Table 15 A subjective comparison between the proposed approach and other correlation methods

Debar and Wespi [73]

Alert Correlation

–

–

–

–

–

Valeur et al. [74]

Alert Correlation

–

–

\(\checkmark\)

–

–

Wang and Chiou [75]

Alert Correlation

\(\checkmark\)

–

–

–

–

Valdes and Skinner [76]

Alert Correlation

–

–

\(\checkmark\)

–

–

Julisch 2001 [77]

Alert Correlation

\(\checkmark\)

–

–

–

–

Julisch 2003 [78]

Alert Correlation

\(\checkmark\)

–

–

–

–

Al-Mamory and Zhang [79]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Peng et al. [80]

Alert Correlation

\(\checkmark\)

–

–

–

–

Qin and Lee [81]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Goldman et al. [82]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Viinikka et al. [83]

Alert Correlation

–

–

–

–

–

Treinen and Thurimella [84]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Ourston et al. [41]

Alert Correlation

–

–

\(\checkmark\)

–

–

Ren et al. [85]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Zhitang et al. [86]

Alert Correlation

–

–

\(\checkmark\)

–

–

Ma et al. [87]

Alert Correlation

–

–

\(\checkmark\)

–

–

Zhitang et al. [88]

Alert Correlation

–

–

\(\checkmark\)

–

–

Farhadi et al. [89]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Manganiello et al. [90]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Soleimani and Ghorbani [91]

Alert Correlation

–

–

\(\checkmark\)

–

–

Ramaki et al. [92]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Ghafir et al. [40]

Alert Correlation

–

–

\(\checkmark\)

–

–

Lajevardi and Amini [16]

Event Correlation

\(\checkmark\)

\(\checkmark\)

\(\checkmark\)

\(\checkmark\)

–

Mohamed and Belaton [38]

Alert Correlation

\(\checkmark\)

–

\(\checkmark\)

–

–

Our proposed approach

Event Correlation

\(\checkmark\)

\(\checkmark\)

\(\checkmark\)

\(\checkmark\)

\(\checkmark\)