[1] A. A. Aburomman, M. B. IbneReaz, A survey of intrusion detection systems based on ensemble and hybrid
classifiers, Computers & security, 65 (2017) 135-152.
[2] J. Akhtar-Khan and N. Jain, A survey on intrusion detection systems and classification techniques, International
journal of scientific research in science, Engineering and technology, 2 (2016) 202-208.
[3] S.O. Al-Mamory and H.L. Zhang, Building scenario graph using clustering, Proceedings of the 2007 international
conference on convergence information technology, IEEE computer society, (2007) 799-804.
[4] S.O. Al-Mamory and H.L. Zhang, Scenario discovery using abstracted correlation graph, International conference
on computational intelligence and security, IEEE computer society, (2007) 702-706.
[5] J. P. Anderson, Computer security threat monitoring and surveillance, Technical report, James P. Anderson
company, Fort Washington, 1980.
[6] R. A. R. Ashfaqand et al, Fuzziness based semi-supervised learning approach for intrusion detection system,
Information sciences 0 0 0 (2016) 1-14.
[7] A. Chmielewskiand S. T. Wierzchon, Hybrid negative selection approach for anomaly detection, In computer
information systems and industrial management, Springer Berlin Heidelberg, (2012) 242-253.
[8] S. Duque and et al, Using data mining algorithms for developing a model for intrusion detection system (IDS),
Procedia computer science, 61 (2015) 46-51.
[9] C. Guo, Y. Zhou, Y. Ping, S. Luo, Y. P. Lai and Z. Zhang, Efficient intrusion detection using representative
instances, Computers and security, 39 (B) (2013) 255-267.
[10] K. K. Gupta, B. Nath and R. Kotagiri, Layered approach using conditional random fields for intrusion detection,
IEEE trans., Dependable secur. comput. , 7 (1)(2010) 35-49.
[11] K. Gupta, S. Singhal, S. Malik and A. Singh, Network intrusion detection system using various data mining
techniques, International conference on research advances in integrated navigation systems (RAINS), (May 2016)
6-7.
[12] T. Hastie, R. Tibshirani and J. Friedman, The elements of statistical learning: Data mining, inference and
prediction, Springer, 2001.
[13] K. Julisch, Clustering intrusion detection alarms to support rootcause analysis, ACM transactions on information
and system security (TISSEC), 6 (4) (2003) 443e71.
[14] N. K. Kanakarajan and K. Muniasamy, Improving the accuracy of intrusion detection using GAR-Forest with
feature selection, Proceedings of the 4
th international conference on frontiers in intelligent computing: theory and
applications (FICTA) 2015 Springer, (2016) 539-547.
[15] KDD cup 1999 data,(1999), Available:http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
[16] B. Khosravifar, M. Gomrokchi and J .Bentahar, A multi-agent based approach to improve intrusion detection
systems false alarm ratio by using honeypot, International conference on advanced information networking and
applications workshops, (2009) 97-102.
[17] Laboratory ML, Darpa2000 intrusion detection scenario specific data sets, https://www.ll.mit.edu/rd/datasets/2000-darpa-intrusion-detection-scenario-specific-datasets.
[18] H. H. Lin, C. H. Mao and H. M. Lee, False alarm reduction by weighted score-based rule adaptation through expert
feedback, At the second international workshop on multimedia, Information privacy and intelligent computing
systems (MPIS), Jeju island, Korea, 2009.
[19] H. S. Lin, H. K. Pao, C. H. Mao, H. M. Lee, T. Chen and Y. J.Lee, Adaptive alarm filtering by causal correlation
consideration in intrusion detection, First KES international symposium on intelligent decision technologies (IDT),
2009.
[20] Y. Liu and L. Zhu, A new intrusion detection and alarm correlation technology based on neural network, EURASIP
Journal on Wireless communications and networking 2019, (2019) 109.
[21] P. Ning, Y. Cui and S. Reeves, Constructing attack scenarios through correlation of intrusion alerts, In proceedings
of the 9
th ACM conference on computer and communications security, ACM, (2002) 245-254.
[22] P. Ning, Y. Cui, D. S. Reeves, Techniques and tools for analyzing intrusion alerts, ACM transactions on information and system security, 7 (2) (2004) 274-318.
[23] H. H. Pajouh, G. Dastghaibyfard and S. Hashemi, Two-tier network anomaly detection model: a machine learning
approach, J Intell Inf Syst, (2015) 1-14.
[24] M. Panda, A. Abraham and M. R. Patra, A hybrid intelligent approach for network intrusion detection, Procedia
engineering, 30 (2012) 1-9.
[25] T. Pietraszek, Using adaptive alert classification to reduce false positives in intrusion detection, Proceedings of
the 7
th symposium on recent advances in intrusion detection (RAID), Springer-Verlag, 3224 (2004) 102-124.
[26] K. Polat, S. Gunes, Principles component analysis, fuzzy weighting pre-processing and artificial immune recogni-tion system based diagnostic system for diagnosis of lung cancer, Expert systems with applications, 34 (1) (2008)
214-221.
[27] R. Sadoddin, A. A. Ghorbani, An incremental frequent structure mining framework for real-time alert correlation,
Computers and security, 28 (3-4) (2009) 153-173.
[28] ST. Sarasamma, QA. Zhu, Min-max hyper ellipsoidal clustering for anomaly detection in network security, IEEE
transactions on systems, Man and cybernetics, 36(4) (2006) 887-901.
[29] F. Shen, O. Hasegawa, A fast nearest neighbor classifier based on self-organizing incremental neural network,
Neural networks, 21 (2008) 1537-1547.
[30] R. Shittu, A. Healing, R. Ghanea-Hercock, R. E. Bloomfield and M.Rajarajan, Intrusion alert prioritisation and
attack detection using post-correlation analysis, Computers & security, 50 (2015) 1-15.
[31] G. Spathoulas and S. Katsikas, Reducing false positives in intrusion detection systems, Computers & security, 29
(1) (2010) 35-44.
[32] P. Srinivasu and P. S. Avadhani, Genetic algorithm based weight extraction algorithm for rtificial neural network
classifier in intrusion detection, Procedia engineering, 38 (2012) 144-153.
[33] R. Vaarandi, K. Podins, Network IDS alert classification with frequent itemset mining and data clustering, CNSM
2010, (2010) 451-456.
[34] A. Valdes and K. Skinner, Probabilistic alert correlation, In proceedings of the 4
th international symposium on
recent advances in intrusion detection, (2001) 54-68.
[35] F. Valeur, G. Vigna, C. Kruegel and R. Kemmerer, Acomprehensive approach to intrusion detection alert correlation, IEEE transactions on dependable and secure computing, 1(3) (2004) 146-169.
[36] Y. Yi, J. Wu, W. Xu, Incremental SVM based on reserved set for network intrusion detection, Expert systems
with applications, 38(6) (2011) 7698-7707.
[37] J. Zhang, X. Chen, Research on intrusion detection of database based on Rough set, Physics procedia, 25 (2012)
1637-1641.
[38] B. Zhu, A. Ghorbani, Alert correlation for extracting attack strategies, International journal of network security,
3 (3) (2006) 244-258.