 2005, pp. 29-35.
 L. Feng, W. Wang, L. Zhu, and Y. Zhang, ”Predicting in-
trusion goal using dynamic Bayesian network with transfer
probability estimation,” Journal of Networks and Computer Applications, vol. 32, n. 3, 2009, pp. 721-732.
 MIT Lincoln Laboratory, 2000 darpa intrusion detection
scenario specific data sets, 2000.
 North Carolina State University Cyber Defense Lab-
oratory, Tiaa: A toolkit for intrusion alert analysis,
 S. Tanachaiwiwat, K. Hwang, and Y. Chen, ”Adaptive In-
trusion Response to Minimize Risk over Multiple Network
Attacks,” ACM Trans on Information and System Security,
 J. Han, and M. Kamber, ”Data Mining: Concepts and
Techniques,” 2nd ed., San Francisco: Elsevier, 2006.
 M. Gaber, A. Zaslavsky, and S. Krishnaswamy, ”Mining
Data Streams: A Review,” ACM SIGMOD Record, vol. 34,
 J. Han, H. Cheng, D. Xin, and X. Yan, ”Frequent pattern
mining: Current status and future directions,” Data Mining
and Knowledge Discovery, 2007.
 W. Li, and Z. Guo, ”Hidden Markov Model Based Real
Time Network Security Quantification Method,” nswctc,
International Conference on Networks Security, Wireless
Communications and Trusted Computing, pp. 94-100, 2009.
 C. Aggarwal, J. Han, J. Wang, and P. Yu, ”A Frame-
work for Projected Clustering of High Dimensional Data
Streams,” Proceedings of the 30th VLDB Conference,
Toronto, Canada, 2004.
 N. B. Anuar, M. Papadaki, S. Furnell, and N. Clarke, ”An
investigation and survey of response options for intrusion
response systems,” Information Security for South Africa,
pp. 1-8, 2010.
 L. R. Rabiner, ”A tutorial on hidden markov models and
selected applications in speech recognition,” Readings in
speech recognition, pp. 267-296, 1990.
Full Text: PDF