Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, and Isabelle Mathieu.
ASAX: Software architecture and rule-based language for universal
audit trail analysis.
In Proceedings of European Symposium on Research in Computer
Security, pages 435-450, November 1992.
Lawrence R. Halme and R. Kenneth Bauer.
AINT misbehaving - a taxonomy of anti-intrusion techniques.
In Proceedings of the 18th National Information Systems Security
Conference, pages 163-172, October 1995.
Lawrence R. Halme and John Van Horne.
Automated analysis of computer system audit trails for security
In Proceedings of the 9th National Computer Security
Conference, pages 71-74, September 1986.
Richard Heady, George Luger, Arthur Maccabe, and Mark Servilla.
The architecture of a network level intrusion detection system.
Technical Report CS90-20, Department of Computer Science, University
of New Mexico, August 1990.
Richard Heady, George Luger, Arthur Maccabe, Mark Servilla, and John
The prototype implementation of a network level intrusion detection
Technical Report CS91-11, Department of Computer Science, University
of New Mexico, April 1991.
L. Todd Heberlein, Gihan V. Dias, Karl N. Levitt, Biswanath Mukherjee, Jeff
Wood, and David Wolber.
A network security monitor.
In Proceedings of the 1990 IEEE Symposium on Research in
Security and Privacy, pages 296-304, May 1990.
James Hoagland, Christopher Wee, and Karl Levitt.
Audit log analysis using the visual audit browser toolkit.
Technical Report CSE-95-11, Department of Computer Science,
University of California, Davis, September 1995.
Judith Hochberg, Kathleen Jackson, Cathy Stallings, J. F. McClary, David
DuBois, and Josephine Ford.
NADIR: An automated system for detecting network intrusion and
Computers & Security, 12(3):235-248, May 1993.
Terran Lane and Carla E. Brodley.
Temporal Sequence Learning and Data Reduction for Anomaly Detection.
In Proceedings of the Fifth ACM Conference on Computer and
Communications Security, pages 150-158, 1998.
Abdelaziz Mounji and Baudouin Le Charlier.
Continuous assessment of a unix configuration: Integrating intrusion
detection and configuration analysis.
In Proceedings of the the ISOC 1997 Symposium On Network and
Distributed System Security, February 1997.
Audit reduction and misuse detection in heterogeneous environments:
Framework and applications.
In Proceedings of the 10th Annual Computer Security Applications
Conference, pages 117-125, December 1994.
Michael M. Sebring, Eric Shellhouse, Mary E. Hanna, and R. Alan Whitehurst.
Expert systems in intrusion detection: A case study.
In Proceedings of the 11th National Computer Security
Conference, pages 74-81, October 1988.
Steven R. Snapp, James Brentano, Gihan V. Dias, Terrance L. Goan, Tim Grance,
L. Todd Heberlein, Che-Lin Ho, Karl N. Levitt, Biswanath Mukherjee,
Douglass L. Mansur, Kenneth L. Pon, and Stephen E. Smaha.
A system for distributed intrusion detection.
In COMPCOM Spring '91 Digest of Papers, pages 170-176,
M. Sobirey, B. Richter, and H. Konig.
The intrusion detection system AID. architecture, and experiences
in automated audit analysis.
In Proceedings of the IFIP TC6/TC11 International Conference
on Communications and Multimedia Security, pages 278-290, September 1996.