Experimenting with quantitative evaluation tools for monitoring operational security
R Ortalo, Y Deswarte… - IEEE Transactions on …, 1999 - ieeexplore.ieee.org
This paper presents the results of an experiment in security evaluation. The system is
modeled as a privilege graph that exhibits its security vulnerabilities. Quantitative measures …
modeled as a privilege graph that exhibits its security vulnerabilities. Quantitative measures …
How to systematically classify computer security intrusions
U Lindqvist, E Jonsson - … on Security and Privacy (Cat. No …, 1997 - ieeexplore.ieee.org
This paper presents a classification of intrusions with respect to the technique as well the
result. The taxonomy is intended to be a step on the road to an established taxonomy of …
result. The taxonomy is intended to be a step on the road to an established taxonomy of …
A quantitative model of the security intrusion process based on attacker behavior
E Jonsson, T Olovsson - IEEE Transactions on Software …, 1997 - ieeexplore.ieee.org
The paper is based on a conceptual framework in which security can be split into two
generic types of characteristics, behavioral and preventive. Here, preventive security …
generic types of characteristics, behavioral and preventive. Here, preventive security …
[PDF][PDF] Quantitative assessment of operational security: Models and tools
This paper proposes a novel approach to help computing system administrators in
monitoring the security of their systems. This approach is based on modeling the system as …
monitoring the security of their systems. This approach is based on modeling the system as …
An integrated framework for security and dependability
E Jonsson - Proceedings of the 1998 workshop on New security …, 1998 - dl.acm.org
This paper deals with the problem of interpreting security and dependability in such a way
that they can be incorporated into the same framework. This calls for a modified …
that they can be incorporated into the same framework. This calls for a modified …
Development of a method for quantifying relative importance of NPP cyber attack probability variables based on factor analysis and AHP
The cyber security of NPPs recently has become a major issue, and a utility in Korea is
requested to follow cyber security controls and to perform cyber security risk management …
requested to follow cyber security controls and to perform cyber security risk management …
A framework for security metrics based on operational system attributes
E Jonsson, L Pirzadeh - 2011 Third International Workshop on …, 2011 - ieeexplore.ieee.org
There exists a large number of suggestions for how to measure security, with different goals
and objectives. The application areas range from business management and organizational …
and objectives. The application areas range from business management and organizational …
E-WBM: An effort-based vulnerability discovery model
X Wang, R Ma, B Li, D Tian, X Wang - IEEE Access, 2019 - ieeexplore.ieee.org
Vulnerability discovery models (VDMs) have recently been proposed to estimate the
cumulative number of vulnerabilities that will be disclosed after software is released. A …
cumulative number of vulnerabilities that will be disclosed after software is released. A …
[HTML][HTML] An approach to UNIX security logging
S Axelsson, U Lindqvist, U Gustafson… - Proceedings of the …, 1998 - books.google.com
Off-line intrusion detection systems rely on logged data. However, the logging mechanism
may be complicated and time-consuming and the amount of logged data tends to be very …
may be complicated and time-consuming and the amount of logged data tends to be very …
[PDF][PDF] Intrusion-resilient middleware design and validation
Intrusion Tolerance has become a reference paradigm for dealing with intrusions and
accidental faults, achieving security and dependability in an automatic way, much along the …
accidental faults, achieving security and dependability in an automatic way, much along the …