{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,10,29]],"date-time":"2024-10-29T21:51:23Z","timestamp":1730238683427,"version":"3.28.0"},"reference-count":47,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011,9]]},"DOI":"10.1109\/icdim.2011.6093323","type":"proceedings-article","created":{"date-parts":[[2011,12,6]],"date-time":"2011-12-06T15:59:24Z","timestamp":1323187164000},"page":"179-186","source":"Crossref","is-referenced-by-count":6,"title":["Applying multi-correlation for improving forecasting in cyber security"],"prefix":"10.1109","author":[{"given":"Elvis","family":"Pontes","sequence":"first","affiliation":[]},{"given":"Adilson E.","family":"Guelfi","sequence":"additional","affiliation":[]},{"given":"Sergio T.","family":"Kofuji","sequence":"additional","affiliation":[]},{"given":"Anderson A. A.","family":"Silva","sequence":"additional","affiliation":[]},{"given":"Adilson E.","family":"Guelfi","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","first-page":"10","article-title":"Correlating IDS Alerts with Vulnerability Information","author":"gula","year":"2007","journal-title":"Chief Technology Officer - Tenable Network Security Columbia MD EUA"},{"key":"ref38","first-page":"94","article-title":"Correlation of Intrusion Symptoms: An Application of Chronicles. France Telecom R & D","author":"morin","year":"0","journal-title":"6th International Conference on RAID 2003"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1109\/PACRIM.2005.1517323"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1145\/1128817.1128835"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/APSCC.2008.107"},{"key":"ref30","article-title":"IFTS: Intrusion Forecast and Traceback based on Union Defense Environment","author":"leu","year":"2005","journal-title":"IEEE ICPADS"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1016\/j.istr.2005.07.001"},{"key":"ref36","first-page":"54","article-title":"Probabilistic Alert Correlation. SRI International","author":"valdes","year":"2001","journal-title":"the 2001 International Workshop on the RAID 2001"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2002.1039860"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1109\/ENABL.2000.883722"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1007\/11760146_24"},{"key":"ref40","first-page":"21","article-title":"Analyzing Intensive Intrusion Alerts via Correlation. North Carolina State University","author":"ning","year":"2002","journal-title":"5th International Symposium on RAID"},{"key":"ref11","first-page":"10","article-title":"Constructing attack scenarios through correlation of intrusion alerts","author":"douglas","year":"2002","journal-title":"9th ACM CCCS North Carolina State University CCS'02"},{"key":"ref12","first-page":"39","article-title":"Reasoning about complementary intrusion evidence","author":"yan","year":"2004","journal-title":"20th Annual CSAC"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1109\/TLA.2009.5349043"},{"key":"ref14","first-page":"1","article-title":"Third generation for intrusion detection: applying forecasts and ROSI to cope with unwanted traffic","author":"pontes","year":"2009","journal-title":"Proceedings of 4th IEEE ICITST 09"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.1109\/ICDIM.2010.5664238"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/SENSORCOMM.2007.4394965"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1175\/JAS3430.1"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1109\/MSPEC.2005.1549778"},{"journal-title":"Elliott Wave Principles","year":"2002","author":"prechter","key":"ref19"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1007\/11751632_84"},{"article-title":"distributed denial of service attacks against independent media and human rights sites","year":"2010","author":"zuckerman","key":"ref4"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1109\/GLOCOM.2004.1378401"},{"journal-title":"5th Worldwide Infrastructure Sec Report","year":"2010","author":"mcpherson","key":"ref3"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1109\/ICDIM.2009.5356772"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/INES.2007.4283671"},{"key":"ref5","article-title":"Sistema para identifica&#x00E7;&#x00E3;o de alertas falso positivos por meio de an&#x00E1;lise de correlacionamentos e alertas isolados","author":"silva e","year":"2010","journal-title":"9th IEEE 12TS 2010"},{"key":"ref8","first-page":"13","article-title":"Enriching intrusion alerts through multi -most causality","author":"samuel","year":"2005","journal-title":"Proceedings of 12th NDSS 2005"},{"key":"ref7","first-page":"10","article-title":"Log correlation for intrusion detection a proof of concept","author":"cristina","year":"2003","journal-title":"19th IEEE ACSAC 2003"},{"journal-title":"Bureau of Justice Assistance and National White Collar Crime Center","article-title":"2009 Internet Crime Report","year":"2010","key":"ref2"},{"year":"2009","key":"ref1","article-title":"Guide to Intrusion Detection and Prevention Systems (IDPS)"},{"key":"ref9","first-page":"16","article-title":"An intrusion alert correlator based on prerequisites of intrusions","author":"ning","year":"2002","journal-title":"Technical Report TR-2002&#x2013;0l North Carolina State University Raleigh NC USA"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.2307\/1266443"},{"journal-title":"The Behavior of Markets A Fractal View of Risk Ruin and Reward","year":"2006","author":"mandelbrot","key":"ref20"},{"journal-title":"E-Handbook of Statistical Methods","year":"2009","key":"ref45"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/CISW.2007.4425547"},{"key":"ref47","first-page":"91","article-title":"Tr&#x00E1;fego Internet n&#x00E3;o Desejado: Conceitos, Caracteriza&#x00E7;&#x00E3;o e Solu&#x00E7;&#x00F5;es","author":"feitosa","year":"0","journal-title":"Proc VIII SBSeg SBC 2008"},{"journal-title":"Principles of Forecasting A Handbook for Researchers and Practitioners","year":"2002","author":"armstrong","key":"ref21"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/ICTTA.2006.1684901"},{"key":"ref42","first-page":"266","article-title":"Probabilistic techniques for IDS based on computer audit data","author":"ye","year":"2001","journal-title":"IEEE Transactions on Systems Man and Cybernetics"},{"key":"ref23","first-page":"4370","article-title":"A new intrusion detection method based on behavioral model","author":"yin","year":"2004","journal-title":"IEEE WCICA"},{"key":"ref41","article-title":"A security event analisys system to identify false positive alerts and evaluate isolated alerts creating multi-correlation criteria","volume":"107","author":"silva","year":"2010","journal-title":"IPT Sao Paulo SP Brasil"},{"key":"ref26","first-page":"9","article-title":"Quickprop neural network ensemble forecasting framework for database intrusion prediction system","author":"ramasubramanian","year":"2004","journal-title":"Proc Springer 7th ICAISC"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2006.05.005"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ADCOM.2006.4289880"},{"key":"ref43","first-page":"75","article-title":"Computer intrusion detection through EWMA for autocorrelated and uncorrelated data","author":"ye","year":"2003","journal-title":"IEEE Transactions on Reliability"}],"event":{"name":"2011 Sixth International Conference on Digital Information Management (ICDIM)","start":{"date-parts":[[2011,9,26]]},"location":"Melbourne, Australia","end":{"date-parts":[[2011,9,28]]}},"container-title":["2011 Sixth International Conference on Digital Information Management"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx5\/6082065\/6093313\/06093323.pdf?arnumber=6093323","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,3,21]],"date-time":"2017-03-21T08:52:57Z","timestamp":1490086377000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6093323\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,9]]},"references-count":47,"URL":"https:\/\/doi.org\/10.1109\/icdim.2011.6093323","relation":{},"subject":[],"published":{"date-parts":[[2011,9]]}}}