Measuring a System's Attack Surface
暂无分享,去创建一个
[1] Dawson R. Engler,et al. Checking system rules using system-specific, programmer-written compiler extensions , 2000, OSDI.
[2] Rodolphe Ortalo,et al. Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..
[3] Michael Howard,et al. Measuring Relative Attack Surfaces , 2005 .
[4] Jeannette M. Wing,et al. A behavioral notion of subtyping , 1994, TOPL.
[5] Benedict G. E. Wiedemann. Protection? , 1998, Science.
[6] T. Olovsson,et al. On measurement of operational security , 1994, IEEE Aerospace and Electronic Systems Magazine.
[7] Fred B. Schneider,et al. Enforceable security policies , 2000, TSEC.
[8] Keith W. Miller,et al. Defining an adaptive software security metric from a dynamic software failure tolerance measure , 1996, Proceedings of 11th Annual Conference on Computer Assurance. COMPASS '96.
[9] Marc Dacier,et al. Privilege Graph: an Extension to the Typed Access Matrix Model , 1994, ESORICS.
[10] Giovanni Vigna,et al. STATL: An Attack Language for State-Based Intrusion Detection , 2002, J. Comput. Secur..
[11] Crispin Cowan,et al. Timing the Application of Security Patches for Optimal Uptime , 2002, LISA.
[12] William A. Arbaugh,et al. A trend analysis of exploitations , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.
[13] David Wright,et al. Towards Operational Measures of Computer Security , 1993, J. Comput. Secur..
[14] Trent Jaeger,et al. Using CQUAL for Static Analysis of Authorization Hook Placement , 2002, USENIX Security Symposium.
[15] Dawson R. Engler,et al. Bugs as deviant behavior: a general approach to inferring errors in systems code , 2001, SOSP.
[16] David A. Wagner,et al. A First Step Towards Automated Detection of Buffer Overrun Vulnerabilities , 2000, NDSS.
[17] Pieter A. Cohen,et al. The red hat. , 2006, Academic medicine : journal of the Association of American Medical Colleges.
[18] Richard A. Kemmerer,et al. State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..
[19] Jim Alves-Foss,et al. Assessing computer security vulnerability , 1995, OPSR.