1. Browne, H. Arbaugh, W. A., Hugh, J. M., AND Fithen, W. L. A trend analysis of exploitations. In Proceedings of the 2001 IEEE Symposium on Security and Privacy (Oakland, CA, May 2001).

2. Cert Coordination Center. Multiple intrusion detection systems may be circumvented via %u encoding. Cert-CC Vulnerability Note VU#548515, July 2001.

3. Curry, D., AND Debar, H. Intrusion detection message exchange format data model and extensible markup language (xml) document type definition. Internet Draft (work in progress), December 2001.

4. Debar, H., Dacier, M., AND Wespi, A. Reference Audit Information Generation for Intrusion Detection Systems. In Proceedings of IFIPSEC’98 (Vienna, Austria and Budapest, Hungaria, August 31-September 4 1998), pp. 405–417.

5. Debar, H., AND Wespi, A. Aggregation and correlation of intrusion-detection alerts. In Proceedings of RAID 2001 (Davis, CA, USA, October 2001), pp. 85–103.