Dynamic Security Risk Management Using Bayesian Attack Graphs
Tóm tắt
Từ khóa
Tài liệu tham khảo
butler, 2002, Multi-Attribute Risk Assessment, Proc SREIS02 in Conjunction of 10th IEEE Int'l Requirements Eng Conf
goldberg, 1989, Genetic Algorithms in Search Optimization and Machine Learning
ou, 2005, Mulval: A Logic-Based Network Security Analyzer, Proc 14th Conf USENIX Security Symp, 113
wang, 2007, Measuring the Overall Security of Network Configurations Using Attack Graphs, Proc 21st Ann IFIP WG 11 3 Working Conf Data and Application Security, 98, 10.1007/978-3-540-73538-0_9
wang, 2008, An Attack Graph-Based Probabilistic Security Metric, Proc 22nd Ann IFIP WG 11 3 Working Conf Data and Applications Security, 283, 10.1007/978-3-540-70567-3_22
ray, 2005, Using Attack Trees to Identify Malicious Attacks from Authorized Insiders, Proc 10th European Symp Research in Computer Security (ESORICS '05), 231
moore, 2001, Attack Modeling for Information Survivability
shawn a butler, 2002, Security Attribute Evaluation Method: A Cost-Benefit Approach, Proceedings of the 24th International Conference on Software Engineering ICSE 2002, 232, 10.1109/ICSE.2002.1007971
dawkins, 2002, Modeling Network Attacks: Extending the Attack Tree Paradigm, Proc Workshop Statistical Machine Learning Techniques in Computer Intrusion Detection
sheyner, 2002, Automated Generation and Analysis of Attack Graphs, Proc IEEE Symp Security and Privacy, 273
xie, 2010, Using Bayesian Networks for Cyber Security Analysis, Proc 40th IEEE/IFIP Int'l Conf Dependable Systems and Networks
dewri, 2007, Optimal Security Hardening Using Multi-Objective Optimization on Attack Tree Models of Networks, Proc 14th ACM Conf Computer and Comm Security, 204
liu, 2005, Network Vulnerability Assessment Using Bayesian Networks, Proc SPIE, 5812, 61, 10.1117/12.604240
berger, 2003, Data-Centric Quantitative Computer Security Risk Assessment
stoneburner, 2002, Risk Management Guide for Information Technology Systems, Proc Nat'l Inst of Standards and Technology (NIST) Special Publication, 800
lee, 2002, Toward Cost-Sensitive Modeling for Intrusion Detection and Response, J Computer Security, 10, 5, 10.3233/JCS-2002-101-202
schiffman, 2011, Common Vulnerability Scoring System (CVSS)
schneier, 1999, Attack Trees, Dr Dobb's J