DAG-based attack and defense modeling: Don't miss the forest for the attack trees
B Kordy, L Piètre-Cambacédès, P Schweitzer - Computer science review, 2014 - Elsevier
This paper presents the current state of the art on attack and defense modeling approaches
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
[PDF][PDF] Simulation for cybersecurity: state of the art and future directions
H Kavak, JJ Padilla, D Vernon-Bido… - Journal of …, 2021 - academic.oup.com
In this article, we provide an introduction to simulation for cybersecurity and focus on three
themes:(1) an overview of the cybersecurity domain;(2) a summary of notable simulation …
themes:(1) an overview of the cybersecurity domain;(2) a summary of notable simulation …
Multicriteria decision framework for cybersecurity risk assessment and management
Risk assessors and managers face many difficult challenges related to novel cyber systems.
Among these challenges are the constantly changing nature of cyber systems caused by …
Among these challenges are the constantly changing nature of cyber systems caused by …
The cyber security modeling language: A tool for assessing the vulnerability of enterprise system architectures
The cyber security modeling language (CySeMoL) is a modeling language for enterprise-
level system architectures coupled to a probabilistic inference engine. If the computer …
level system architectures coupled to a probabilistic inference engine. If the computer …
Development of a cyber security risk model using Bayesian networks
Cyber security is an emerging safety issue in the nuclear industry, especially in the
instrumentation and control (I&C) field. To address the cyber security issue systematically, a …
instrumentation and control (I&C) field. To address the cyber security issue systematically, a …
Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method
MC Lee - International Journal of Computer Science & …, 2014 - search.proquest.com
Abstract Information security risk analysis becomes an increasingly essential component of
organization's operations. Traditional information security risk analysis is quantitative and …
organization's operations. Traditional information security risk analysis is quantitative and …
Automated security risk identification using AutomationML-based engineering data
Systems integrators and vendors of industrial components need to establish a security-by-
design approach, which includes the assessment and subsequent treatment of security …
design approach, which includes the assessment and subsequent treatment of security …
Modeling of intrusion and defense for assessment of cyber security at power substations
Cyber intrusions to substations are critical issues to a power grid, which must be defended
and mitigated. Essentially, to better understand a cyber intrusion, reconnaissance activities …
and mitigated. Essentially, to better understand a cyber intrusion, reconnaissance activities …
A quantitative evaluation of vulnerability scanning
Purpose–The purpose of this paper is to evaluate if automated vulnerability scanning
accurately identifies vulnerabilities in computer networks and if this accuracy is contingent …
accurately identifies vulnerabilities in computer networks and if this accuracy is contingent …
Self-diagnosis technique for virtual private networks combining Bayesian networks and case-based reasoning
L Bennacer, Y Amirat, A Chibani… - IEEE Transactions …, 2014 - ieeexplore.ieee.org
Fault diagnosis is a critical task for operators in the context of e-TOM (enhanced Telecom
Operations Map) assurance process. Its purpose is to reduce network maintenance costs …
Operations Map) assurance process. Its purpose is to reduce network maintenance costs …