1. Abad, C., Taylor, J., Sengul, C., Yurcik, W., Zhou, Y., Rowe, K.: Log correlation for intrusion detection: A proof of concept. In: ACSAC 2003: Proceedings of the 19th Annual Computer Security Applications Conference, p. 255. IEEE Computer Society, Los Alamitos (2003)
2. Almgren, M., Debar, H., Dacier, M.: A lightweight tool for detecting web server attacks. In: Tsudik, G., Rubin, A. (eds.) Network and Distributed System Security Symposium (NDSS 2000), San Diego, USA, Feburary 3–4, 2000, pp. 157–170. Internet Society (2000)
3. Almgren, M., Jonsson, E., Lindqvist, U.: A comparison of alternative audit sources for web server attack detection. In: Erlingsson, Ú., Sabelfeld, A. (eds.) 12th Nordic Workshop on Secure IT Systems (NordSec 2007), October 11–12, pp. 101–112. Reykjavík University, Iceland (2007)
4. Axelsson, S.: The base-rate fallacy and its implications for the difficulty of intrusion detection. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, November 1999. Kent Ridge Digital Labs (1999)
5. Breese, J., Koller, D.: Tutorial on Bayesian Networks. Internet (1997),
http://robotics.stanford.edu/~koller/BNtut/BNtut.ppt