A distributed security tomography framework to assess the exposure of ICT infrastructures to network threats

Lab Kaspersky. What is Cyber-Security? [Online]. Available: https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security [Accessed 26 2018]. Baldoni, 2016 2019 Barrett, 2018 Cambra, 2004 Munir R, Pagna Disso J, Awan I, Rafiq M. Quantitative enterprise network security risk assessment. In: UK performance engineering workshop, 2013. Pendleton, 2016, A survey on systems security metrics, ACM Comput Surv, 49, 1, 10.1145/3005714 Ramos, 2017, Model-based quantitative network security metrics: A survey, IEEE Commun Surv Tutor, 19, 2704, 10.1109/COMST.2017.2745505 Weintraub, 2018, Defining network exposure metrics in security risk scoring models, Int J Adv Comput Sci Appl Tel Aviv, Israel Yusuf, 2017, Composite metrics for network security analysis, J Softw Netw, 137, 10.13052/jsn2445-9739.2017.007 Cybenko, 2013, Quantitative metrics and risk assessment: The three tenets model of cybersecurity, Technol Innov Manag Rev, 3, 15, 10.22215/timreview/712 Cybenko, 2014, Three tenets for secure cyber-physical system design and assessment 2010 Al-Shaer E, Khan L, Ahmed MS. A comprehensive objective network security metric framework for proactive security configuration. In: Proceedings of the 4th annual workshop on cyber security and information intelligence research developing strategies to meet the cyber security and information intelligence challenges ahead - CSIIRW ’08, New York, USA, 2008. Abedin M, Nessa S, Al-Shaer E, Khan L. Vulnerability analysis for evaluating quality of protection of security policies. In: Proceedings of the 2nd ACM workshop on quality of protection - QoP ’06, New York, USA, 2006. ISECOM, 2010 2018 2014, 462 2013 2018 Chew, 2008 2017, 1 ISO/IEC, ISO/IEC 27004, 2016-12-15. 2015 Idika, 2012, Extending attack graph-based security metrics and aggregating their application, IEEE Trans Dependable Secure Comput, 9, 75, 10.1109/TDSC.2010.61 Swiler, 1999 Wang, 2008, An attack graph-based probabilistic security metric, 283 Wang, 2007, Measuring the overall security of network configurations using attack graphs, 98 Cheng, 2014, Metrics of security, in cyber defense and situational awareness, 263, 10.1007/978-3-319-11391-3_13