An efficient approach to assessing the risk of zero-day vulnerabilities
暂无分享,去创建一个
Sushil Jajodia | Lingyu Wang | Anoop Singhal | Massimiliano Albanese | S. Jajodia | A. Singhal | Lingyu Wang | Massimiliano Albanese
[1] Muhammad Zubair Shafiq,et al. A large scale exploratory analysis of software vulnerability life cycles , 2012, 2012 34th International Conference on Software Engineering (ICSE).
[2] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.
[3] Miles McQueen,et al. Empirical Estimates and Observations of 0Day Vulnerabilities , 2009 .
[4] May R. Chaffin,et al. Empirical Estimates and Observations of 0Day Vulnerabilities , 2009, 2009 42nd Hawaii International Conference on System Sciences.
[5] Fabio Massacci,et al. Proceedings of the 2nd ACM Workshop on Quality of Protection, QoP 2006, Alexandria, VA, USA, October 30, 2006 , 2006, QoP.
[6] Bart De Decker,et al. A Privacy-Preserving Ticketing System , 2008, DBSec.
[7] David John Leversage,et al. Estimating a System's Mean Time-to-Compromise , 2008, IEEE Security & Privacy.
[8] J. Homer. A Sound and Practical Approach to Quantifying Security Risk in Enterprise Networks ∗ , 2009 .
[9] John McHugh. Quality of protection: measuring the unmeasurable? , 2006, QoP '06.
[10] Sushil Jajodia,et al. k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks , 2010, ESORICS.
[11] Sushil Jajodia,et al. An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.
[12] Karen Scarfone,et al. Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.
[13] Mattia Monga,et al. Assessing the risk of using vulnerable components , 2006, Quality of Protection.
[14] Edmund M. Clarke,et al. Ranking Attack Graphs , 2006, RAID.
[15] Dieter Gollmann,et al. Quality of Protection - Security Measurements and Metrics , 2006, Advances in Information Security.
[16] Sushil Jajodia,et al. A weakest-adversary security metric for network configuration security analysis , 2006, QoP '06.
[17] Sushil Jajodia,et al. Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.
[18] Duminda Wijesekera,et al. Scalable, graph-based network vulnerability analysis , 2002, CCS '02.
[19] Marc Dacier. Vers une évaluation quantitative de la sécurité informatique. (Towards a quantitative evaluation of computer security) , 1994 .
[20] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[21] Bart Preneel,et al. Computer Security - ESORICS 2010, 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. Proceedings , 2010, ESORICS.
[22] Richard Lippmann,et al. Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.