| 2002 | A Mission-Impact-Based Approach to INFOSEC Alarm Correlation. Phillip A. Porras, Martin W. Fong, Alfonso Valdes |
| 2002 | A Stochastic Model for Intrusions. Robert P. Goldman |
| 2002 | Accurate Buffer Overflow Detection via Abstract Payload Execution. Thomas Toth, Christopher Krügel |
| 2002 | Analyzing Intensive Intrusion Alerts via Correlation. Peng Ning, Yun Cui, Douglas S. Reeves |
| 2002 | Attacks Against Computer Network: Formal Grammar-Based Framework and Simulation Tool. Vladimir I. Gorodetski, Igor V. Kotenko |
| 2002 | Capacity Verification for High Speed Network Intrusion Detection Systems. Mike Hall, Kevin Wiley |
| 2002 | Detecting Long Connection Chains of Interactive Terminal Sessions. Kwong H. Yung |
| 2002 | Detecting Malicious Software by Monitoring Anomalous Windows Registry Accesses. Frank Apap, Andrew Honig, Shlomo Hershkop, Eleazar Eskin, Salvatore J. Stolfo |
| 2002 | Development of a Legal Framework for Intrusion Detection. Steven R. Johnston |
| 2002 | Evaluation of the Diagnostic Capabilities of Commercial Intrusion Detection Systems. Hervé Debar, Benjamin Morin |
| 2002 | Introducing Reference Flow Control for Detecting Intrusion Symptoms at the OS Level. Jacob Zimmermann, Ludovic Mé, Christophe Bidan |
| 2002 | Learning Unknown Attacks - A Start. James E. Just, James C. Reynolds, Larry A. Clough, Melissa Danforth, Karl N. Levitt, Ryan Maglich, Jeff Rowe |
| 2002 | M2D2: A Formal Data Model for IDS Alert Correlation. Benjamin Morin, Ludovic Mé, Hervé Debar, Mireille Ducassé |
| 2002 | Multiscale Stepping-Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay. David L. Donoho, Ana Georgina Flesia, Umesh Shankar, Vern Paxson, Jason Coit, Stuart Staniford |
| 2002 | Performance Adaptation in Real-Time Intrusion Detection Systems. Wenke Lee, João B. D. Cabrera, Ashley Thomas, Niranjan Balwalli, Sunmeet Saluja, Yi Zhang |
| 2002 | Recent Advances in Intrusion Detection, 5th International Symposium, RAID 2002, Zurich, Switzerland, October 16-18, 2002, Proceedings Andreas Wespi, Giovanni Vigna, Luca Deri |
| 2002 | The Effect of Identifying Vulnerabilities and Patching Software on the Utility of Network Intrusion Detection. Richard Lippmann, Seth E. Webster, Douglas Stetson |
| 2002 | Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits. Kymie M. C. Tan, Kevin S. Killourhy, Roy A. Maxion |