Mitigating the insider threat of remote administrators in clouds through maintenance task assignments

[1]  Sushil Jajodia,et al.  Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds , 2018, DBSec.

[2]  Sushil Jajodia,et al.  A Graphical Model to Assess the Impact of Multi-Step Attacks , 2018 .

[3]  Sushil Jajodia,et al.  Network Security Metrics , 2017, Springer International Publishing.

[4]  Xiaoyan Sun,et al.  Towards Actionable Mission Impact Assessment in the Context of Cloud Computing , 2017, DBSec.

[5]  Sushil Jajodia,et al.  Securing Networks Against Unpatchable and Unknown Vulnerabilities Using Heterogeneous Hardening Options , 2017, DBSec.

[6]  Talal Halabi,et al.  Towards quantification and evaluation of security of Cloud Service Providers , 2017, J. Inf. Secur. Appl..

[7]  Marcus Pendleton,et al.  A Survey on Systems Security Metrics , 2016, ACM Comput. Surv..

[8]  Vijayalakshmi Atluri,et al.  On Optimal Employee Assignment in Constrained Role-Based Access Control Systems , 2016, ACM Trans. Manag. Inf. Syst..

[9]  Sushil Jajodia,et al.  Threat Modeling for Cloud Data Center Infrastructures , 2016, FPS.

[10]  Sushil Jajodia,et al.  Diversifying Network Services Under Cost Constraints for Better Resilience Against Unknown Attacks , 2016, DBSec.

[11]  Henrique Santos,et al.  What is Missing for Trust in the Cloud Computing? , 2016, CPR.

[12]  Abhinav Srivastava,et al.  Hardening OpenStack Cloud Platforms against Compute Node Compromises , 2016, AsiaCCS.

[13]  Sushil Jajodia,et al.  Network Diversity: A Security Metric for Evaluating the Resilience of Networks Against Zero-Day Attacks , 2016, IEEE Transactions on Information Forensics and Security.

[14]  Sushil Jajodia,et al.  Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks , 2014, ESORICS.

[15]  Bertram Ludäscher,et al.  Insider Attack Identification and Prevention Using a Declarative Approach , 2014, 2014 IEEE Security and Privacy Workshops.

[16]  Sushil Jajodia,et al.  Network Hardening: An Automated Approach to Improving Network Security , 2014 .

[17]  Sushil Jajodia,et al.  k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities , 2014, IEEE Transactions on Dependable and Secure Computing.

[18]  Peng Liu,et al.  MyCloud: supporting user-configured privacy protection in cloud computing , 2013, ACSAC.

[19]  William Nzoukou,et al.  A Unified Framework for Measuring a Network's Mean Time-to-Compromise , 2013, 2013 IEEE 32nd International Symposium on Reliable Distributed Systems.

[20]  Ali Mostashari,et al.  Measuring systems security , 2013, Syst. Eng..

[21]  Youki Kadobayashi,et al.  Exploring attack graph for cost-benefit security hardening: A probabilistic approach , 2013, Comput. Secur..

[22]  Sushil Jajodia,et al.  On the Accurate Identification of Network Service Dependencies in Distributed Systems , 2012, LISA.

[23]  William R. Claycomb,et al.  Insider Threats to Cloud Computing: Directions for New Research Challenges , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference.

[24]  Sushil Jajodia,et al.  Time-efficient and cost-effective network hardening using attack graphs , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[25]  Matthias Schunter,et al.  Secure cloud maintenance: protecting workloads against insider attacks , 2012, ASIACCS '12.

[26]  Indrajit Ray,et al.  Optimal security hardening on attack tree models of networks: a cost-benefit analysis , 2012, International Journal of Information Security.

[27]  Sushil Jajodia,et al.  NSDMiner: Automated discovery of Network Service Dependencies , 2012, 2012 Proceedings IEEE INFOCOM.

[28]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[29]  Sajjad Haider,et al.  Security threats in cloud computing , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[30]  Neeraj Suri,et al.  A security metrics framework for the Cloud , 2011, Proceedings of the International Conference on Security and Cryptography.

[31]  Gabriel Jakobson,et al.  Mission cyber security situation assessment using impact dependency graphs , 2011, 14th International Conference on Information Fusion.

[32]  Kamal Dahbur,et al.  A survey of risks, threats and vulnerabilities in cloud computing , 2011, ISWSA '11.

[33]  V. Kavitha,et al.  A survey on security issues in service delivery models of cloud computing , 2011, J. Netw. Comput. Appl..

[34]  Sushil Jajodia,et al.  k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks , 2010, ESORICS.

[35]  Nils Gruschka,et al.  Attack Surfaces: A Taxonomy for Attacks on Cloud Services , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[36]  Ben Walters,et al.  QUIRC: A Quantitative Impact and Risk Assessment Framework for Cloud Security , 2010, 2010 IEEE 3rd International Conference on Cloud Computing.

[37]  Xu Chen,et al.  Automating Network Application Dependency Discovery: Experiences, Limitations, and New Solutions , 2008, OSDI.

[38]  Xinming Ou,et al.  Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.

[39]  Hung Q. Ngo,et al.  Insider abuse comprehension through capability acquisition graphs , 2008, 2008 11th International Conference on Information Fusion.

[40]  Lingyu Wang,et al.  Measuring Network Security Using Bayesian Network-Based Attack Graphs , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.

[41]  Proceedings of the 2008 Workshop on New Security Paradigms, Lake Tahoe, CA, USA, September 22-25, 2008 , 2008, NSPW.

[42]  Sushil Jajodia,et al.  Toward measuring network security using attack graphs , 2007, QoP '07.

[43]  Indrajit Ray,et al.  Optimal security hardening using multi-objective optimization on attack tree models of networks , 2007, CCS '07.

[44]  Sushil Jajodia,et al.  Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.

[45]  B. Panda,et al.  A Knowledge-Base Model for Insider Threat Prediction , 2007, 2007 IEEE SMC Information Assurance and Security Workshop.

[46]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[47]  Sushil Jajodia,et al.  Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..

[48]  John McHugh Quality of protection: measuring the unmeasurable? , 2006, QoP '06.

[49]  Jackie Rees Ulmer,et al.  Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach , 2006, Decis. Support Syst..

[50]  Fabio Massacci,et al.  Proceedings of the 2nd ACM Workshop on Quality of Protection, QoP 2006, Alexandria, VA, USA, October 30, 2006 , 2006, QoP.

[51]  Indrajit Ray,et al.  Using Attack Trees to Identify Malicious Attacks from Authorized Insiders , 2005, ESORICS.

[52]  Hung Q. Ngo,et al.  Towards a theory of insider threat assessment , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).

[53]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[54]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[55]  Goldberg,et al.  Genetic algorithms , 1993, Robust Control Systems with Genetic Algorithms.

[56]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[57]  Alan R. Simon,et al.  Network security , 1994 .