A survey on data-driven software vulnerability assessment and prioritization
Software Vulnerabilities (SVs) are increasing in complexity and scale, posing great security
risks to many software systems. Given the limited resources in practice, SV assessment and …
risks to many software systems. Given the limited resources in practice, SV assessment and …
Attack graph analysis: an explanatory guide
K Zenitani - Computers & Security, 2023 - Elsevier
Attack graph analysis is a model-based approach for network-security analysis. It analyzes a
directed graph called an attack graph. Usually, each node in it corresponds to a malicious …
directed graph called an attack graph. Usually, each node in it corresponds to a malicious …
A quantitative CVSS-based cyber security risk assessment methodology for IT systems
IT system risk assessments are indispensable due to increasing cyber threats within our
ever-growing IT systems. Moreover, laws and regulations urge organizations to conduct risk …
ever-growing IT systems. Moreover, laws and regulations urge organizations to conduct risk …
SHARKS: Smart hacking approaches for risk scanning in Internet-of-Things and cyber-physical systems based on machine learning
Cyber-physical systems (CPS) and Internet-of-Things (IoT) devices are increasingly being
deployed across multiple functionalities, ranging from healthcare devices and wearables to …
deployed across multiple functionalities, ranging from healthcare devices and wearables to …
Architectural attack propagation analysis for identifying confidentiality issues
M Walter, R Heinrich… - 2022 IEEE 19th …, 2022 - ieeexplore.ieee.org
Exchanging data between different systems enables us to build new smart services and
digitise various areas of our daily life. This digitalisation leads to more efficient usage of …
digitise various areas of our daily life. This digitalisation leads to more efficient usage of …
Attack graph generation for microservice architecture
A Ibrahim, S Bozhinoski, A Pretschner - Proceedings of the 34th ACM …, 2019 - dl.acm.org
Microservices, which are typically technologically heterogenous and can be deployed
automatically, are increasingly dominating service systems. However, with increased …
automatically, are increasingly dominating service systems. However, with increased …
Identification of attack paths using kill chain and attack graphs
The ever-evolving capabilities of cyber attackers force security administrators to focus on the
early identification of emerging threats. Targeted cyber attacks usually consist of several …
early identification of emerging threats. Targeted cyber attacks usually consist of several …
[HTML][HTML] Survey: Automatic generation of attack trees and attack graphs
AM Konsta, AL Lafuente, B Spiga, N Dragoni - Computers & Security, 2024 - Elsevier
Graphical security models constitute a well-known, user-friendly way to represent the
security of a system. These classes of models are used by security experts to identify …
security of a system. These classes of models are used by security experts to identify …
Prometheus: Infrastructure security posture analysis with ai-generated attack graphs
The rampant occurrence of cybersecurity breaches imposes substantial limitations on the
progress of network infrastructures, leading to compromised data, financial losses, potential …
progress of network infrastructures, leading to compromised data, financial losses, potential …
IoT-PEN: An E2E penetration testing framework for IoT
The lack of inbuilt security protocols in cheap and resource-constrained Internet of Things
(IoT) devices give privilege to an attacker to exploit these device's vulnerabilities and break …
(IoT) devices give privilege to an attacker to exploit these device's vulnerabilities and break …