S. O. Al-mamory and H. Zhang, Ids alerts correlation using grammar-based approach, Journal in Computer Virology, vol.5, issue.4, pp.271-282, 2009.

S. Axelsson, Intrusion detection systems: A survey and taxonomy, 2000.

S. Benferhat, T. Kenaza, and A. Mokhtari, False alert filtering and detection of high severe alerts using naive bayes, Computer Security Conference(CSC'08), 2008.
URL : https://hal.archives-ouvertes.fr/hal-00870820

S. Benferhat, T. Kenaza, and A. Mokhtari, Tree-augmented naive bayes for alert correlation, 3rd conference on Advances in Computer Security and Forensics(ACSF'08), pp.45-52, 2008.
URL : https://hal.archives-ouvertes.fr/hal-00800736

S. Benferhat and K. Sedki, Alert correlation based on a logical handling of administrator preferences and knowledge, International Conference on Security and Cryptography(SECRYPT'08), pp.50-56, 2008.
URL : https://hal.archives-ouvertes.fr/hal-00800733

S. Benferhat and K. Tabia, Novel and anomalous behavior detection using bayesian network classifiers, Proceedings of the International Conference on Security and Cryptography, pp.13-20, 2008.
URL : https://hal.archives-ouvertes.fr/hal-00800749

Z. Bin and A. Ghorbani, Alert correlation for extracting attack strategies, I. J. Network Security, vol.3, issue.3, pp.244-258, 2006.

A. Cano, J. G. Castellano, A. R. Masegosa, and S. Moral, Methods to determine the branching attribute in bayesian multinets classifiers, 8th European Conference on Symbolic and Quantitative Approaches to Reasoning with Uncertainty, ECSQARU'05, pp.932-943, 2005.

J. Cheng and R. Greiner, Learning bayesian belief network classifiers: Algorithms and system, 14th Conference of the Canadian Society on Computational Studies of Intelligence, pp.141-151, 2001.

C. Chow, On optimum recognition error and reject tradeoff, IEEE Transactions on Information Theory, vol.16, issue.1, pp.41-46, 1970.

C. Chow and C. Liu, Approximating discrete probability distributions with dependence trees. Information Theory, IEEE Transactions on, vol.14, issue.3, pp.462-467, 1968.

F. Cuppens and A. Miège, Alert correlation in a cooperative intrusion detection framework, IEEE Symposium on Security and Privacy, pp.187-200, 2002.

O. Dain and R. K. Cunningham, Fusing a heterogeneous alert stream into scenarios, Proceedings of the 2001 ACM workshop on Data Mining for Security Applications, pp.1-13, 2001.

H. Debar and A. Wespi, Aggregation and correlation of intrusion-detection alerts, Recent Advances in Intrusion Detection, pp.85-103, 2001.

A. Faour and P. Leray, A som and bayesian network architecture for alert filtering in network intrusion detection systems, RTS -Conference on Real-Time and Embedded Systems, pp.1161-1166, 2006.

T. Fawcett, Roc graphs: Notes and practical considerations for data mining researchers, 2003.

O. Francois and P. Leray, Evaluation d'algorithmes d'apprentissage de structure pour les réseaux bayésiens, Proceedings of 14eme Congrès Francophone Reconnaissance des Formes et Intelligence Artificielle, pp.1453-1460, 2004.

N. Friedman, D. Geiger, M. Goldszmidt, G. Provan, P. Langley et al., Bayesian network classifiers, Machine Learning, pp.131-163, 1997.

D. Geiger and D. Heckerman, Knowledge representation and inference in similarity networks and bayesian multinets, Artif. Intell, vol.82, issue.1-2, pp.45-74, 1996.

F. V. Jensen and T. D. Nielsen, Bayesian Networks and Decision Graphs (Information Science and Statistics), 2007.

K. Julisch and M. Dacier, Mining intrusion detection alarms for actionable knowledge, Eighth ACM SIGKDD international conference on Knowledge discovery and data mining, pp.366-375, 2002.

P. Leray, H. Zaragoza, and F. D'alch-buc, Pertinence des mesures de confiance en classification, 12eme Congres Francophone AFRIF-AFIA Reconnaissance des Formes et Intelligence Articifielle (RFIA 2000), pp.267-276, 2000.
URL : https://hal.archives-ouvertes.fr/hal-01573394

W. Lingyu, L. Anyi, and J. Sushil, Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts, Comput. Commun, vol.29, issue.15, pp.2917-2933, 2006.

M. G. Madden, Evaluation of the performance of the markov blanket bayesian classifier algorithm, 2002.

P. Ning, Y. Cui, and D. S. Reeves, Constructing attack scenarios through correlation of intrusion alerts, 9th ACM conference on Computer and communications security, pp.245-254, 2002.

A. Patcha and J. Park, An overview of anomaly detection techniques: Existing solutions and latest technological trends, Computer Networks, vol.51, issue.12, pp.3448-3470, 2007.

J. Pearl, Probabilistic reasoning in intelligent systems: networks of plausible inference, 1988.

J. and R. Quinlan, C4.5: programs for machine learning, 1993.

M. Roesch, Snort -lightweight intrusion detection for networks, pp.229-238, 1999.

R. Smith, N. Japkowicz, M. Dondo, and P. Mason, Using unsupervised learning for network alert correlation, 21st conference on Advances in artificial intelligence, pp.308-319, 2008.

S. Staniford, J. A. Hoagland, and J. M. Mcalerney, Practical automated detection of stealthy portscans, J. Comput. Secur, vol.10, issue.1-2, pp.105-136, 2002.

G. C. Tjhai, M. Papadaki, S. Furnell, and N. L. Clarke, Investigating the problem of ids false alarms: An experimental study using snort, 23rd International Information Security Conference SEC 2008, pp.253-267, 2008.

E. Tombini, H. Debar, L. Mé, and M. Ducassé, A Serial Combination of Anomaly and Misuse IDSes Applied to HTTP Traffic, Annual Computer Security Applications Conference, vol.12, 2004.
URL : https://hal.archives-ouvertes.fr/hal-00356403

A. Valdes and K. Skinner, Adaptive, model-based monitoring for cyber attack detection, Recent Advances in Intrusion Detection, pp.80-92, 2000.

A. Valdes and K. Skinner, Probabilistic alert correlation, Recent Advances in Intrusion Detection, pp.54-68, 2001.

F. Verleysen, D. Rossi, and . François, Advances in Feature Selection with Mutual Information, Similarity-Based Clustering, pp.52-69, 2009.
URL : https://hal.archives-ouvertes.fr/hal-00413154

T. Wojciech, Anomaly-based intrusion detection using bayesian networks. depcos-relcomex, vol.0, pp.211-218, 2008.