S. A. Çamtepe and B. Yener, Modeling and detection of complex attacks, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops, SecureComm 2007, 2007.
DOI : 10.1109/SECCOM.2007.4550338

G. G. Granadillo, Y. B. Mustapha, N. Hachem, and H. Debar, An ontology-based model for siem environments, ICGS3 '11 : 7th Int. Conf. in Global Security, Safety and Sustainability, pp.148-155, 2012.
URL : https://hal.archives-ouvertes.fr/hal-00728521

S. Jajodia and S. Noel, Topological Vulnerability Analysis, 2007.
DOI : 10.1007/978-1-4419-0140-8_7
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.178.1935

B. Morin, L. Mé, H. Debar, and M. Duccassé, A logic-based model to support alert correlation in intrusion detection, Information Fusion, vol.10, issue.4, pp.285-299, 2009.
DOI : 10.1016/j.inffus.2009.01.005
URL : https://hal.archives-ouvertes.fr/hal-00353059

S. Noel, E. Robertson, and S. Jajodia, Correlating Intrusion Events and Building Attack Scenarios Through Attack Graph Distances, 20th Annual Computer Security Applications Conference, pp.350-359, 2004.
DOI : 10.1109/CSAC.2004.11
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.116.8984

S. Roschke, F. Cheng, and C. Meinel, A New Alert Correlation Algorithm Based on Attack Graph, Computational Intelligence in Security for Information Systems, 2011.
DOI : 10.1007/978-3-642-21323-6_8

B. Schneier, Attack Trees, Journal, vol.24, issue.12, pp.21-29, 1999.
DOI : 10.1002/9781119183631.ch21

D. Xu and P. Ning, Alert correlation through triggering events and common resources, ACSAC, 2004.