A survey on systems security metrics
M Pendleton, R Garcia-Lebron, JH Cho… - ACM Computing Surveys …, 2016 - dl.acm.org
Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …
systematically explored based on the understanding of attack-defense interactions, which …
Quantified security is a weak hypothesis: a critical survey of results and assumptions
V Verendel - Proceedings of the 2009 workshop on New security …, 2009 - dl.acm.org
This paper critically surveys previous work on quantitative representation and analysis of
security. Such quantified security has been presented as a general approach to precisely …
security. Such quantified security has been presented as a general approach to precisely …
Cybersecurity for critical infrastructures: Attack and defense modeling
Disruption of electric power operations can be catastrophic on national security and the
economy. Due to the complexity of widely dispersed assets and the interdependences …
economy. Due to the complexity of widely dispersed assets and the interdependences …
Model-based evaluation: from dependability to security
DM Nicol, WH Sanders… - IEEE Transactions on …, 2004 - ieeexplore.ieee.org
The development of techniques for quantitative, model-based evaluation of computer system
dependability has a long and rich history. A wide array of model-based evaluation …
dependability has a long and rich history. A wide array of model-based evaluation …
Measuring, analyzing and predicting security vulnerabilities in software systems
In this work we examine the feasibility of quantitatively characterizing some aspects of
security. In particular, we investigate if it is possible to predict the number of vulnerabilities …
security. In particular, we investigate if it is possible to predict the number of vulnerabilities …
[图书][B] Computer science handbook
AB Tucker - 2004 - taylorfrancis.com
When you think about how far and fast computer science has progressed in recent years, it's
not hard to conclude that a seven-year old handbook may fall a little short of the kind of …
not hard to conclude that a seven-year old handbook may fall a little short of the kind of …
A method for modeling and quantifying the security attributes of intrusion tolerant systems
BB Madan, K Goševa-Popstojanova… - Performance …, 2004 - Elsevier
Complex software and network based information server systems may exhibit failures. Quite
often, such failures may not be accidental. Instead some failures may be caused by …
often, such failures may not be accidental. Instead some failures may be caused by …
Extending attack graph-based security metrics and aggregating their application
N Idika, B Bhargava - IEEE Transactions on dependable and …, 2010 - ieeexplore.ieee.org
The attack graph is an abstraction that reveals the ways an attacker can leverage
vulnerabilities in a network to violate a security policy. When used with attack graph-based …
vulnerabilities in a network to violate a security policy. When used with attack graph-based …
Model-based quantitative network security metrics: A survey
A Ramos, M Lazar, R Holanda Filho… - … Surveys & Tutorials, 2017 - ieeexplore.ieee.org
Network security metrics (NSMs) based on models allow to quantitatively evaluate the
overall resilience of networked systems against attacks. For that reason, such metrics are of …
overall resilience of networked systems against attacks. For that reason, such metrics are of …
Time-to-compromise model for cyber risk reduction estimation
MA McQueen, WF Boyer, MA Flynn… - Quality of Protection …, 2006 - Springer
We propose a new model for estimating the time to compromise a system component that is
visible to an attacker. The model provides an estimate of the expected value of the time-to …
visible to an attacker. The model provides an estimate of the expected value of the time-to …