Selecting optimal countermeasures for attacks against critical systems using the attack volume model and the RORI index
暂无分享,去创建一个
Hervé Debar | Joaquín García | Gustavo Gonzalez Granadillo | Ender Alvarez | G. G. Granadillo | Mohammed El-Barbori | Hervé Debar | Joaquín García | Mohammed El-Barbori | E. Alvarez
[1] Nora Cuppens-Boulahia,et al. A Service Dependency Model for Cost-Sensitive Intrusion Response , 2010, ESORICS.
[2] Christian Locher. Methodologies for Evaluating Information Security Investments - What Basel II Can Change in the Financial Industry , 2005, ECIS.
[3] R. Hinden,et al. Internet protocol, version 6 , 1995 .
[4] Frédéric Cuppens,et al. Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.
[5] Hervé Debar,et al. RORI-based countermeasure selection using the OrBAC formalism , 2013, International Journal of Information Security.
[6] Brian Haberman,et al. Special-Purpose IP Address Registries , 2013, RFC.
[7] David F. Ferraiolo,et al. Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .
[8] Ravi S. Sandhu,et al. Role-Based Access Control Models , 1996, Computer.
[9] Adrian Mizzi,et al. Return on Information Security Investment - The Viability Of An Anti-Spam Solution In A Wireless Environment , 2010, Int. J. Netw. Secur..
[10] Stephen E. Deering,et al. Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.
[11] Roy T. Fielding,et al. Uniform Resource Identifiers (URI): Generic Syntax , 1998, RFC.
[12] Jeannette M. Wing,et al. An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.
[13] Sami Petäjäsoja,et al. IMS Threat and Attack Surface Analysis Using Common Vulnerability Scoring System , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference Workshops.
[14] Eric Vétillard,et al. Combined Attacks and Countermeasures , 2010, CARDIS.
[15] Marco Cremonini,et al. Evaluating Information Security Investments from Attackers Perspective: the Return-On-Attack (ROA) , 2005, WEIS.
[16] Mark Jeffery,et al. Return on Investment Analysis for E‐business Projects , 2004 .
[17] Thomas Norman. Risk Analysis and Security Countermeasure Selection , 2009 .
[18] Joseph D. Touch,et al. Updated Specification of the IPv4 ID Field , 2013, RFC.
[19] Stuart Cheshire,et al. Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry , 2011, RFC.
[20] Michael Howard,et al. Measuring Relative Attack Surfaces , 2005 .
[21] Jan vom Brocke,et al. Return on Security Investments - Design Principles of Measurement Systems Based on Capital Budgeting , 2007, AMCIS.
[22] Wes Sonnenreich,et al. Return On Security Investment (ROSI) - A Practical Quantitative Modell , 2005, J. Res. Pract. Inf. Technol..