A survey of moving target defenses for network security
Network defenses based on traditional tools, techniques, and procedures (TTP) fail to
account for the attacker's inherent advantage present due to the static nature of network …
account for the attacker's inherent advantage present due to the static nature of network …
A survey on systems security metrics
M Pendleton, R Garcia-Lebron, JH Cho… - ACM Computing Surveys …, 2016 - dl.acm.org
Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …
systematically explored based on the understanding of attack-defense interactions, which …
Dynamic security risk management using bayesian attack graphs
Security risk assessment and mitigation are two vital processes that need to be executed to
maintain a productive IT infrastructure. On one hand, models such as attack graphs and …
maintain a productive IT infrastructure. On one hand, models such as attack graphs and …
DAG-based attack and defense modeling: Don't miss the forest for the attack trees
B Kordy, L Piètre-Cambacédès, P Schweitzer - Computer science review, 2014 - Elsevier
This paper presents the current state of the art on attack and defense modeling approaches
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
An attack surface metric
PK Manadhata, JM Wing - IEEE Transactions on Software …, 2010 - ieeexplore.ieee.org
Measurement of software security is a long-standing challenge to the research community.
At the same time, practical security metrics and measurements are essential for secure …
At the same time, practical security metrics and measurements are essential for secure …
Learning to predict severity of software vulnerability using only vulnerability description
Software vulnerabilities pose significant security risks to the host computing system. Faced
with continuous disclosure of software vulnerabilities, system administrators must prioritize …
with continuous disclosure of software vulnerabilities, system administrators must prioritize …
Systematic literature review of security event correlation methods
Security event correlation approaches are necessary to detect and predict incremental
threats such as multi-step or targeted attacks (advanced persistent threats) and other causal …
threats such as multi-step or targeted attacks (advanced persistent threats) and other causal …
[PDF][PDF] The diamond model of intrusion analysis
S Caltagirone, A Pendergast, C Betz - Threat Connect, 2013 - threatintel.academy
This paper presents a novel model of intrusion analysis built by analysts, derived from years
of experience, asking the simple question,“What is the underlying method to our work?” The …
of experience, asking the simple question,“What is the underlying method to our work?” The …
Measuring network security using dynamic bayesian network
Given the increasing dependence of our societies on networked information systems, the
overall security of these systems should be measured and improved. Existing security …
overall security of these systems should be measured and improved. Existing security …
Comparing vulnerability severity and exploits using case-control studies
L Allodi, F Massacci - ACM Transactions on Information and System …, 2014 - dl.acm.org
(US) Rule-based policies for mitigating software risk suggest using the CVSS score to
measure the risk of an individual vulnerability and act accordingly. A key issue is whether …
measure the risk of an individual vulnerability and act accordingly. A key issue is whether …