Information Assurance Science and Engineering Project

Abstract : Creation of metrics, methodologies, and tools for the implementation of assurance in information system design and assessment processes. Develop a scientific framework for understanding and developing information assurance systems and for reasoning about the assurance aspects of these systems.

[1]  E. Altman Constrained Markov Decision Processes , 1999 .

[2]  Steven J. Templeton,et al.  A requires/provides model for computer attacks , 2001, NSPW '00.

[3]  Jason Flinn,et al.  Summaries of Three Critical Infrastructure Applications , 1997 .

[4]  Leslie Lamport The ‘Hoare logic’ of concurrent programs , 2004, Acta Informatica.

[5]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[6]  R. Durrett Probability: Theory and Examples , 1993 .

[7]  Somesh Jha,et al.  Minimization and Reliability Analyses of Attack Graphs , 2002 .

[8]  Somesh Jha,et al.  Survivability analysis of networked systems , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[9]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[10]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[11]  Judea Pearl,et al.  Probabilistic reasoning in intelligent systems - networks of plausible inference , 1991, Morgan Kaufmann series in representation and reasoning.

[12]  Cynthia A. Phillips,et al.  Computer-attack graph generation tool , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[13]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .

[14]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[15]  Dimitri P. Bertsekas,et al.  Dynamic Programming and Optimal Control, Two Volume Set , 1995 .

[16]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[17]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[18]  Paul Ammann,et al.  Using model checking to analyze network vulnerabilities , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[19]  Martin L. Puterman,et al.  Markov Decision Processes: Discrete Stochastic Dynamic Programming , 1994 .

[20]  Eugene H. Spafford,et al.  The COPS Security Checker System , 1990, USENIX Summer.

[21]  Nancy A. Lynch,et al.  Proving time bounds for randomized distributed algorithms , 1994, PODC '94.

[22]  Giovanni Vigna,et al.  NetSTAT: A Network-based Intrusion Detection System , 1999, J. Comput. Secur..

[23]  Fausto Giunchiglia,et al.  NUSMV: a new symbolic model checker , 2000, International Journal on Software Tools for Technology Transfer.

[24]  Frédéric Cuppens,et al.  LAMBDA: A Language to Model a Database for Detection of Attacks , 2000, Recent Advances in Intrusion Detection.

[25]  Giorgio Ausiello,et al.  Structure Preserving Reductions among Convex Optimization Problems , 1980, J. Comput. Syst. Sci..

[26]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[27]  Alexander Schrijver,et al.  Theory of linear and integer programming , 1986, Wiley-Interscience series in discrete mathematics and optimization.

[28]  Mihalis Yannakakis,et al.  The complexity of probabilistic verification , 1995, JACM.

[29]  Bruce Schneier,et al.  MODELING SECURITY THREATS , 1999 .