A survey on the usability and practical applications of Graphical Security Models
暂无分享,去创建一个
[1] Stefano Bistarelli,et al. Defense trees for economic evaluation of security investments , 2006, First International Conference on Availability, Reliability and Security (ARES'06).
[2] Liudong Xing,et al. An overview of the phase-modular fault tree approach to phased mission system analysis , 2003 .
[3] M. J. Reed,et al. Attack graphs representations , 2012, 2012 4th Computer Science and Electronic Engineering Conference (CEEC).
[4] Eugene H. Spafford,et al. Automated adaptive intrusion containment in systems of interacting services , 2007, Comput. Networks.
[5] Vamsi Paruchuri,et al. Threat modeling using attack trees , 2008 .
[6] Mattia Monga,et al. Assessing the risk of using vulnerable components , 2006, Quality of Protection.
[7] William H. Sanders,et al. Adversary-driven state-based system security evaluation , 2010, MetriSec '10.
[8] Indrajit Ray,et al. Optimal security hardening on attack tree models of networks: a cost-benefit analysis , 2012, International Journal of Information Security.
[9] Jin B. Hong,et al. What Vulnerability Do We Need to Patch First? , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.
[10] Kai Petersen,et al. Prioritizing Countermeasures through the Countermeasure Method for Software Security (CM-Sec) , 2010, PROFES.
[11] Cynthia A. Phillips,et al. Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.
[12] Cong Jin,et al. Dynamic Attack Tree and Its Applications on Trojan Horse Detection , 2010, 2010 Second International Conference on Multimedia and Information Technology.
[13] Xinming Ou,et al. A scalable approach to attack graph generation , 2006, CCS '06.
[14] Barbara Kordy,et al. Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.
[15] Sushil Jajodia,et al. Topological analysis of network attack vulnerability , 2006, PST.
[16] Sushil Jajodia,et al. Efficient minimum-cost network hardening via exploit dependency graphs , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[17] Flemming Nielson,et al. Quantitative Verification and Synthesis of Attack-Defence Scenarios , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).
[18] Steven Noel,et al. Representing TCP/IP connectivity for topological analysis of network security , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..
[19] Scott A. DeLoach,et al. Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .
[20] Jin B. Hong,et al. Towards Automated Generation and Visualization of Hierarchical Attack Representation Models , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.
[21] Peng Liu,et al. Using Bayesian networks for cyber security analysis , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).
[22] Sushil Jajodia,et al. Linear-Time Network Hardening , 2014 .
[23] Eugene H. Spafford,et al. ADEPTS: adaptive intrusion response using attack graphs in an e-commerce environment , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[24] Sushil Jajodia,et al. Topological Vulnerability Analysis: A Powerful New Approach For Network Attack Prevention, Detection, and Response , 2008 .
[25] Ahto Buldas,et al. Practical Security Analysis of E-Voting Systems , 2007, IWSEC.
[26] Jin B. Hong,et al. Scalable Security Model Generation and Analysis Using k-importance Measures , 2013, SecureComm.
[27] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[28] Rajesh Kumar,et al. Quantitative Security and Safety Analysis with Attack-Fault Trees , 2017, 2017 IEEE 18th International Symposium on High Assurance Systems Engineering (HASE).
[29] C. Wieser,et al. An Enumeration of RFID Related Threats , 2008, 2008 The Second International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies.
[30] Sushil Jajodia,et al. Measuring Security Risk of Networks Using Attack Graphs , 2010, Int. J. Next Gener. Comput..
[31] Barbara Kordy,et al. Attack-defense trees , 2014, J. Log. Comput..
[32] Nahid Shahmehri,et al. Modeling Software VulnerabilitiesWith Vulnerability Cause Graphs , 2006, 2006 22nd IEEE International Conference on Software Maintenance.
[33] Rodolphe Ortalo,et al. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..
[34] Sushil Jajodia,et al. Multiple coordinated views for network attack graphs , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..
[35] Miles A. McQueen,et al. Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).
[36] Bruce Schneier,et al. Secrets and Lies: Digital Security in a Networked World , 2000 .
[37] Heejo Lee,et al. Scalable attack graph for risk assessment , 2009, 2009 International Conference on Information Networking.
[38] Richard Lippmann,et al. Visualizing attack graphs, reachability, and trust relationships with NAVIGATOR , 2010, VizSec '10.
[39] Dong Seong Kim,et al. Cyber security analysis using attack countermeasure trees , 2010, CSIIRW '10.
[40] Sushil Jajodia,et al. Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.
[41] Juanjo Unzilla,et al. Application of 'Attack Trees' Technique to Copyright Protection Protocols Using Watermarking and Definition of a New Transactions Protocol SecDP (Secure Distribution Protocol) , 2004, MIPS.
[42] Manimaran Govindarasu,et al. Smart grid cybersecurity exposure analysis and evalution framework , 2010, IEEE PES General Meeting.
[43] Sushil Jajodia,et al. Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..
[44] Indrajit Ray,et al. Using Attack Trees to Identify Malicious Attacks from Authorized Insiders , 2005, ESORICS.
[45] Bruce Schneier,et al. MODELING SECURITY THREATS , 1999 .
[46] Paul Ammann,et al. Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.
[47] Sophie Pinchinat,et al. Is My Attack Tree Correct? , 2017, ESORICS.
[48] Francesco Maffioli,et al. Cardinality constrained minimum cut problems: complexity and algorithms , 2004, Discret. Appl. Math..
[49] Richard Lippmann,et al. Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[50] Stefan Schlott,et al. Advanced Detection of Selfish or Malicious Nodes in Ad Hoc Networks , 2004, ESAS.
[51] Indrajit Ray,et al. Optimal security hardening using multi-objective optimization on attack tree models of networks , 2007, CCS '07.
[52] Saurabh Bagchi,et al. Determining Placement of Intrusion Detectors for a Distributed Application through Bayesian Network Modeling , 2008, RAID.
[53] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.
[54] Richard Lippmann,et al. GARNET: A Graphical Attack Graph and Reachability Network Evaluation Tool , 2008, VizSEC.
[55] Igor Nai Fovino,et al. Through the Description of Attacks: A Multidimensional View , 2006, SAFECOMP.
[56] William H. Sanders,et al. Ieee Transactions on Parallel and Distributed Systems Rre: a Game-theoretic Intrusion Response and Recovery Engine , 2022 .
[57] Peng Ning,et al. Learning attack strategies from intrusion alerts , 2003, CCS '03.
[58] Paul Ammann,et al. A host-based approach to network attack chaining analysis , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).
[59] Jin B. Hong,et al. Scalable Attack Representation Model Using Logic Reduction Techniques , 2013, 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.
[60] John Hale,et al. A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..
[61] Scott A. DeLoach,et al. Model-driven, Moving-Target Defense for Enterprise Network Security , 2011, Models@run.time@Dagstuhl.
[62] Sushil Jajodia,et al. Time-efficient and cost-effective network hardening using attack graphs , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).
[63] Andrew W. Appel,et al. MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.
[64] Jin B. Hong,et al. Towards scalable security analysis using multi-layered security models , 2016, J. Netw. Comput. Appl..
[65] Sushil Jajodia,et al. Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.
[66] P. Saiz,et al. Application of 'attack trees' in security analysis of digital contents e-commerce protocols with copyright protection , 2005, Proceedings 39th Annual 2005 International Carnahan Conference on Security Technology.
[67] Sushil Jajodia,et al. Topological Vulnerability Analysis , 2010, Cyber Situational Awareness.
[68] Michael Lyle Artz,et al. NetSPA : a Network Security Planning Architecture , 2002 .
[69] Jin B. Hong,et al. Scalable security analysis in hierarchical attack representation model using centrality measures , 2013, 2013 43rd Annual IEEE/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W).
[70] Barbara Kordy,et al. DAG-based attack and defense modeling: Don't miss the forest for the attack trees , 2013, Comput. Sci. Rev..
[71] Xinming Ou,et al. Improving Attack Graph Visualization through Data Reduction and Attack Grouping , 2008, VizSEC.
[72] Flemming Nielson,et al. Automated Generation of Attack Trees , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.
[73] Sushil Jajodia,et al. An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.
[74] Marc Dacier,et al. Privilege Graph: an Extension to the Typed Access Matrix Model , 1994, ESORICS.
[75] Zonghua Zhang,et al. Boosting Logical Attack Graph for Efficient Security Control , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.
[76] Yu Liu,et al. Network vulnerability assessment using Bayesian networks , 2005, SPIE Defense + Commercial Sensing.
[77] Lingyu Wang,et al. Measuring Network Security Using Bayesian Network-Based Attack Graphs , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.
[78] Xinming Ou,et al. Identifying Critical Attack Assets in Dependency Attack Graphs , 2008, ESORICS.
[79] Peter J. Hawrylak,et al. Toward hybrid attack dependency graphs , 2011, CSIIRW '11.
[80] Duminda Wijesekera,et al. Scalable, graph-based network vulnerability analysis , 2002, CCS '02.
[81] William H. Sanders,et al. Automatic Generation of Security Argument Graphs , 2014, 2014 IEEE 20th Pacific Rim International Symposium on Dependable Computing.
[82] Anoop Singhal,et al. Security Risk Analysis of Enterprise Networks Using Attack Graphs , 2012 .
[83] Sushil Jajodia,et al. Toward measuring network security using attack graphs , 2007, QoP '07.
[84] Ronald R. Yager. OWA trees and their role in security modeling using attack trees , 2006, Inf. Sci..
[85] Zhong Chen,et al. Evaluating Network Security With Two-Layer Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.
[86] Sushil Jajodia,et al. Scalable Analysis of Attack Scenarios , 2011, ESORICS.
[87] Patrik Berander,et al. Evaluating two ways of calculating priorities in requirements hierarchies - An experiment on hierarchical cumulative voting , 2009, J. Syst. Softw..
[88] Sushil Jajodia,et al. Measuring network security using dynamic bayesian network , 2008, QoP '08.
[89] Alessandra Bagnato,et al. Attribute Decoration of Attack-Defense Trees , 2012, Int. J. Secur. Softw. Eng..
[90] Christos Douligeris,et al. Expanding topological vulnerability analysis to intrusion detection through the incident response intelligence system , 2010, Inf. Manag. Comput. Secur..
[91] Barbara Kordy,et al. Attack Trees with Sequential Conjunction , 2015, SEC.
[92] P. Bhattacharya,et al. Analytical framework for measuring network security using exploit dependency graph , 2012, IET Inf. Secur..
[93] Nahid Shahmehri,et al. Towards a structured unified process for software security , 2006, SESS '06.
[94] Jeannette M. Wing,et al. Tools for Generating and Analyzing Attack Graphs , 2003, FMCO.
[95] Soumya K. Ghosh,et al. An Approach for Security Assessment of Network Configurations Using Attack Graph , 2009, 2009 First International Conference on Networks & Communications.
[96] R. Cunningham,et al. Validating and Restoring Defense in Depth Using Attack Graphs , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.
[97] Ross Horne,et al. Semantics for Specialising Attack Trees based on Linear Logic , 2017, Fundam. Informaticae.
[98] Vijay Mann,et al. SPHINX: Detecting Security Attacks in Software-Defined Networks , 2015, NDSS.
[99] Steven Noel,et al. Chapter 4 – CyGraph: Graph-Based Analytics and Visualization for Cybersecurity , 2016 .
[100] William H. Sanders,et al. Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE) , 2011, 2011 Eighth International Conference on Quantitative Evaluation of SysTems.
[101] William H. Sanders,et al. AMI threats, intrusion detection requirements and deployment recommendations , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).
[102] David John Leversage,et al. Comparing Electronic Battlefields: Using Mean Time-To-Compromise as a Comparative Security Metric , 2007 .
[103] Indrajit Ray,et al. Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.
[104] William H. Sanders,et al. Go with the flow: toward workflow-oriented security assessment , 2013, NSPW '13.
[105] Jin B. Hong,et al. HARMs: Hierarchical Attack Representation Models for Network Security Analysis , 2012, AISM 2012.
[106] William H. Sanders,et al. Model-based evaluation: from dependability to security , 2004, IEEE Transactions on Dependable and Secure Computing.
[107] Peng Ning,et al. Constructing attack scenarios through correlation of intrusion alerts , 2002, CCS '02.
[108] Sushil Jajodia,et al. Advances in Topological Vulnerability Analysis , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.
[109] Dong Seong Kim,et al. Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.
[110] Olga Gadyatskaya,et al. Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0 , 2016, QEST.
[111] Stefano Bistarelli,et al. Strategic Games on Defense Trees , 2006, Formal Aspects in Security and Trust.
[112] Kishor S. Trivedi,et al. SPNP: Stochastic Petri Nets. Version 6.0 , 2000, Computer Performance Evaluation / TOOLS.
[113] Richard Lippmann,et al. Modeling Modern Network Attacks and Countermeasures Using Attack Graphs , 2009, 2009 Annual Computer Security Applications Conference.
[114] Florian Kammüller,et al. Transforming Graphical System Models to Graphical Attack Models , 2015, GraMSec@CSF.
[115] Chen-Ching Liu,et al. Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees , 2007, 2007 IEEE Power Engineering Society General Meeting.
[116] Somesh Jha,et al. Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.