Model-based security metrics using adversary view security evaluation (advise)
System architects need quantitative security metrics to make informed trade-off decisions
involving system security. The security metrics need to provide insight on weak points in the …
involving system security. The security metrics need to provide insight on weak points in the …
An empirical study on using the national vulnerability database to predict software vulnerabilities
Software vulnerabilities represent a major cause of cyber-security problems. The National
Vulnerability Database (NVD) is a public data source that maintains standardized …
Vulnerability Database (NVD) is a public data source that maintains standardized …
Ranking attack graphs
A majority of attacks on computer systems result from a combination of vulnerabilities
exploited by an intruder to break into the system. An Attack Graph is a general formalism …
exploited by an intruder to break into the system. An Attack Graph is a general formalism …
[图书][B] Scenario graphs and attack graphs
OM Sheyner - 2004 - search.proquest.com
We develop formal techniques that give users flexibility in examining design errors
discovered by automated analysis. We build our results using the model checking approach …
discovered by automated analysis. We build our results using the model checking approach …
Cyber attack exposure evaluation framework for the smart grid
A Hahn, M Govindarasu - IEEE Transactions on Smart Grid, 2011 - ieeexplore.ieee.org
The smart grid's heavy reliance on cyber resources introduces numerous security concerns.
The substantial attack surface presented by the advanced metering infrastructure (AMI) …
The substantial attack surface presented by the advanced metering infrastructure (AMI) …
Network vulnerability assessment using Bayesian networks
Y Liu, H Man - … assurance, and data networks security 2005, 2005 - spiedigitallibrary.org
While computer vulnerabilities have been continually reported in laundry-list format by most
commercial scanners, a comprehensive network vulnerability assessment has been an …
commercial scanners, a comprehensive network vulnerability assessment has been an …
Model-based quantitative network security metrics: A survey
A Ramos, M Lazar, R Holanda Filho… - … Surveys & Tutorials, 2017 - ieeexplore.ieee.org
Network security metrics (NSMs) based on models allow to quantitatively evaluate the
overall resilience of networked systems against attacks. For that reason, such metrics are of …
overall resilience of networked systems against attacks. For that reason, such metrics are of …
Aggregating vulnerability metrics in enterprise networks using attack graphs
Quantifying security risk is an important and yet difficult task in enterprise network security
management. While metrics exist for individual software vulnerabilities, there is currently no …
management. While metrics exist for individual software vulnerabilities, there is currently no …
Time-to-compromise model for cyber risk reduction estimation
MA McQueen, WF Boyer, MA Flynn… - Quality of Protection …, 2006 - Springer
We propose a new model for estimating the time to compromise a system component that is
visible to an attacker. The model provides an estimate of the expected value of the time-to …
visible to an attacker. The model provides an estimate of the expected value of the time-to …
A survey on the usability and practical applications of graphical security models
This paper presents and discusses the current state of Graphical Security Models (GrSM), in
terms of four GrSM phases:(i) generation,(ii) representation,(iii) evaluation, and (iv) …
terms of four GrSM phases:(i) generation,(ii) representation,(iii) evaluation, and (iv) …