1. Amoroso, E.G. Intrusion Detection: An Introduction to Internet Surveillance, Correlation, Trace Back, Traps, and Response. Sparta, NJ: Intrusion.Net Books, 1999.

2. Axelsson, S. The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security, 3, 3 (2000), 186-205.

3. Bace, R., and Mell, P. NIST special publication on intrusion detection systems. White Paper, United States Department of Commerce, Gaithersburg, MD, 2001 (available at http://csrc.nist.gov/publications/nistpubs/800-31/sp800-31.pdf.

4. Balepin, I.; Maltsev, S.; Rowe, J.; and Levitt, K. Using specification-based intrusion detection for automated response. In G. Vigna, E. Jonsson, and C. Krugel (eds.), Proceedings of the Sixth International Symposium on Recent Advances in Intrusion Detection (RAID 2003). Berlin: Springer, 2003, pp. 136-154.

5. Carver, C.A., Jr., and Pooch, U.W. An intrusion response taxonomy and its role in automatic intrusion response. In Proceedings of the 2000 IEEE Workshop on Information Assurance and Security. Los Alamitos, CA: IEEE Computer Society, 2000, pp. 129-135.