
This Article  
 
Share  
Bibliographic References  
Add to:  
Digg Furl Spurl Blink Simpy Del.icio.us Y!MyWeb  
Search  
 
ASCII Text  x  
Nayot Poolsappasit, Rinku Dewri, Indrajit Ray, "Dynamic Security Risk Management Using Bayesian Attack Graphs," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 1, pp. 6174, January/February, 2012.  
BibTex  x  
@article{ 10.1109/TDSC.2011.34, author = {Nayot Poolsappasit and Rinku Dewri and Indrajit Ray}, title = {Dynamic Security Risk Management Using Bayesian Attack Graphs}, journal ={IEEE Transactions on Dependable and Secure Computing}, volume = {9}, number = {1}, issn = {15455971}, year = {2012}, pages = {6174}, doi = {http://doi.ieeecomputersociety.org/10.1109/TDSC.2011.34}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }  
RefWorks Procite/RefMan/Endnote  x  
TY  JOUR JO  IEEE Transactions on Dependable and Secure Computing TI  Dynamic Security Risk Management Using Bayesian Attack Graphs IS  1 SN  15455971 SP61 EP74 EPD  6174 A1  Nayot Poolsappasit, A1  Rinku Dewri, A1  Indrajit Ray, PY  2012 KW  Security risk assessment KW  mitigation analysis KW  Bayesian belief networks KW  attack graph. VL  9 JA  IEEE Transactions on Dependable and Secure Computing ER   
[1] P. Ammann, D. Wijesekera, and S. Kaushik, "Scalable, GraphBased Network Vulnerability Analysis," Proc. Ninth Conf. Computer and Comm. Security, pp. 217224, 2002.
[2] S. Jha, O. Sheyner, and J.M. Wing, "Two Formal Analysis of Attack Graphs," Proc. 15th IEEE Computer Security Foundations Workshop, pp. 4963, 2002.
[3] C. Phillips and L.P. Swiler, "A GraphBased System for NetworkVulnerability Analysis," Proc. New Security Paradigms Workshop, pp. 7179, 1998.
[4] O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J.M. Wing, "Automated Generation and Analysis of Attack Graphs," Proc. IEEE Symp. Security and Privacy, pp. 273284, 2002.
[5] L.P. Swiler, C. Phillips, D. Ellis, and S. Chakerian, "Computer Attack Graph Generation Tool," Proc. Second Defense Advanced Research Projects Agency (DARPA) Information Survivability Conf. and Exposition, pp. 307321, 2001.
[6] J. Dawkins, C. Campbell, and J. Hale, "Modeling Network Attacks: Extending the Attack Tree Paradigm," Proc. Workshop Statistical Machine Learning Techniques in Computer Intrusion Detection, 2002.
[7] A.P. Moore, R.J. Ellison, and R.C. Linger, "Attack Modeling for Information Survivability," Technical Note CMU/SEI2001TN001, Carnegie Melon Univ. / Software Eng. Inst., Mar. 2001.
[8] I. Ray and N. Poolsappasit, "Using Attack Trees to Identify Malicious Attacks from Authorized Insiders," Proc. 10th European Symp. Research in Computer Security (ESORICS '05), pp. 231246, 2005.
[9] B. Schneier, "Attack Trees," Dr. Dobb's J., Dec. 1999.
[10] R. Dantu, K. Loper, and P. Kolan, "Risk Management Using Behavior Based Attack Graphs," Proc. Int'l Conf. Information Technology: Coding and Computing, pp. 445449, 2004.
[11] Y. Liu and H. Man, "Network Vulnerability Assessment Using Bayesian Networks," Proc. SPIE, vol. 5812, pp. 6171, 2005.
[12] S. Noel, S. Jajodia, B. O'Berry, and M. Jacobs, "Efficient MinimumCost Network Hardening via Exploit Dependency Graphs," Proc. 19th Ann. Computer Security Applications Conf., pp. 8695, 2003.
[13] R. Dewri, N. Poolsappasit, I. Ray, and D. Whitley, "Optimal Security Hardening Using MultiObjective Optimization on Attack Tree Models of Networks," Proc. 14th ACM Conf. Computer and Comm. Security, pp. 204213, 2007.
[14] M. Schiffman, "Common Vulnerability Scoring System (CVSS)," http://www.first.org/cvss/cvssguide. html, 2011.
[15] W. Lee, "Toward CostSensitive Modeling for Intrusion Detection and Response," J. Computer Security, vol. 10, no. 1, pp. 522, 2002.
[16] G. Stoneburner, A. Goguen, and A. Feringa, "Risk Management Guide for Information Technology Systems," Proc. Nat'l Inst. of Standards and Technology (NIST) Special Publication, pp. 800830, 2002.
[17] B. Berger, "DataCentric Quantitative Computer Security Risk Assessment," SANS Inst. of InfoSec Reading Room, 2003.
[18] A. Arora, D. Hall, C.A. Piato, D. Ramsey, and R. Telang, "Measuring the RiskBased Value of IT Security Solutions," IT Professional, vol. 6, no. 6, pp. 3542, 2004.
[19] S.A. Butler, "Security Attribute Evaluation Method: A CostBenefit Approach," Proc. 24th Int'l Conf. Software Eng., pp. 232240, 2002.
[20] S.A. Butler and P. Fischbeck, "MultiAttribute Risk Assessment," Proc. SREIS02 in Conjunction of 10th IEEE Int'l Requirements Eng. Conf., 2002.
[21] D.E. Goldberg, Genetic Algorithms in Search, Optimization and Machine Learning. AddisonWesley Longman Publishing Co., Inc., 1989.
[22] K. Deb, A. Pratap, S. Agarwal, and T. Meyarivan, "A Fast Elitist MultiObjective Genetic Algorithm: NSGAII," IEEE Trans. Evolutionary Computation, vol. 6, no. 2, pp. 182197, Apr. 2002.
[23] L. Wang, S. Noel, and S. Jajodia, "MinimumCost Network Hardening Using Attack Graphs," Computer Comm., vol. 29, no. 18, pp. 38123824, Nov. 2006.
[24] X. Ou, S. Govindavajhala, and A.W. Appel, "Mulval: A LogicBased Network Security Analyzer," Proc. 14th Conf. USENIX Security Symp., pp. 113128, 2005.
[25] D. Saha, "Extending Logical Attack Graph for Efficient Vulnerability Analysis," Proc. 15th ACM Conf. Computer and Comm. Security, pp. 6373, 2008.
[26] L. Wang, A. Singhal, and S. Jajodia, "Measuring the Overall Security of Network Configurations Using Attack Graphs," Proc. 21st Ann. IFIP WG 11.3 Working Conf. Data and Application Security, pp. 98112, 2007.
[27] L. Wang, T. Islam, T. Long, A. Singhal, and S. Jajodia, "An Attack GraphBased Probabilistic Security Metric," Proc. 22nd Ann. IFIP WG 11.3 Working Conf. Data and Applications Security, pp. 283296, 2008.
[28] J. Homer and X. Ou, "SATSolving Approaches to ContextAware Enterprise Network Security Management," IEEE J. Selected Areas in Comm., vol. 27, no. 3, pp. 315322, Apr. 2009.
[29] S. Noel and S. Jajodia, "Optimal IDS Sensor Placement and Alert Prioritizing Using Attack Graphs," J. Network and Systems Management, vol. 16, no. 3, pp. 259275, Sept. 2008.
[30] L. Wang, A. Liu, and S. Jajodia, "Using Attack Graph for Correlating, Hypothesizing, and Predicting Intrusion Alerts," Computer Comm., vol. 29, no. 15, pp. 29172933, Nov. 2006.
[31] M. Frigault and L. Wang, "Measuring Network Security Using Bayesian NetworkBased Attack Graphs," Proc. 32nd Ann. IEEE Int'l Computer Software Applications Conf., pp. 698703, 2008.
[32] M. Frigault, L. Wang, A. Singhal, and S. Jajodia, "Measuring Network Security Using Dynamic Bayesian Network," Proc. 14th ACM Workshop Quality of Protection, 2008.
[33] P. Xie, J.H. Li, X. Ou, P. Liu, and R. Levy, "Using Bayesian Networks for Cyber Security Analysis," Proc. 40th IEEE/IFIP Int'l Conf. Dependable Systems and Networks, 2010.
[34] R. Dantu, P. Kolan, R. Akl, and K. Loper, "Classification of Attributes and Behavior in Risk Management Using Bayesian Networks," Proc. IEEE Intelligence and Security Informatics Conf., pp. 7174, 2007.
[35] R. Dantu, P. Kolan, and J. Cangussu, "Network Risk Management Using Attacker Profiling," Security and Comm. Networks vol. 2, pp. 8396, 2009.
[36] E.J. Santos and S.E. Shimony, "Exploiting CaseBased Independence for Approximating Marginal Probabilities," Int'l J. Approximate Reasoning, vol. 14, no. 1, pp. 2554, Jan. 1996.
[37] E. Alba and M. Tomassini, "Parallelism and Evolutionary Algorithms," IEEE Trans. Evolutionary Computation, vol. 6, no. 5, pp. 443462, Oct. 2002.