1Eric Totel, Bernard Vivinis, Ludovic Me. A language driven intrusion detection system for event and alert correlation[C]. Proceedings at the 19th IFtP International Information Security Conference. Kluwer Academic, August 2004.
2K. Julisch. Clustering intrusion detection alarms to support root cause analysis[J]. ACM Transactions on Information and System Security,6(4):443 - 471, Nov 2003.
