F. Valeur, Real-Time Intrusion Detection Alert Correlation, 2006.

S. Jajodia and S. Noel, Topological Vulnerability Analysis: A Powerful New Approach For Network Attack Prevention, Detection, and Response, 2007.
DOI : 10.1142/9789812836243_0013

R. W. Ritchey and P. Ammann, Using model checking to analyze network vulnerabilities, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000, 2000.
DOI : 10.1109/SECPRI.2000.848453

X. Ou, W. F. Boyer, and M. A. Mcqueen, A scalable approach to attack graph generation, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.336-345, 2006.
DOI : 10.1145/1180405.1180446

E. Godefroy, E. Totel, M. Hurfin, and F. Majorczyk, Génération automatique de règles de corrélation pour la détection d'attaques complexes, In : SARSSI, 2014.

G. G. Granadillo, Y. B. Mustapha, N. Hachem, and H. Debar, An ontology-based model for siem environments, ICGS3 '11 : 7th Int. Conf. in Global Security, Safety and Sustainability, pp.148-155, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00728521

B. Morin, L. Mé, H. Debar, and M. Duccassé, A logic-based model to support alert correlation in intrusion detection, Information Fusion, vol.10, issue.4, pp.285-299, 2009.
DOI : 10.1016/j.inffus.2009.01.005
URL : https://hal.archives-ouvertes.fr/hal-00353059