DAG-based attack and defense modeling: Don't miss the forest for the attack trees
暂无分享,去创建一个
Barbara Kordy | Ludovic Pietre-Cambac'edes | Patrick Schweitzer | Barbara Kordy | Ludovic Pietre-Cambac'edes | P. Schweitzer | L. Piètre-Cambacédès
[1] Sven M. Hallberg,et al. Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security , 2016 .
[2] M. E. Kabay,et al. Writing Secure Code , 2015 .
[3] Mariëlle Stoelinga,et al. Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools , 2014, Comput. Sci. Rev..
[4] Tomaz Klobucar,et al. Use of the Enhanced Structural Model for Attack Analysis and Education , 2015, Comprehensive Approach as "Sine Qua Non" for Critical Infrastructure Protection.
[5] Ludovic Piètre-Cambacédès,et al. Safety and Security Interactions Modeling Using the BDMP Formalism: Case Study of a Pipeline , 2014, SAFECOMP.
[6] Barbara Kordy,et al. A Probabilistic Framework for Security Scenarios with Dependent Actions , 2014, IFM.
[7] Xiaolong Li,et al. An attack-and-defence game for security assessment in vehicular ad hoc networks , 2014, Peer Peer Netw. Appl..
[8] Flemming Nielson,et al. Automated Generation of Attack Trees , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.
[9] Stéphane Paul. Towards Automating the Construction & Maintenance of Attack Trees: a Feasibility Study , 2014, GraMSec.
[10] Reza Pulungan,et al. Time-Dependent Analysis of Attacks , 2014, POST.
[11] William H. Sanders,et al. Ieee Transactions on Parallel and Distributed Systems Rre: a Game-theoretic Intrusion Response and Recovery Engine , 2022 .
[12] Hannes Holm,et al. A Framework and Calculation Engine for Modeling and Predicting the Cyber Security of Enterprise Architectures , 2014 .
[13] Barbara Kordy,et al. Attack-defense trees , 2014, J. Log. Comput..
[14] Nora Cuppens-Boulahia,et al. Situation Calculus and Graph Based Defensive Modeling of Simultaneous Attacks , 2013, CSS.
[15] Ahto Buldas,et al. New Efficient Utility Upper Bounds for the Fully Adaptive Model of Attack Trees , 2013, GameSec.
[16] William Nzoukou,et al. A Unified Framework for Measuring a Network's Mean Time-to-Compromise , 2013, 2013 IEEE 32nd International Symposium on Reliable Distributed Systems.
[17] Mathias Ekstedt,et al. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures , 2013, IEEE Systems Journal.
[18] Barbara Kordy,et al. ADTool: Security Analysis with Attack-Defense Trees , 2013, QEST.
[19] Khurram Shahzad,et al. P2AMF: Predictive, Probabilistic Architecture Modeling Framework , 2013, IWEI.
[20] Bruce Schneier,et al. DIGITAL SECURITY IN A NETWORKED WORLD , 2013 .
[21] Masayuki Terada,et al. Advances in Information and Computer Security , 2013, Lecture Notes in Computer Science.
[22] Khurram Shahzad,et al. The Enterprise Architecture Analysis Tool - Support for the Predictive, Probabilistic Architecture Modeling Framework , 2013, AMCIS.
[23] Davor Svetinovic,et al. Evaluating the effectiveness of the security quality requirements engineering (SQUARE) method: a case study using smart grid advanced metering infrastructure , 2012, Requirements Engineering.
[24] Ryan T. Ostler. Defensive Cyber Battle Damage Assessment through Attack Methodology Modeling , 2012 .
[25] Alessandro Buoni,et al. Fraud detection in the banking sector : a multi-agent approach , 2012 .
[26] Ahto Buldas,et al. Upper Bounds for Adversaries' Utility in Attack Trees , 2012, GameSec.
[27] Barbara Kordy,et al. Quantitative Questions on Attack-Defense Trees , 2012, ICISC.
[28] Ralf Steinmetz,et al. Protecting IEEE 802.11s wireless mesh networks against insider attacks , 2012, 37th Annual IEEE Conference on Local Computer Networks.
[29] Ludovic Piètre-Cambacédès,et al. Modeling the Stuxnet attack with BDMP: Towards more formal risk assessments , 2012, 2012 7th International Conference on Risks and Security of Internet and Systems (CRiSIS).
[30] Amel Mammar,et al. An advanced approach for modeling and detecting software vulnerabilities , 2012, Inf. Softw. Technol..
[31] Dong Seong Kim,et al. Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees , 2012, Secur. Commun. Networks.
[32] Dong Seong Kim,et al. Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).
[33] Guttorm Sindre,et al. Comparing Misuse Case and Mal-Activity Diagrams for Modelling Social Engineering Attacks , 2012, Int. J. Secur. Softw. Eng..
[34] Alessandra Bagnato,et al. Attribute Decoration of Attack-Defense Trees , 2012, Int. J. Secur. Softw. Eng..
[35] Indrajit Ray,et al. Optimal security hardening on attack tree models of networks: a cost-benefit analysis , 2012, International Journal of Information Security.
[36] Nan Feng,et al. A Bayesian networks-based security risk analysis model for information systems integrating the observed cases with expert experience , 2012 .
[37] Teodor Sommestad,et al. A framework and theory for cyber security assessments , 2012 .
[38] Chengli Zhao,et al. Quantitative Analysis of Survivability Based on Intrusion Scenarios , 2012 .
[39] Mario Fedrizzi,et al. Consensual Dynamics and Choquet Integral in an Attack Tree-based Fraud Detection System , 2012, ICAART.
[40] Shivani Mishra,et al. Multi Tree View of Complex Attack - Stuxnet , 2012, ACITY.
[41] Security of mobile TAN on smartphones A risk analysis for the iOS and Android smartphone platforms , 2012 .
[42] B. Miller,et al. Automating Threat Modeling through the Software Development Life-Cycle , 2012 .
[43] Indrajit Ray,et al. Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.
[44] Chris W. Johnson. Using Assurance Cases and Boolean Logic Driven Markov Processes to Formalise Cyber Security Concerns for Safety-Critical Interaction with Global Navigation Satellite Systems , 2011, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..
[45] Ana R. Cavalli,et al. A model-based attack injection approach for security validation , 2011, SIN '11.
[46] Wei-min Li,et al. Space Based Information System Security Risk Evaluation Based on Improved Attack Trees , 2011, 2011 Third International Conference on Multimedia Information Networking and Security.
[47] József Mezei,et al. Combining attack trees and fuzzy numbers in a multi-agent approach to fraud detection , 2011, Int. J. Electron. Bus..
[48] Yuji Yamaoka,et al. Threat Tree Templates to Ease Difficulties in Threat Modeling , 2011, 2011 14th International Conference on Network-Based Information Systems.
[49] S. Giove,et al. Modelling fraud detection by attack trees and Choquet integral , 2011 .
[50] David L. Dill,et al. Applying a Reusable Election Threat Model at the County Level , 2011, EVT/WOTE.
[51] Raphael C.-W. Phan,et al. Attribution of attack trees , 2011, Comput. Electr. Eng..
[52] William H. Sanders,et al. Managing business health in the presence of malicious attacks , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops (DSN-W).
[53] Barbara Kordy,et al. Computational Aspects of Attack-Defense Trees , 2011, SIIS.
[54] Marc Pouly,et al. Generic Inference: A Unifying Theory for Automated Reasoning , 2011 .
[55] Theodore W. Manikas,et al. Using Multiple-Valued Logic Decision Diagrams to Model System Threat Probabilities , 2011, 2011 41st IEEE International Symposium on Multiple-Valued Logic.
[56] Marc Bouissou,et al. Security Modeling with BDMP: From Theory to Implementation , 2011, 2011 Conference on Network and Information Systems Security.
[57] Jeannette M. Wing,et al. An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.
[58] Erik M. Ferragut,et al. Modeling cyber conflicts using an extended Petri Net formalism , 2011, 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS).
[59] Min-Woo Park,et al. A framework of defense system for prevention of insider's malicious behaviors , 2011, 13th International Conference on Advanced Communication Technology (ICACT2011).
[60] David J. Parish,et al. Unified P arametrizable Attack Tree , 2011 .
[61] Jason R. Nielsen,et al. Evaluating Information Assurance Control Effectiveness on an Air Force Supervisory Control and Data Acquisition (SCADA) System , 2011 .
[62] Saman Zonouz,et al. Game-theoretic intrusion response and recovery , 2011 .
[63] Jie Wang,et al. Unified Parametrizable Attack Tree , 2011 .
[64] K C Sameer,et al. Attack Generation From System Models , 2011 .
[65] Dianxiang Xu,et al. Security Analysis of FileZilla Server Using Threat Models , 2011, SEKE.
[66] M. Warren,et al. Attack vectors against social networking systems: the Facebook example , 2011, AISM 2011.
[67] Raphael C.-W. Phan,et al. Quality of detectability (QoD) and QoD-aware AAT-based attack detection , 2010, 2010 International Conference for Internet Technology and Secured Transactions.
[68] Dmitry Podkuiko,et al. Multi-vendor penetration testing in the advanced metering infrastructure , 2010, ACSAC '10.
[69] Margus Niitsoo. Optimal Adversary Behavior for the Serial Model of Financial Attack Trees , 2010, IWSEC.
[70] Ludovic Piètre-Cambacédès,et al. Modeling safety and security interdependencies with BDMP (Boolean logic Driven Markov Processes) , 2010, 2010 IEEE International Conference on Systems, Man and Cybernetics.
[71] Andreas L. Opdahl,et al. Comparing Two Techniques for Intrusion Visualization , 2010, PoEM.
[72] Ludovic Pietre-Cambacedes. Des relations entre sûreté et sécurité , 2010 .
[73] Parosh Aziz Abdulla,et al. Analyzing the Security in the GSM Radio Network Using Attack Jungles , 2010, ISoLA.
[74] Alessandro Buoni. Fraud Detection: From Basic Techniques to a Multi-Agent Approach , 2010, 2010 International Conference on Management and Service Science.
[75] Barbara Kordy,et al. Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.
[76] Ludovic Piètre-Cambacédès,et al. Attack and Defense Modeling with BDMP , 2010, MMM-ACNS.
[77] Frank Elberzhager,et al. Systematic Construction of Goal Indicator Trees for Indicator-Based Dependability Inspections , 2010, 2010 36th EUROMICRO Conference on Software Engineering and Advanced Applications.
[78] Mathias Ekstedt,et al. A probabilistic relational model for security risk analysis , 2010, Comput. Secur..
[79] Siv Hilde Houmb,et al. Quantifying security risk level from CVSS estimates of frequency and impact , 2010, J. Syst. Softw..
[80] Peng Liu,et al. Using Bayesian networks for cyber security analysis , 2010, 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN).
[81] Sushil Jajodia,et al. Measuring Security Risk of Networks Using Attack Graphs , 2010, Int. J. Next Gener. Comput..
[82] G. Manimaran,et al. Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.
[83] Andreas L. Opdahl,et al. Visualizing Cyber Attacks with Misuse Case Maps , 2010, REFSQ.
[84] Raphael C.-W. Phan,et al. Augmented Attack Tree Modeling of Distributed Denial of Services and Tree Based Attack Detection Method , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.
[85] Kai Petersen,et al. Prioritizing Countermeasures through the Countermeasure Method for Software Security (CM-Sec) , 2010, PROFES.
[86] Jan Willemson,et al. Efficient Semantics of Parallel and Serial Models of Attack Trees. Ründepuude paralleel- jajadamudelite efektiivsed semantikad , 2010 .
[87] Barbara Kordy,et al. Attack-Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent , 2010, GameSec.
[88] Markus Buschle,et al. A Tool for Enterprise Architecture Analysis using the PRM formalism , 2010, CAiSE Forum.
[89] Tai-hoon Kim,et al. Improving SCADA control systems security with software vulnerability analysis , 2010 .
[90] Jan Willemson,et al. On Fast and Approximate Attack Tree Computations , 2010, ISPEC.
[91] Nahid Shahmehri,et al. Unified modeling of attacks, vulnerabilities and security activities , 2010, SESS '10.
[92] Ludovic Piètre-Cambacédès,et al. Beyond Attack Trees: Dynamic Security Modeling with Boolean Logic Driven Markov Processes (BDMP) , 2010, 2010 European Dependable Computing Conference.
[93] Dong Seong Kim,et al. Cyber security analysis using attack countermeasure trees , 2010, CSIIRW '10.
[94] Raphael C.-W. Phan,et al. Augmented attack tree modeling of SQL injection attacks , 2010, 2010 2nd IEEE International Conference on Information Management and Engineering.
[95] S. Nair,et al. Cyber threat trees for large system threat cataloging and analysis , 2010, 2010 IEEE International Systems Conference.
[96] John A. Sokolowski,et al. Probabilistic Risk Analysis and Terrorism Risk , 2010, Risk analysis : an official publication of the Society for Risk Analysis.
[97] Frank Elberzhager,et al. Practical Experience Gained from Modeling Security Goals: Using SGITs in an Industrial Project , 2010, 2010 International Conference on Availability, Reliability and Security.
[98] Inger Anne Tøndel,et al. Combining Misuse Cases with Attack Trees and Security Activity Models , 2010, 2010 International Conference on Availability, Reliability and Security.
[99] Dong Seong Kim,et al. ACT: Attack Countermeasure Trees for Information Assurance Analysis , 2010, 2010 INFOCOM IEEE Conference on Computer Communications Workshops.
[100] Robert F. Mills,et al. Analysing security risks in computer and Radio Frequency Identification (RFID) networks using attack and protection trees , 2010, Int. J. Secur. Networks.
[101] Inger Anne Tøndel,et al. Idea: Reusability of Threat Models - Two Approaches with an Experimental Evaluation , 2010, ESSoS.
[102] Arpan Roy,et al. Attack Countermeasure Trees: A Non-state-space Approach Towards Analyzing Security and Finding Optimal Countermeasure Sets , 2010 .
[103] Patrick Harrington,et al. Using noncooperative potential games to improve network security , 2010 .
[104] Johnnes Arreymbi,et al. An examination of the security implications of the supervisory control and data acquisition (SCADA) system in a mobile networked environment: An augmented vulnerability tree approach. , 2010 .
[105] Andreas L. Opdahl,et al. Towards a Hacker Attack Representation Method , 2010, ICSOFT.
[106] Ryoichi Sasaki,et al. Advances in Information and Computer Security , 2010, Lecture Notes in Computer Science.
[107] Jan Willemson,et al. Serial Model for Attack Tree Computations , 2009, ICISC.
[108] G. Manimaran,et al. PENET: A practical method and tool for integrated modeling of security attacks and countermeasures , 2009, Comput. Secur..
[109] Ludovic Apvrille,et al. Security requirements for automotive on-board networks , 2009, 2009 9th International Conference on Intelligent Transport Systems Telecommunications, (ITST).
[110] Dmitry Podkuiko,et al. Energy Theft in the Advanced Metering Infrastructure , 2009, CRITIS.
[111] L. Nordstrom,et al. Modeling Security of Power Communication Systems Using Defense Graphs and Influence Diagrams , 2009, IEEE Transactions on Power Delivery.
[112] Igor Nai Fovino,et al. Integrating cyber attacks within fault trees , 2009, Reliab. Eng. Syst. Saf..
[113] Pavol Zavarsky,et al. Threat Modeling for CSRF Attacks , 2009, 2009 International Conference on Computational Science and Engineering.
[114] Ana R. Cavalli,et al. Security Protocol Testing Using Attack Trees , 2009, 2009 International Conference on Computational Science and Engineering.
[115] Marco Scutari,et al. Learning Bayesian Networks with the bnlearn R Package , 2009, 0908.3817.
[116] Ran Liu,et al. Threat modeling-oriented attack path evaluating algorithm , 2009 .
[117] Dianxiang Xu,et al. Security test generation using threat trees , 2009, 2009 ICSE Workshop on Automation of Software Test.
[118] Parvaiz Ahmed Khand. System level security modeling using attack trees , 2009, 2009 2nd International Conference on Computer, Control and Communication.
[119] Andreas L. Opdahl,et al. Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..
[120] Patrik Berander,et al. Evaluating two ways of calculating priorities in requirements hierarchies - An experiment on hierarchical cumulative voting , 2009, J. Syst. Softw..
[121] Kishor S. Trivedi,et al. SHARPE at the age of twenty two , 2009, PERV.
[122] Mathias Ekstedt,et al. Enterprise architecture models for cyber security analysis , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.
[123] Sushil Jajodia,et al. Advances in Topological Vulnerability Analysis , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.
[124] Mathias Ekstedt,et al. Data Collection Prioritization for System Quality Analysis , 2009, Electron. Notes Theor. Comput. Sci..
[125] M. Ekstedt,et al. Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models , 2009, 2009 42nd Hawaii International Conference on System Sciences.
[126] M. Bouissou,et al. The promising potential of the BDMP formalism for security modeling , 2009 .
[127] Ram Dantu,et al. Network risk management using attacker profiling , 2009, Secur. Commun. Networks.
[128] Zhu Ning,et al. Design and Application of Penetration Attack Tree Model Oriented to Attack Resistance Test , 2008, 2008 International Conference on Computer Science and Software Engineering.
[129] Marek Jawurek,et al. Security Goal Indicator Trees: A Model of Software Features that Supports Efficient Security Inspection , 2008, 2008 11th IEEE High Assurance Systems Engineering Symposium.
[130] Mathias Ekstedt,et al. Defense Graphs and Enterprise Architecture for Information Assurance Analysis , 2008 .
[131] Sandip C. Patel,et al. Quantitatively assessing the vulnerability of critical information systems: A new method for evaluating security enhancements , 2008, Int. J. Inf. Manag..
[132] Jan Willemson,et al. Computing Exact Outcomes of Multi-parameter Attack Trees , 2008, OTM Conferences.
[133] Stephen Tyree,et al. Strata-Gem: risk assessment through mission modeling , 2008, QoP '08.
[134] Sushil Jajodia,et al. Measuring network security using dynamic bayesian network , 2008, QoP '08.
[135] Hein S. Venter,et al. Towards Privacy Taxonomy-Based Attack Tree Analysis for the Protection of Consumer Information Privacy , 2008, 2008 Sixth Annual Conference on Privacy, Security and Trust.
[136] Mathias Ekstedt,et al. Combining Defense Graphs and Enterprise Architecture Models for Security Analysis , 2008, 2008 12th International IEEE Enterprise Distributed Object Computing Conference.
[137] Xinming Ou,et al. Improving Attack Graph Visualization through Data Reduction and Attack Grouping , 2008, VizSEC.
[138] Maybin K. Muyeba,et al. Threat Modeling Revisited: Improving Expressiveness of Attack , 2008, 2008 Second UKSIM European Symposium on Computer Modeling and Simulation.
[139] Brajendra Panda,et al. A Knowledge-Based Bayesian Model for Analyzing a System after an Insider Attack , 2008, SEC.
[140] Jayanta K. Ghosh,et al. Bayesian Networks and Decision Graphs, 2nd Edition by Finn V. Jensen, Thomas D. Nielsen , 2008 .
[141] Lars Grunske,et al. Quantitative risk-based security prediction for component-based systems with explicitly modeled attack profiles , 2008, J. Syst. Softw..
[142] Lingyu Wang,et al. Measuring Network Security Using Bayesian Network-Based Attack Graphs , 2008, 2008 32nd Annual IEEE International Computer Software and Applications Conference.
[143] Sushil Jajodia,et al. An Attack Graph-Based Probabilistic Security Metric , 2008, DBSec.
[144] S. Bhattacharya,et al. A Vulnerability and Exploit Independent Approach for Attack Path Prediction , 2008, 2008 IEEE 8th International Conference on Computer and Information Technology Workshops.
[145] Seok-Won Lee,et al. Proceedings of the fourth international workshop on Software engineering for secure systems , 2008, ICSE 2008.
[146] Till Dörges,et al. From security patterns to implementation using petri nets , 2008, SESS '08.
[147] Vamsi Paruchuri,et al. Threat modeling using attack trees , 2008 .
[148] Nahid Shahmehri,et al. A Cause-Based Approach to Preventing Software Vulnerabilities , 2008, 2008 Third International Conference on Availability, Reliability and Security.
[149] Irina Trubitsyna,et al. Analyzing Security Scenarios Using Defence Trees and Answer Set Programming , 2008, Electron. Notes Theor. Comput. Sci..
[150] Wang Hui,et al. An improved model of attack probability prediction system , 2008, Wuhan University Journal of Natural Sciences.
[151] G. Park,et al. Cyber Security Analysis by Attack Trees for a Reactor Protection System , 2008 .
[152] David John Leversage,et al. Estimating a System's Mean Time-to-Compromise , 2008, IEEE Security & Privacy.
[153] Per Håkon Meland,et al. SeaMonster: Providing tool support for security modeling , 2008 .
[154] Jan Willemson,et al. Processing Multi-parameter Attacktrees with Estimated Parameter Values , 2007, IWSEC.
[155] Ahto Buldas,et al. Practical Security Analysis of E-Voting Systems , 2007, IWSEC.
[156] Sushil Jajodia,et al. Toward measuring network security using attack graphs , 2007, QoP '07.
[157] Indrajit Ray,et al. Optimal security hardening using multi-objective optimization on attack tree models of networks , 2007, CCS '07.
[158] Erik Johansson,et al. A Tool for Enterprise Architecture Analysis , 2007, 11th IEEE International Enterprise Distributed Object Computing Conference (EDOC 2007).
[159] David John Leversage,et al. Comparing Electronic Battlefields: Using Mean Time-To-Compromise as a Comparative Security Metric , 2007 .
[160] Bülent Yener,et al. Modeling and detection of complex attacks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.
[161] Sushil Jajodia,et al. Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.
[162] Robert Lagerström,et al. Enterprise architecture analysis with extended influence diagrams , 2007, Inf. Syst. Frontiers.
[163] Chen-Ching Liu,et al. Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees , 2007, 2007 IEEE Power Engineering Society General Meeting.
[164] Guttorm Sindre,et al. Mal-Activity Diagrams for Capturing Attacks on Business Processes , 2007, REFSQ.
[165] Ram Dantu,et al. Classification of Attributes and Behavior in Risk Management Using Bayesian Networks , 2007, 2007 IEEE Intelligence and Security Informatics.
[166] Nahid Shahmehri,et al. Design of a Process for Software Security , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).
[167] Eugene H. Spafford,et al. Automated adaptive intrusion containment in systems of interacting services , 2007, Comput. Networks.
[168] Sushil Jajodia. Topological analysis of network attack vulnerability , 2007, ASIACCS '07.
[169] Indrajit Ray,et al. Investigating Computer Attacks Using Attack Trees , 2007, IFIP Int. Conf. Digital Forensics.
[170] Michael R. Grimaila,et al. The Use of Attack and Protection Trees to Analyze Security for an Online Banking System , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).
[171] Richard A. Raines,et al. A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees , 2007 .
[172] M. Bouissou. A Generalization of Dynamic Fault Trees through Boolean logic Driven Markov Processes (BDMP)® , 2007 .
[173] Jan Trobitius,et al. Anwendung der "Common Criteria for Information Technology Security Evaluation" (CC) / ISO 15408 auf ein SOA Registry-Repository , 2007, Informatiktage.
[174] Kai Rannenberg,et al. Advances in Information and Computer Security, Second International Workshop on Security, IWSEC 2007, Nara, Japan, October 29-31, 2007, Proceedings , 2007, IWSEC.
[175] Jeanne H. Espedalen. Attack Trees Describing Security in Distributed Internet-Enabled Metrology , 2007 .
[176] Nicolas Chaufette,et al. Vulnerability Cause Graphs : A Case of Study , 2007 .
[177] Robert Lagerström,et al. Extended Influence Diagram Generation , 2007, IESA.
[178] Ida Hogganvik,et al. A Graphical Approach to Security Risk Analysis , 2007 .
[179] Richard Lippmann,et al. An Interactive Attack Graph Cascade and Reachability Display , 2007, VizSEC.
[180] Richard E. Neapolitan,et al. Learning Bayesian networks , 2007, KDD '07.
[181] Xia Wang,et al. Software fault tree and coloured Petri net-based specification, design and implementation of agent-based intrusion detection systems , 2007, Int. J. Inf. Comput. Secur..
[182] Richard Lippmann,et al. Practical Attack Graph Generation for Network Defense , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).
[183] Karen Scarfone,et al. Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.
[184] Sushil Jajodia,et al. Minimum-cost network hardening using attack graphs , 2006, Comput. Commun..
[185] Sushil Jajodia,et al. Topological analysis of network attack vulnerability , 2006, PST.
[186] Xinming Ou,et al. A scalable approach to attack graph generation , 2006, CCS '06.
[187] R.F. Mills,et al. Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.
[188] Ronald R. Yager. OWA trees and their role in security modeling using attack trees , 2006, Inf. Sci..
[189] Nahid Shahmehri,et al. Modeling Software VulnerabilitiesWith Vulnerability Cause Graphs , 2006, 2006 22nd IEEE International Conference on Software Maintenance.
[190] Edmund M. Clarke,et al. Ranking Attack Graphs , 2006, RAID.
[191] Jan Willemson,et al. Rational Choice of Security Measures Via Multi-parameter Attack Trees , 2006, CRITIS.
[192] Stefano Bistarelli,et al. Strategic Games on Defense Trees , 2006, Formal Aspects in Security and Trust.
[193] Nick Cercone,et al. Privacy intrusion detection using dynamic Bayesian networks , 2006, ICEC '06.
[194] Sushil Jajodia,et al. Interactive Analysis of Attack Graphs Using Relational Queries , 2006, DBSec.
[195] R.F. Mills,et al. Analyzing Attack Trees using Generalized Stochastic Petri Nets , 2006, 2006 IEEE Information Assurance Workshop.
[196] Nahid Shahmehri,et al. Towards a structured unified process for software security , 2006, SESS '06.
[197] Stefano Bistarelli,et al. Defense trees for economic evaluation of security investments , 2006, First International Conference on Availability, Reliability and Security (ARES'06).
[198] Dianxiang Xu,et al. Threat-driven modeling and verification of secure software using aspect-oriented Petri nets , 2006, IEEE Transactions on Software Engineering.
[199] Miles A. McQueen,et al. Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).
[200] Igor Kotenko,et al. Analyzing Network Security using Malefactor Action Graphs , 2006 .
[201] Miles A. McQueen,et al. Time-to-Compromise Model for Cyber Risk Reduction Estimation , 2006, Quality of Protection.
[202] Bülent Yener,et al. A formal method for attack modelling and detection , 2006 .
[203] Susan Elliott Sim,et al. A Comparative Evaluation of Three Approaches to Specifying Security Requirements , 2006 .
[204] Lillian. Rostad. An extended misuse case notation: Including vulnerabilities and the insider threat , 2006 .
[205] Pieter H. Hartel,et al. VISPER: The VIrtual Security PERimeter for digital, physical, and organisational security , 2006 .
[206] Sjouke Mauw,et al. Foundations of Attack Trees , 2005, ICISC.
[207] Sushil Jajodia,et al. Multiple coordinated views for network attack graphs , 2005, IEEE Workshop on Visualization for Computer Security, 2005. (VizSEC 05)..
[208] Xinyu Wang,et al. Survivability analysis of distributed systems using attack tree methodology , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.
[209] Indrajit Ray,et al. Using Attack Trees to Identify Malicious Attacks from Authorized Insiders , 2005, ESORICS.
[210] Andrew W. Appel,et al. MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.
[211] Eugene H. Spafford,et al. ADEPTS: adaptive intrusion response using attack graphs in an e-commerce environment , 2005, 2005 International Conference on Dependable Systems and Networks (DSN'05).
[212] Jaideep Srivastava,et al. Managing Cyber Threats: Issues, Approaches, and Challenges (Massive Computing) , 2005 .
[213] Ram Dantu,et al. Risk Management Using Behavior Based Bayesian Networks , 2005, ISI.
[214] Nancy R. Mead,et al. Security quality requirements engineering (SQUARE) methodology , 2005, SESS@ICSE.
[215] Richard P. Lippmann,et al. An Annotated Review of Past Papers on Attack Graphs , 2005 .
[216] Yu Liu,et al. Network vulnerability assessment using Bayesian networks , 2005, SPIE Defense + Commercial Sensing.
[217] Gregory S. Parnell,et al. Mission Oriented Risk and Design Analysis of Critical Information Systems , 2005 .
[218] Kaarina Karppinen,et al. Security Measurement based on Attack Trees in a Mobile Ad Hoc Network Environment: Master's thesis , 2005 .
[219] Amer Aijaz,et al. Attacks on Inter Vehicle Communication Systems-an Analysis , 2005 .
[220] Wenke Lee,et al. Attack plan recognition and prediction using causal networks , 2004, 20th Annual Computer Security Applications Conference.
[221] Juanjo Unzilla,et al. Application of 'Attack Trees' Technique to Copyright Protection Protocols Using Watermarking and Definition of a New Transactions Protocol SecDP (Secure Distribution Protocol) , 2004, MIPS.
[222] Shelby Evans,et al. Risk-based Systems Security Engineering: Stopping Attacks with Intention , 2004, IEEE Secur. Priv..
[223] Sushil Jajodia,et al. Managing attack graph complexity through visual hierarchical aggregation , 2004, VizSEC/DMSEC '04.
[224] K. Clark,et al. Qualitative and quantitative analytical techniques for network security assessment , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..
[225] Axel van Lamsweerde,et al. Elaborating security requirements by construction of intentional anti-models , 2004, Proceedings. 26th International Conference on Software Engineering.
[226] John Hale,et al. A systematic approach to multi-stage network attack analysis , 2004, Second IEEE International Information Assurance Workshop, 2004. Proceedings..
[227] Ram Dantu,et al. Risk management using behavior based attack graphs , 2004, International Conference on Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004..
[228] Andreas L. Opdahl,et al. Eliciting security requirements with misuse cases , 2004, Requirements Engineering.
[229] Michael D. Smith,et al. Computer security strength and risk: a quantitative approach , 2004 .
[230] E. Byres,et al. The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems , 2004 .
[231] Frank Swiderski,et al. Threat Modeling , 2018, Hacking Connected Cars.
[232] Jeannette M. Wing,et al. Scenario graphs and attack graphs , 2004 .
[233] A. Karimi,et al. Master‟s thesis , 2011 .
[234] Sushil Jajodia,et al. Efficient minimum-cost network hardening via exploit dependency graphs , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[235] Saurabh Bagchi,et al. Collaborative intrusion detection system (CIDS): a framework for accurate and efficient IDS , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[236] Marc Bouissou,et al. A new formalism that combines advantages of fault-trees and Markov models: Boolean logic driven Markov processes , 2003, Reliab. Eng. Syst. Saf..
[237] Murtuza Jadliwala,et al. Representation and analysis of coordinated attacks , 2003, FMSE '03.
[238] Sean Convery,et al. An Attack Tree for the Border Gateway Protocol , 2003 .
[239] Richard F. Paige,et al. Fault trees for security system design and analysis , 2003, Comput. Secur..
[240] D. Pinto. Secrets and Lies: Digital Security in a Networked World , 2003 .
[241] S. Vidalis,et al. Using Vulnerability Trees for Decision Making in Threat Assessment , 2003 .
[242] S. Bagchi,et al. ADEPTS : Adaptive Intrusion Containment and Response using Attack Graphs in an E-Commerce Environment , 2003 .
[243] Cnrs Fre,et al. A new formalism that combines advantages of fault-trees and Markov models: Boolean logic Driven Markov Processes , 2003 .
[244] Axel van Lamsweerde,et al. From system goals to intruder anti-goals: attack generation and resolution for security requirements engineering , 2003 .
[245] Ian F. Alexander,et al. Misuse Cases: Use Cases with Hostile Intent , 2003, IEEE Softw..
[246] Donald Firesmith,et al. Security Use Cases , 2003, J. Object Technol..
[247] Jerald Dawkins,et al. A structural framework for modeling multi-stage network attacks , 2002, Proceedings. International Conference on Parallel Processing Workshop.
[248] Vasant Honavar,et al. A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System , 2002, Requirements Engineering.
[249] Duminda Wijesekera,et al. Scalable, graph-based network vulnerability analysis , 2002, CCS '02.
[250] Andreas L. Opdahl,et al. Generalization/specialization as a structuring mechanism for misuse cases , 2002 .
[251] Somesh Jha,et al. Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.
[252] Markus Schumacher,et al. Collaborative attack modeling , 2002, SAC '02.
[253] Makis Stamatelatos,et al. Fault tree handbook with aerospace applications , 2002 .
[254] Nathalie Louise Foster,et al. The application of software and safety engineering techniques to security protocol development , 2002 .
[255] Andrew P. Moore,et al. Foundations for Survivable System Development: Service Traces, Intrusion Traces, and Evaluation Models , 2001 .
[256] Cynthia A. Phillips,et al. Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.
[257] Andrew P. Moore,et al. Attack Modeling for Information Security and Survivability , 2001 .
[258] James P. McDermott,et al. Attack net penetration testing , 2001, NSPW '00.
[259] Zhou Hai,et al. Software for fault tree analysis , 2001 .
[260] Finn V. Jensen,et al. Bayesian Networks and Decision Graphs , 2001, Statistics for Engineering and Information Science.
[261] Andreas L. Opdahl,et al. Templates for Misuse Case Description , 2001 .
[262] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .
[263] Axel van Lamsweerde,et al. Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..
[264] David Coppit,et al. Developing a low-cost high-quality software tool for dynamic fault-tree analysis , 2000, IEEE Trans. Reliab..
[265] Bruce Schneier,et al. Secrets and Lies: Digital Security in a Networked World , 2000 .
[266] John P. McDermott,et al. Using abuse case models for security requirements analysis , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).
[267] Lise Getoor,et al. Learning Probabilistic Relational Models , 1999, IJCAI.
[268] David John Pumfrey,et al. The principled design of computer system safety analyses , 1999 .
[269] Bruce Schneier,et al. Toward a secure system engineering methodolgy , 1998, NSPW '98.
[270] William A. Wulf,et al. Practical computer security analysis , 1998 .
[271] William A. Wulf,et al. A practical approach to security assessment , 1998, NSPW '97.
[272] Cynthia A. Phillips,et al. A graph-based system for network-vulnerability analysis , 1998, NSPW '98.
[273] Ira S. Moskowitz,et al. An insecurity flow model , 1998, NSPW '97.
[274] Marc Dacier,et al. Models and tools for quantitative assessment of operational security , 1996, SEC.
[275] Catherine A. Meadows,et al. A representation of protocol attacks for risk assessment , 1996, Network Threats.
[276] Peter Neumann,et al. Safeware: System Safety and Computers , 1995, SOEN.
[277] 大西 仁,et al. Pearl, J. (1988, second printing 1991). Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan-Kaufmann. , 1994 .
[278] Marc Dacier,et al. Privilege Graph: an Extension to the Typed Access Matrix Model , 1994, ESORICS.
[279] Marc Dacier. Vers une évaluation quantitative de la sécurité informatique. (Towards a quantitative evaluation of computer security) , 1994 .
[280] Eugene H. Spafford,et al. A PATTERN MATCHING MODEL FOR MISUSE INTRUSION DETECTION , 1994 .
[281] Edward G. Amoroso,et al. Fundamentals of computer security technology , 1994 .
[282] R. Reiter,et al. Temporal reasoning in the situation calculus , 1994 .
[283] Hans L. Bodlaender,et al. A linear time algorithm for finding tree-decompositions of small treewidth , 1993, STOC.
[284] Alok Aggarwal,et al. Proceedings of the twenty-fifth annual ACM symposium on Theory of Computing , 1992, STOC.
[285] Salvatore J. Bavuso,et al. Dynamic fault-tree models for fault-tolerant computer systems , 1992 .
[286] Salvatore J. Bavuso,et al. Fault trees and sequence dependencies , 1990, Annual Proceedings on Reliability and Maintainability Symposium.
[287] Judea Pearl,et al. Probabilistic reasoning in intelligent systems - networks of plausible inference , 1991, Morgan Kaufmann series in representation and reasoning.
[288] W E Vesely,et al. Fault Tree Handbook , 1987 .
[289] Judea Pearl,et al. Fusion, Propagation, and Structuring in Belief Networks , 1986, Artif. Intell..
[290] Stefan Arnborg,et al. Efficient algorithms for combinatorial problems on graphs with bounded decomposability — A survey , 1985, BIT.
[291] Stefan Arnborg,et al. Efficient Algorithms for Combinatorial Problems with Bounded Decomposability - A Survey. , 1985 .
[292] W W Daniel,et al. An introduction to decision analysis. , 1978, The Journal of nursing administration.
[293] J. Kellett. London , 1914, The Hospital.
[294] T. Tidwell,et al. Modeling Internet Attacks , 2022 .