Arnes, A., Haas, P., Vigna, G., Kemmerer, R.: Using a virtual security testbed for digital forensic reconstruction. J. Comput. Virol. 2(4), 275–289 (2007)
Balepin, I., Maltsev, S., Rowe, J., Levitt, K.: Using specification-based intrusion detection for automated response. In: 6th International Symposium on Recent Advances in Intrusion Detection, pp. 136–154. Springer (2003)
Chen, C.T.: A fuzzy approach to select the location of the distribution center. Fuzzy Sets Syst. 118, 65–73 (2001)
Chou, S.Y., Chang, Y.H., Shen, C.Y.: A fuzzy simple additive weighting system under group decision-making for facility location selection with objective/subjective attributes. Oper. Res. 189, 145–232 (2008)
Common Vulnerability and Exposures, http://cve.mitre.org/. Accessed 14 May 2013
Desnoyers, M., Dagenais, M.: LTTng: Tracing across execution layers, from the hypervisor to user-space. Linux Symposium. Ottawa, Canada (2008)
Elhage, N.: https://access.redhat.com/security/cve/CVE-2010-4258 (2010). Accessed 14 May 2013
Ezzati-Jivan, N., Dagenais, M.: A stateful approach to generate synthetic events from kernel traces. Adv. Softw. Eng. 2012 (2012), 12 pages (2012)
Foo, B., Wu, Y.S., Mao, Y.C., Bagchi, S., Spafford, E.: ADEPTS: adaptive intrusion response using attack graphs in an e-commerce environment. In: International Conference on Dependable Systems and Networks, pp. 508–517. IEEE (2005)
Fournier, P.M., Desnoyers, M., Dagenais, M.: Combined tracing of the kernel and applications with LTTng. In: Proceedings of the 2009 Linux Symposium (2009)
Gehani, A., Kedem, G.: Rheostat: real-time risk management. In: Recent Advances in Intrusion Detection: 7th International Symposium, pp. 296–314. France (2004)
Jahnke, M., Thul, C., Martini, P.: Graph-based metrics for intrusion response measures in computer networks. In: Proceedings of the 3rd LCN Workshop on Network Security. Held in conjunction with the 32nd IEEE Conference on Local Computer Networks (LCN), pp. 1035–1042. IEEE, Dublin, Ireland (2007)
Jones, J.: An introduction to factor analysis of information risk (FAIR). Norwich J. Inf. Assur. 2(1), 1–76 (2006)
Kanoun, W, Cuppens-Boulahia, N., Cuppens, F., Dubus, S.: Risk-aware framework for activating and deactivating policy-based response. In: Fourth International Conference on Network and System Security, pp. 207–215. ACM (2010)
Kheir, N., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: A service dependency model for cost sensitive intrusion response. In: Proceedings of the 15th European Conference on Research in Computer Security, pp. 626–642. Springer (2010)
Kheir, N., Debar, H., Cuppens-Boulahia, N., Cuppens, F., Viinikka, J.: Cost evaluation for intrusion response using dependency graphs. In: IFIP International Conference on Network and Service Security. IEEE (2009)
Lee, W., Fan, W., Miller, M.: Toward cost-sensitive modeling for intrusion detection and response. J. Comput. Secur. 10(1), 5–22 (2002)
Mu, C.P., Li, X.J., Huang, H.K., Tian, S.F.: Online risk assessment of intrusion scenarios using D-S evidence theory. In: Proceedings of the 13th European Symposium on Research in Computer Security, pp. 35–48. Springer, Malaga (2008)
Mu, C.P., Li, Y.: An intrusion response decision-making model based on hierarchical task network planning. Expert Syst. Appl. 37(3), 2465–2472 (2010)
Noel, S., Wang, L., Singhal, A., Jajodia, S.: Measuring security risk of networks using attack graphs. Int. J. Next-Gener. Comput. 1(1), 135–147 (2010)
Runkler, T.A.: Selection of appropriate defuzzification methods using application specific properties. IEEE Trans. Fuzzy Syst. 5(1), 72–79 (1997)
Shameli-Sendi, A., Jabbarifar, M., Shajari, M., Dagenais, M.: FEMRA: Fuzzy expert model for risk assessment. In: Proceedings of the Fifth International Conference on Internet Monitoring and Protection, pp. 48–53. IEEE, Barcelona, Spain (2010)
Shameli-Sendi, A., Shajari, M., Hassanabadi, M., Jabbarifar, M., Dagenais, M.: Fuzzy multi-criteria decision-making for information security risk assessment. Open Cybern. Syst. J. 6, 26–37 (2012)
Shameli-Sendi, A., Ezzati-Jivan, N., Jabbarifar, M., Dagenais, M.: Intrusion response systems: survey and taxonomy. Int. J. Comput. Sci. Netw. Secur. 12(1), 1–14 (2012)
Stakhanova, N., Basu, S., Wong, J.: A cost-sensitive model for preemptive intrusion response systems. In: Proceedings of the 21st International Conference on Advanced Networking and Applications, pp. 428–435. IEEE (2007)
Stakhanova, N., Strasburg, C., Basu, S., Wong, J.S.: Towards cost-sensitive assessment of intrusion response selection. J. Comput. Secur. 20(2–3), 169–198 (2012)
Strasburg, C., Stakhanova, N., Basu, S., Wong, J. S.: A framework for cost sensitive assessment of intrusion response selection. In: Proceedings of IEEE Computer Software and Applications Conference, pp. 355–360. IEEE (2009)