{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:47:17Z","timestamp":1750308437374,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":51,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,10,23]],"date-time":"2019-10-23T00:00:00Z","timestamp":1571788800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,10,23]]},"DOI":"10.1145\/3372938.3372990","type":"proceedings-article","created":{"date-parts":[[2020,1,8]],"date-time":"2020-01-08T03:54:01Z","timestamp":1578455641000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["A survey and taxonomy of techniques used for alerts of Intrusion Detection Systems"],"prefix":"10.1145","author":[{"given":"Mohamed Amine","family":"Agalit","sequence":"first","affiliation":[{"name":"ERSI Laboratory, FST, Univ Sidi Mohamed Ben Abdellah, FES, Morocco"}]},{"given":"Youness Idrissi","family":"Khamlichi","sequence":"additional","affiliation":[{"name":"ERSI Laboratory, FST, Univ Sidi Mohamed Ben Abdellah, FES, Morocco"}]},{"given":"El Mostapha","family":"Chakir","sequence":"additional","affiliation":[{"name":"IR2M Laboratory, FST, Univ Hassan 1, Settat, Morocco"}]}],"member":"320","published-online":{"date-parts":[[2020,1,7]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2015.11.016"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1080\/19393555.2015.1125974"},{"key":"e_1_3_2_1_3_1","first-page":"533","volume-title":"Communications and Informatics","author":"Bhuyan M. H.","year":"2012","unstructured":"M. H. Bhuyan , D. Bhattacharyya , et J. K. Kalita , ≪ An effective unsupervised network anomaly detection method ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the International Conference on Advances in Computing , Communications and Informatics , 2012 , p. 533 -- 539 . M. H. Bhuyan, D. Bhattacharyya, et J. K. Kalita, ≪ An effective unsupervised network anomaly detection method ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the International Conference on Advances in Computing, Communications and Informatics, 2012, p. 533--539."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.04.009"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"K. A. Scarfone et P. M. Mell ≪ Guide to Intrusion Detection and Prevention Systems (IDPS)| NIST ≫ 2007.  K. A. Scarfone et P. M. Mell ≪ Guide to Intrusion Detection and Prevention Systems (IDPS)| NIST ≫ 2007.","DOI":"10.6028\/NIST.SP.800-94"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2012.09.004"},{"key":"e_1_3_2_1_7_1","volume-title":"et N. Clarke, &Lt","author":"Anuar N. B.","year":"2011","unstructured":"N. B. Anuar , S. Furnell , M. Papadaki , et N. Clarke, &Lt ; A risk index model for security incident prioritisation ≫, 2011 . N. B. Anuar, S. Furnell, M. Papadaki, et N. Clarke, ≪ A risk index model for security incident prioritisation ≫, 2011."},{"volume-title":"et O. Zakaria, &Lt","author":"Anuar N. B.","key":"e_1_3_2_1_8_1","unstructured":"N. B. Anuar , H. Sallehudin , A. Gani , et O. Zakaria, &Lt ; Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree ≫, Malaysian journal of computer science, vol. 21 , no 2, p. 101--115, 2008. N. B. Anuar, H. Sallehudin, A. Gani, et O. Zakaria, ≪ Identifying false alarm for network intrusion detection system using hybrid data mining and decision tree ≫, Malaysian journal of computer science, vol. 21, no 2, p. 101--115, 2008."},{"key":"e_1_3_2_1_9_1","first-page":"85","article-title":"Aggregation and correlation of intrusion-detection alerts ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances","author":"Wespi H.","year":"2001","unstructured":"H. Debar et A. Wespi , ≪ Aggregation and correlation of intrusion-detection alerts ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection , 2001 , p. 85 -- 103 . H. Debar et A. Wespi, ≪ Aggregation and correlation of intrusion-detection alerts ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection, 2001, p. 85--103.","journal-title":"Intrusion Detection"},{"key":"e_1_3_2_1_10_1","volume-title":"et R. Boutaba, &Lt","author":"Alsubhi K.","year":"2008","unstructured":"K. Alsubhi , E. Al-Shaer , et R. Boutaba, &Lt ; Alert prioritization in intrusion detection systems ≫, pr\u00e9sent\u00e9 \u00e0 NOMS 2008 -2008 IEEE Network Operations and Management Symposium , 2008, p. 33--40. K. Alsubhi, E. Al-Shaer, et R. Boutaba, ≪ Alert prioritization in intrusion detection systems ≫, pr\u00e9sent\u00e9 \u00e0 NOMS 2008-2008 IEEE Network Operations and Management Symposium, 2008, p. 33--40."},{"key":"e_1_3_2_1_11_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 IFIP International Information Security Conference","author":"Dondo M. G.","year":"2008","unstructured":"M. G. Dondo , ≪ A vulnerability prioritization system using a fuzzy risk analysis approach ≫ , pr\u00e9sent\u00e9 \u00e0 IFIP International Information Security Conference , 2008 , p. 525--540. M. G. Dondo, ≪ A vulnerability prioritization system using a fuzzy risk analysis approach ≫, pr\u00e9sent\u00e9 \u00e0 IFIP International Information Security Conference, 2008, p. 525--540."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2005.09.004"},{"key":"e_1_3_2_1_13_1","first-page":"95","article-title":"A mission-impact-based approach to INFOSEC alarm correlation ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances","author":"Porras P. A.","year":"2002","unstructured":"P. A. Porras , M. W. Fong , et A. Valdes , ≪ A mission-impact-based approach to INFOSEC alarm correlation ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection , 2002 , p. 95 -- 114 . P. A. Porras, M. W. Fong, et A. Valdes, ≪ A mission-impact-based approach to INFOSEC alarm correlation ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection, 2002, p. 95--114.","journal-title":"Intrusion Detection"},{"key":"e_1_3_2_1_14_1","volume-title":"et Y. Kadobayashi, &Lt","author":"Wang S.","year":"2013","unstructured":"S. Wang , Z. Zhang , et Y. Kadobayashi, &Lt ; Exploring attack graph for cost-benefit security hardening: A probabilistic approach ≫, Computers & security, vol. 32 , p. 158--169, 2013 . S. Wang, Z. Zhang, et Y. Kadobayashi, ≪ Exploring attack graph for cost-benefit security hardening: A probabilistic approach ≫, Computers & security, vol. 32, p. 158--169, 2013."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.03.005"},{"key":"e_1_3_2_1_16_1","first-page":"69","article-title":"How to determine threat probabilities using ontologies and Bayesian networks ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research","author":"Neubauer S.","year":"2009","unstructured":"S. Fenz et T. Neubauer , ≪ How to determine threat probabilities using ontologies and Bayesian networks ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research : Cyber Security and Information Intelligence Challenges and Strategies , 2009 , p. 69 . S. Fenz et T. Neubauer, ≪ How to determine threat probabilities using ontologies and Bayesian networks ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, 2009, p. 69.","journal-title":"Cyber Security and Information Intelligence Challenges and Strategies"},{"key":"e_1_3_2_1_17_1","first-page":"35","article-title":"Online risk assessment of intrusion scenarios using DS evidence theory ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research","author":"Mu C.","year":"2008","unstructured":"C. Mu , X. Li , H. Huang , et S. Tian , ≪ Online risk assessment of intrusion scenarios using DS evidence theory ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research in Computer Security , 2008 , p. 35 -- 48 . C. Mu, X. Li, H. Huang, et S. Tian, ≪ Online risk assessment of intrusion scenarios using DS evidence theory ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research in Computer Security, 2008, p. 35--48.","journal-title":"Computer Security"},{"key":"e_1_3_2_1_18_1","volume-title":"et J. S. Wong, &Lt","author":"Strasburg C.","year":"2009","unstructured":"C. Strasburg , N. Stakhanova , S. Basu , et J. S. Wong, &Lt ; Intrusion response cost assessment methodology ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security , 2009 , p. 388--391. C. Strasburg, N. Stakhanova, S. Basu, et J. S. Wong, ≪ Intrusion response cost assessment methodology ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, 2009, p. 388--391."},{"key":"e_1_3_2_1_19_1","first-page":"626","article-title":"A service dependency model for cost-sensitive intrusion response ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research","author":"Kheir N.","year":"2010","unstructured":"N. Kheir , N. Cuppens-Boulahia , F. Cuppens , et H. Debar , ≪ A service dependency model for cost-sensitive intrusion response ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research in Computer Security , 2010 , p. 626 -- 642 . N. Kheir, N. Cuppens-Boulahia, F. Cuppens, et H. Debar, ≪ A service dependency model for cost-sensitive intrusion response ≫, pr\u00e9sent\u00e9 \u00e0 European Symposium on Research in Computer Security, 2010, p. 626--642.","journal-title":"Computer Security"},{"key":"e_1_3_2_1_20_1","volume-title":"et T. Neubauer, &Lt","author":"Ekelhart A.","year":"2009","unstructured":"A. Ekelhart , S. Fenz , et T. Neubauer, &Lt ; Aurum : A framework for information security risk management ≫, pr\u00e9sent\u00e9 \u00e0 2009 42nd Hawaii International Conference on System Sciences , 2009, p. 1--10. A. Ekelhart, S. Fenz, et T. Neubauer, ≪ Aurum: A framework for information security risk management ≫, pr\u00e9sent\u00e9 \u00e0 2009 42nd Hawaii International Conference on System Sciences, 2009, p. 1--10."},{"key":"e_1_3_2_1_21_1","unstructured":"N. L. Hausrath ≪ Methods for Hospital Network and Computer Security ≫ 2011.  N. L. Hausrath ≪ Methods for Hospital Network and Computer Security ≫ 2011."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-008-9109-x"},{"key":"e_1_3_2_1_23_1","volume-title":"et J. Gao, &Lt","author":"Xiao S.","year":"2008","unstructured":"S. Xiao , Y. Zhang , X. Liu , et J. Gao, &Lt ; Alert fusion based on cluster and correlation analysis ≫, pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Convergence and Hybrid Information Technology , 2008, p. 163--168. S. Xiao, Y. Zhang, X. Liu, et J. Gao, ≪ Alert fusion based on cluster and correlation analysis ≫, pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Convergence and Hybrid Information Technology, 2008, p. 163--168."},{"key":"e_1_3_2_1_24_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Information and Automation","author":"Zhang Y.","year":"2008","unstructured":"Y. Sun et R. Zhang , ≪ Automatic intrusion response system based on aggregation and cost ≫ , pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Information and Automation , 2008 , p. 1783--1786. Y. Sun et R. Zhang, ≪ Automatic intrusion response system based on aggregation and cost ≫, pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Information and Automation, 2008, p. 1783--1786."},{"key":"e_1_3_2_1_25_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 International Conference on Computational and Information Science","author":"\u00c5rnes K.","year":"2006","unstructured":"K. Haslum et A. \u00c5rnes , ≪ Multisensor real-time risk assessment using continuous-time hidden markov models ≫ , pr\u00e9sent\u00e9 \u00e0 International Conference on Computational and Information Science , 2006 , p. 694--703. K. Haslum et A. \u00c5rnes, ≪ Multisensor real-time risk assessment using continuous-time hidden markov models ≫, pr\u00e9sent\u00e9 \u00e0 International Conference on Computational and Information Science, 2006, p. 694--703."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2009.08.023"},{"key":"e_1_3_2_1_27_1","volume-title":"et M. Moughit, &Lt","author":"Chakir E. M.","year":"2016","unstructured":"E. M. Chakir , Y. I. Khamlichi , et M. Moughit, &Lt ; Handling alerts for intrusion detection system using stateful pattern matching ≫, pr\u00e9sent\u00e9 \u00e0 2016 4th IEEE International Colloquium on Information Science and Technology (CiSt) , 2016, p. 139--144. E. M. Chakir, Y. I. Khamlichi, et M. Moughit, ≪ Handling alerts for intrusion detection system using stateful pattern matching ≫, pr\u00e9sent\u00e9 \u00e0 2016 4th IEEE International Colloquium on Information Science and Technology (CiSt), 2016, p. 139--144."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.04.007"},{"key":"e_1_3_2_1_29_1","volume-title":"x on Ubuntu 14 and 16 ≫, l\u00ednea]. Available: https:\/\/www.snort.org\/documents\/snort-2-9-9-x-on-ubuntu-14-16.[\u00daltimo acceso: 13 Junio 2018]","author":"Dietrich N.","year":"2017","unstructured":"N. Dietrich , ≪ Snort 2.9. 9. x on Ubuntu 14 and 16 ≫, l\u00ednea]. Available: https:\/\/www.snort.org\/documents\/snort-2-9-9-x-on-ubuntu-14-16.[\u00daltimo acceso: 13 Junio 2018] , 2017 . N. Dietrich, ≪ Snort 2.9. 9. x on Ubuntu 14 and 16 ≫, l\u00ednea]. Available: https:\/\/www.snort.org\/documents\/snort-2-9-9-x-on-ubuntu-14-16.[\u00daltimo acceso: 13 Junio 2018], 2017."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2008.06.138"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.patrec.2008.01.008"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2011.05.058"},{"key":"e_1_3_2_1_33_1","first-page":"102","article-title":"Using adaptive alert classification to reduce false positives in intrusion detection ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances","author":"Pietraszek T.","year":"2004","unstructured":"T. Pietraszek , ≪ Using adaptive alert classification to reduce false positives in intrusion detection ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection , 2004 , p. 102 -- 124 . T. Pietraszek, ≪ Using adaptive alert classification to reduce false positives in intrusion detection ≫, pr\u00e9sent\u00e9 \u00e0 International Workshop on Recent Advances in Intrusion Detection, 2004, p. 102--124.","journal-title":"Intrusion Detection"},{"volume-title":"Information security technical report","author":"Tanner T.","key":"e_1_3_2_1_34_1","unstructured":"T. Pietraszek et A. Tanner , ≪ Data mining and machine learning---towards reducing false positives in intrusion detection ≫ , Information security technical report , vol. 10 , no 3, p. 169--183, 2005. T. Pietraszek et A. Tanner, ≪ Data mining and machine learning---towards reducing false positives in intrusion detection ≫, Information security technical report, vol. 10, no 3, p. 169--183, 2005."},{"key":"e_1_3_2_1_35_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining","author":"Dacier K.","year":"2002","unstructured":"K. Julisch et M. Dacier , ≪ Mining intrusion detection alarms for actionable knowledge ≫ , pr\u00e9sent\u00e9 \u00e0 Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining , 2002 , p. 366--375. K. Julisch et M. Dacier, ≪ Mining intrusion detection alarms for actionable knowledge ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining, 2002, p. 366--375."},{"key":"e_1_3_2_1_36_1","first-page":"84","volume-title":"CISSE (June 2004 2004)","author":"H\u00e4t\u00e4l\u00e4 A.","year":"2004","unstructured":"A. H\u00e4t\u00e4l\u00e4 , C. S\u00e4rs , R. Addams-Moring , et T. Virtanen , ≪ Event data exchange and intrusion alert correlation in heterogeneous networks ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 8th Colloquium for Information Systems Security Education (CISSE), Westpoint, NY , CISSE (June 2004 2004) , 2004 , p. 84 -- 92 . A. H\u00e4t\u00e4l\u00e4, C. S\u00e4rs, R. Addams-Moring, et T. Virtanen, ≪ Event data exchange and intrusion alert correlation in heterogeneous networks ≫, pr\u00e9sent\u00e9 \u00e0 Proceedings of the 8th Colloquium for Information Systems Security Education (CISSE), Westpoint, NY, CISSE (June 2004 2004), 2004, p. 84--92."},{"key":"e_1_3_2_1_37_1","unstructured":"D. Gorton ≪ Extending intrusion detection with alert correlation and intrusion tolerance ≫ 2003.  D. Gorton ≪ Extending intrusion detection with alert correlation and intrusion tolerance ≫ 2003."},{"key":"e_1_3_2_1_38_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information Superiority (Cat. No. 00CH37155)","author":"Gengo C.","year":"2000","unstructured":"C. Clifton et G. Gengo , ≪ Developing custom intrusion detection filters using data mining ≫ , pr\u00e9sent\u00e9 \u00e0 MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information Superiority (Cat. No. 00CH37155) , 2000 , vol. 1 , p. 440--443. C. Clifton et G. Gengo, ≪ Developing custom intrusion detection filters using data mining ≫, pr\u00e9sent\u00e9 \u00e0 MILCOM 2000 Proceedings. 21st Century Military Communications. Architectures and Technologies for Information Superiority (Cat. No. 00CH37155), 2000, vol. 1, p. 440--443."},{"key":"e_1_3_2_1_39_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 NAFIPS 2005-2005 Annual Meeting of the North American Fuzzy Information Processing Society","author":"Vaughn A.","year":"2005","unstructured":"A. Siraj et R. B. Vaughn , ≪ Multi-level alert clustering for intrusion detection sensor data ≫ , pr\u00e9sent\u00e9 \u00e0 NAFIPS 2005-2005 Annual Meeting of the North American Fuzzy Information Processing Society , 2005 , p. 748--753. A. Siraj et R. B. Vaughn, ≪ Multi-level alert clustering for intrusion detection sensor data ≫, pr\u00e9sent\u00e9 \u00e0 NAFIPS 2005-2005 Annual Meeting of the North American Fuzzy Information Processing Society, 2005, p. 748--753."},{"key":"e_1_3_2_1_40_1","first-page":"69","volume-title":"Spain","author":"Zhang S. O.","year":"2007","unstructured":"S. O. Al-Mamory et H. Zhang , ≪ A survey on IDS alerts processing techniques ≫, pr\u00e9sent\u00e9 \u00e0 Proceeding of the 6th WSEAS international conference on information security and privacy (ISP'07) , Spain , 2007 , p. 69 -- 78 . S. O. Al-Mamory et H. Zhang, ≪ A survey on IDS alerts processing techniques ≫, pr\u00e9sent\u00e9 \u00e0 Proceeding of the 6th WSEAS international conference on information security and privacy (ISP'07), Spain, 2007, p. 69--78."},{"volume-title":"Al-Mamory et H. Zhang, &Lt","author":"S.","key":"e_1_3_2_1_41_1","unstructured":"S. O. Al-Mamory et H. Zhang, &Lt ; New data mining technique to enhance IDS alarms quality ≫, Journal in computer virology, vol. 6 , no 1, p. 43--55, 2010. S. O. Al-Mamory et H. Zhang, ≪ New data mining technique to enhance IDS alarms quality ≫, Journal in computer virology, vol. 6, no 1, p. 43--55, 2010."},{"key":"e_1_3_2_1_42_1","volume-title":"et A. R. Abbas, &Lt","author":"Al-Mamory S. O.","year":"2008","unstructured":"S. O. Al-Mamory , H. Zhang , et A. R. Abbas, &Lt ; IDS alarms reduction using data mining ≫, pr\u00e9sent\u00e9 \u00e0 2008 IEEE International Joint Conference on Neural Networks (IEEE World Congress on Computational Intelligence) , 2008, p. 3564--3570. S. O. Al-Mamory, H. Zhang, et A. R. Abbas, ≪ IDS alarms reduction using data mining ≫, pr\u00e9sent\u00e9 \u00e0 2008 IEEE International Joint Conference on Neural Networks (IEEE World Congress on Computational Intelligence), 2008, p. 3564--3570."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2008.11.012"},{"key":"e_1_3_2_1_44_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 MILCOM 2009-2009 IEEE Military Communications Conference","author":"Vaarandi R.","year":"2009","unstructured":"R. Vaarandi , ≪ Real-time classification of IDS alerts with data mining techniques ≫ , pr\u00e9sent\u00e9 \u00e0 MILCOM 2009-2009 IEEE Military Communications Conference , 2009 , p. 1--7. R. Vaarandi, ≪ Real-time classification of IDS alerts with data mining techniques ≫, pr\u00e9sent\u00e9 \u00e0 MILCOM 2009-2009 IEEE Military Communications Conference, 2009, p. 1--7."},{"key":"e_1_3_2_1_45_1","volume-title":"et S. Stoecklin, &Lt","author":"Long J.","year":"2006","unstructured":"J. Long , D. Schwartz , et S. Stoecklin, &Lt ; Distinguishing false from true alerts in snort by data mining patterns of alerts ≫, pr\u00e9sent\u00e9 \u00e0 Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006 , 2006, vol. 6241 , p. 62410B. J. Long, D. Schwartz, et S. Stoecklin, ≪ Distinguishing false from true alerts in snort by data mining patterns of alerts ≫, pr\u00e9sent\u00e9 \u00e0 Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006, 2006, vol. 6241, p. 62410B."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.inffus.2009.01.004"},{"key":"e_1_3_2_1_47_1","volume-title":"pr\u00e9sent\u00e9 \u00e0 2010 International Conference on Network and Service Management","author":"Podi\u0146\u0161 R.","year":"2010","unstructured":"R. Vaarandi et K. Podi\u0146\u0161 , ≪ Network ids alert classification with frequent itemset mining and data clustering ≫ , pr\u00e9sent\u00e9 \u00e0 2010 International Conference on Network and Service Management , 2010 , p. 451--456. R. Vaarandi et K. Podi\u0146\u0161, ≪ Network ids alert classification with frequent itemset mining and data clustering ≫, pr\u00e9sent\u00e9 \u00e0 2010 International Conference on Network and Service Management, 2010, p. 451--456."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-009-0096-9"},{"key":"e_1_3_2_1_49_1","volume-title":"et H. Zhang, &Lt","author":"Tian Z.","year":"2008","unstructured":"Z. Tian , W. Zhang , J. Ye , X. Yu , et H. Zhang, &Lt ; Reduction of false positives in intrusion detection via adaptive alert classifier ≫, pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Information and Automation , 2008, p. 1599--1602. Z. Tian, W. Zhang, J. Ye, X. Yu, et H. Zhang, ≪ Reduction of false positives in intrusion detection via adaptive alert classifier ≫, pr\u00e9sent\u00e9 \u00e0 2008 International Conference on Information and Automation, 2008, p. 1599--1602."},{"issue":"4","key":"e_1_3_2_1_50_1","first-page":"95","article-title":"Identifying false alarm rates for intrusion detection system with Data Mining ≫","volume":"11","author":"Sabri F. N. M.","year":"2011","unstructured":"F. N. M. Sabri , N. M. Norwawi , et K. Seman , ≪ Identifying false alarm rates for intrusion detection system with Data Mining ≫ , IJCSNS International Journal of Computer Science and Network Security , vol. 11 , no 4 , p. 95 , 2011 . F. N. M. Sabri, N. M. Norwawi, et K. Seman, ≪ Identifying false alarm rates for intrusion detection system with Data Mining ≫, IJCSNS International Journal of Computer Science and Network Security, vol. 11, no 4, p. 95, 2011.","journal-title":"IJCSNS International Journal of Computer Science and Network Security"},{"volume-title":"Applied soft computing","author":"Banzhaf S. X.","key":"e_1_3_2_1_51_1","unstructured":"S. X. Wu et W. Banzhaf , ≪ The use of computational intelligence in intrusion detection systems : A review ≫ , Applied soft computing , vol. 10 , no 1, p. 1--35, 2010. S. X. Wu et W. Banzhaf, ≪ The use of computational intelligence in intrusion detection systems: A review ≫, Applied soft computing, vol. 10, no 1, p. 1--35, 2010."}],"event":{"name":"BDIoT'19: The 4th International Conference On Big Data and Internet of Things","acronym":"BDIoT'19","location":"Rabat Morocco"},"container-title":["Proceedings of the 4th International Conference on Big Data and Internet of Things"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372938.3372990","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3372938.3372990","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T17:49:58Z","timestamp":1750268998000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3372938.3372990"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,10,23]]},"references-count":51,"alternative-id":["10.1145\/3372938.3372990","10.1145\/3372938"],"URL":"https:\/\/doi.org\/10.1145\/3372938.3372990","relation":{},"subject":[],"published":{"date-parts":[[2019,10,23]]},"assertion":[{"value":"2020-01-07","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}