To protect critical resources in today’s networked environments, it is desirable to quantify the likelihood of potential multi-step attacks that combine multiple vulnerabilities....
Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal,...
Abstract. The perspective directions in evaluating network security are simulating possible malefactor's actions, building the representation of these actions as attack graphs...
To reason about information flow based on beliefs, a new model is developed that describes how attacker beliefs change due to the attacker’s observation of the execution of a p...
Michael R. Clarkson, Andrew C. Myers, Fred B. Schn...
In measuring the overall security of a network, a crucial issue is to correctly compose the measure of individual components. Incorrect compositions may lead to misleading results...
Given the increasing dependence of our societies on information systems, the overall security of these systems should be measured and improved. Existing work generally focuses on ...