[1] 卿斯汉, 蒋建春, 马恒太, 等. 入侵检测技术研究综述[J]. 通信学报, 2004, 25(7): 19-29. [2] 穆成坡, 黄厚宽, 田盛丰. 入侵检测系统报警信息聚合与关联技术研究综述[J]. 计算机研究与发展, 2006, 43(1): 1-8. [3] T Kanungo, N S Netanyahu, A Y Wuan.An Efficient k-Means Clustering Algorithm: Analysis and Implementation[J]. IEEE Transactions on Pattern Analysis and Machine Intelligence(S0162-8828), 2002, 24(7): 881-892. [4] Hadi Bahrbegi, Ahmad Habibizad Navin, Amir Azimi Alasti Ahrabi. A New System to Evaluate GA-based Clustering Algorithms in Intrusion Detection Alert Management[C]// 2010 Second World Congress on Nature and Biologically Inspired Computing. Kitakyushu (Japan): Institute of Electrical and Electronics Engineers( IEEE ), 2010: 115-120. [5] A Hofmann, D Fisch, B Sick.Identifying Attack Instances by Alert Clustering[C]// Proc. IEEE Three-Rivers Workshop Soft Computing in Industrial Applications. USA: IEEE, 2007: 25-31. [6] G C Tjhai, S M Furnell, M Papadaki, et al.Preliminary two-stage alarm correlation and filtering system using SOM neural network and K-means algorithm[J]. Computers & Security(S0167-4048), 2011, 29(6): 712-723. [7] Emmanuel Hooper.An Intelligent Intrusion Detection and Response System Using Hybrid Ward Hierarchical Clustering Analysis[C]// Multimedia and Ubiquitous Engineering. Crete(Greece): Institute of Electrical and Electronics Engineers( IEEE ), 2010: 1187-1192. [8] C Tsai, C C Yen.Unsupervised Anomaly Detection Using HDG-Clustering Algorithm[C]// Neural Information Processing, Germany: Springer Berlin (Heidelberg), 2009: 356-365. [9] M Ester, H P Kriegal, J Sander, et al.A density-based algorithm for discoverying clusters in large spatial databases with noise [C]// KDD96 Proceedings of 2nd International Conference on Knowledge Discovery and Data Mining. Portland(Oregon): AAAI Press, 1996, 96(34): 226-231. [10] Tran Manh Thang, Juntae Kim.The Anomaly Detection by Using DBSCAN Clustering with Multiple Parameters[C]// Information Science and Applications (ICISA), 2011 International Conference (IEEE). USA: IEEE, 2011: 1-5. [11] Alexander Hofmann, Bernhard Sick.Online Intrusion Alert Aggregation with Generative Data Stream Modeling[J]. IEEE Transactions on Dependable and Secure Computing(S1545-5971), 2011, 8(2): 282-294. [12] Xfocus Team. Bro: 一个开放源码的高级NIDS系统. [EB/OL]. (2003-10-12) [2015-04-29]. http://www.xfocus. net/articles/200310/624.html. [13] M V Mahoney, P K Chan.Learning rules for anomaly detection of hostile network traffic [C]// Proc. 3rd IEEE Int’l Conf. Data Mining Los Alamitos, CA, USA. USA: IEEE Computer Society Press, 2003: 601-604. [14] Caswell B, Roesch M. Snort: The open source network intrusion detection system [EB/OL]. (2009-04-21) [2015-04-29]. http://www.snort.org/ [15] 穆成坡, 黄厚宽, 田盛丰. 入侵报警管理与入侵响应系统&中的自适应报警聚合[J]. 计算机科学, 2007, 34(12): 73-77. [16] 胥小波, 蒋琴琴, 郑康锋, 等. 基于混沌粒子群的告警聚类算法[J]. 通信学报, 2013, 34(3): 105-110. |