A survey on systems security metrics
M Pendleton, R Garcia-Lebron, JH Cho… - ACM Computing Surveys …, 2016 - dl.acm.org
Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …
systematically explored based on the understanding of attack-defense interactions, which …
[图书][B] Directions in security metrics research
W Jansen - 2010 - books.google.com
Information security metrics are seen as an important factor in making sound decisions
about various aspects of security, ranging from the design of security architectures and …
about various aspects of security, ranging from the design of security architectures and …
[PDF][PDF] A guide to security metrics
SC Payne - SANS Institute Information Security Reading Room, 2006 - researchgate.net
The pressure is on. Various surveys indicate that over the past several years computer
security has risen in priority for many organizations. Spending on IT security has increased …
security has risen in priority for many organizations. Spending on IT security has increased …
Empirical analysis of system-level vulnerability metrics through actual attacks
H Holm, M Ekstedt, D Andersson - IEEE Transactions on …, 2012 - ieeexplore.ieee.org
The Common Vulnerability Scoring System (CVSS) is a widely used and well-established
standard for classifying the severity of security vulnerabilities. For instance, all vulnerabilities …
standard for classifying the severity of security vulnerabilities. For instance, all vulnerabilities …
Adversary-driven state-based system security evaluation
E LeMay, W Unkenholz, D Parks, C Muehrcke… - Proceedings of the 6th …, 2010 - dl.acm.org
To provide insight on system security and aid decision-makers, we propose the ADversary
VIew Security Evaluation (ADVISE) method to quantitatively evaluate the strength of a …
VIew Security Evaluation (ADVISE) method to quantitatively evaluate the strength of a …
[HTML][HTML] System security assurance: A systematic literature review
A Shukla, B Katt, LO Nweke, PK Yeng… - Computer Science …, 2022 - Elsevier
Abstract System security assurance provides the confidence that security features, practices,
procedures, and architecture of software systems mediate and enforce the security policy …
procedures, and architecture of software systems mediate and enforce the security policy …
Towards a taxonomy for information security metrics
RM Savola - Proceedings of the 2007 ACM Workshop on Quality of …, 2007 - dl.acm.org
Systematic approaches to measuring security are needed in order to obtain evidence of the
security performance of products or an organization. In this study we survey the emerging …
security performance of products or an organization. In this study we survey the emerging …
Taxonomies of attacks and vulnerabilities in computer systems
VM Igure, RD Williams - IEEE Communications Surveys & …, 2008 - ieeexplore.ieee.org
Security assessment of a system is a difficult problem. Most of the current efforts in security
assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still …
assessment involve searching for known vulnerabilities. Finding unknown vulnerabilities still …
[图书][B] Measuring a system's attack surface
P Manadhata, JM Wing - 2004 - reports-archive.adm.cs.cmu.edu
We propose a metric to determine whether one version of a system is relatively more secure
than another with respect to the system's attack surface. Intuitively, the more exposed the …
than another with respect to the system's attack surface. Intuitively, the more exposed the …
Exploring attack graph for cost-benefit security hardening: A probabilistic approach
S Wang, Z Zhang, Y Kadobayashi - Computers & security, 2013 - Elsevier
The increasing complexity of today's computer systems, together with the rapid emergence
of novel vulnerabilities, make security hardening a formidable challenge for security …
of novel vulnerabilities, make security hardening a formidable challenge for security …