SCOPUS 정보 검색 플랫폼

2009 3rd International Symposium on Empirical Software Engineering and Measurement, ESEM 2009

Volumn , Issue , 2009, Pages 526-534

Vulnerability analysis for a quantitative security evaluation

(1) Vache, Géraldine a,b

a UNIVERSITÉ DE TOULOUSE (France)

b INSA (France)

Author keywords

[No Author keywords available]

Indexed keywords

ENVIRONMENTAL FACTORS; MODEL PARAMETERS; OPEN SOURCES; QUANTITATIVE CHARACTERIZATION; QUANTITATIVE MEASURES; QUANTITATIVE SECURITY EVALUATION; SYSTEM ENVIRONMENT; VULNERABILITY ANALYSIS; VULNERABILITY LIFE CYCLE;

COMPUTER SOFTWARE; LIFE CYCLE; NETWORK SECURITY;

PROBABILITY DISTRIBUTIONS;

EID: 72449180342 PISSN: None EISSN: None Source Type: Conference Proceeding
DOI: 10.1109/ESEM.2009.5315969 Document Type: Conference Paper

Times cited : (18)

References (23)

1
- 72449142536
- ISO 27000 website
- ISO 27000 website: http://www.27000.org

2
- 2542607810
- Quantitative assessment of operational security: Models and tools
- Samos, Greece, May 21-24
- th IFIP Information System Security Conference, Samos, Greece, May 21-24, 1996.
- (1996) th IFIP Information System Security Conference
- Dacier, M.¹ Deswarte, Y.² Kaâniche, M.³

3
- 84882663975
- Assesising the risk of using vulnerable components
- Balrazotti, D. and Monga, M. and Sicari, S. Assesising the risk of using vulnerable components. Quality of Protection - Security measurements and metrics, 2006, pp 65-77.
- (2006) Quality of Protection - Security measurements and metrics , pp. 65-77
- Balrazotti, D.¹ Monga, M.² Sicari, S.³

4
- 84882594747
- Time-To-Compromise Model for cyber risk reduction estimation
- McQueen, M. A. and Boyer, W. F. and Flynn, M. A. and Beitel, G. A. Time-To-Compromise Model for cyber risk reduction estimation. Quality of Protection - Security measurements and metrics, 2006, pp 49-64.
- (2006) Quality of Protection - Security measurements and metrics , pp. 49-64
- McQueen, M.A.¹ Boyer, W.F.² Flynn, M.A.³ Beitel, G.A.⁴

5
- 72449180264
- PhD Thesis, LAAS-CNRS, INSA de Toulouse, 7 Dec
- Alata, E. Observation, caractérisation et modélisation de processus d'attaques sur Internet. PhD Thesis, LAAS-CNRS, INSA de Toulouse, 7 Dec. 2007.
- (2007) Observation, caractérisation et modélisation de processus d'attaques sur Internet
- Alata, E.¹

6
- 0012581483
- The Möbius Modeling Tool. In Proceedings of the 9th international Workshop on Petri Nets and Performance Models (Pnpm'01) (September 11 - 14, 2001). PNPM
- Washington, DC
- Clark, G., Courtney, T., Daly, D., Deavours, D., Derisavi, S., Doyle, J. M., Sanders, W. H., and Webster, P. 2001. The Möbius Modeling Tool. In Proceedings of the 9th international Workshop on Petri Nets and Performance Models (Pnpm'01) (September 11 - 14, 2001). PNPM. IEEE Computer Society, Washington, DC, 241.
- (2001) IEEE Computer Society , pp. 241
- Clark, G.¹ Courtney, T.² Daly, D.³ Deavours, D.⁴ Derisavi, S.⁵ Doyle, J.M.⁶ Sanders, W.H.⁷ Webster, P.⁸

7
- 70350452986
- Environment characterization and system modeling approach for the quantitative evaluation of security. To be published in SAFECOMP 2009
- September, Hamburg, Germany
- Vache, G. Environment characterization and system modeling approach for the quantitative evaluation of security. To be published in SAFECOMP 2009, The 28th International Conference on Computer Safety, Reliability and Security 15 - 18 September 2009, Hamburg, Germany.
- (2009) The 28th International Conference on Computer Safety, Reliability and Security 15 - 18
- Vache, G.¹

8
- 38149097274
- Impact of Vulnerability Disclosure and Patch Availability - An Empirical Analysis
- Arora, A. and Krishnan, R. and Telang, R. and Yang, Y. "Impact of Vulnerability Disclosure and Patch Availability - An Empirical Analysis", Third Workshop on the Economics of Information Security, 2004.
- (2004) Third Workshop on the Economics of Information Security
- Arora, A.¹ Krishnan, R.² Telang, R.³ Yang, Y.⁴

9
- 34248370608
- Large-scale vulnerability analysis
- Pisa, Italy, September 11, 15
- Frei, S., May, M., Fiedler, U., and Plattner, B. 2006. Large-scale vulnerability analysis. In Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (Pisa, Italy, September 11 - 15, 2006).
- (2006) Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense
- Frei, S.¹ May, M.² Fiedler, U.³ Plattner, B.⁴

10
- 2442463532
- Use of A Taxonomy of Security Faults
- October 22-25, Baltimore, Maryland, US
- th National Information Systems Security Conference, October 22-25, 1996, Baltimore, Maryland, US.
- (1996) th National Information Systems Security Conference
- Aslam, T.¹ Ktsul, I.² Spafford, E.H.³

11
- 38049182956
- Security Vulnerability Categories in Major Software Systems, Security Vulnerability Categories in Major Software Systems
- Alhazmi, O. H., Woo, S-W., Malaiya, Y. K., Security Vulnerability Categories in Major Software Systems, Security Vulnerability Categories in Major Software Systems, Proceedings of the Third IASTED International Conference Proceedings Communication, Network, and Information Security. 2006
- (2006) Proceedings of the Third IASTED International Conference Proceedings Communication, Network, and Information Security
- Alhazmi, O.H.¹ Woo, S.-W.² Malaiya, Y.K.³

12
- 85085406935
- Matching attack patterns to security vulnerabilities in software-intensive system designs
- St. Louis, Missouri, May 15-16
- Gegick, M. and Williams, L. 2005. Matching attack patterns to security vulnerabilities in software-intensive system designs. In Proceedings of the 2005 Workshop on Software Engineering For Secure Systemsa Building Trustworthy Applications (St. Louis, Missouri, May 15-16, 2005).
- (2005) Proceedings of the 2005 Workshop on Software Engineering For Secure Systemsa Building Trustworthy Applications
- Gegick, M.¹ Williams, L.²

13
- 15744370034
- Ataxonomyofnetworkand computerattacks
- February
- Hansman, S. and Hunt, R., Ataxonomyofnetworkand computerattacks, Computers & Security, Volume 24, Issue 1, February 2005, Pages 31-43.
- (2005) Computers & Security , vol.24 , Issue.1 , pp. 31-43
- Hansman, S.¹ Hunt, R.²

14
- 84877999984
- Milk or Wine: Does Software Security Improve with Age?
- Vancouver, B.C, Canada, July 31-August 4
- th Usenix Security Symposium, Vancouver, B.C., Canada, July 31-August 4, 2006, pp 93-104.
- (2006) th Usenix Security Symposium , pp. 93-104
- Ozment, A.¹ Schechter, S.E.²

15
- 14744276335
- Fiding Security Holes a Good Idea?
- Jan
- Rescola, E. Is Fiding Security Holes a Good Idea?, IEEE Security and Privacy, vol. 3, no. 1, pp. 14-19, Jan. 2005.
- (2005) IEEE Security and Privacy , vol.3 , Issue.1 , pp. 14-19
- Rescola, E.I.¹

16
- 72449180724
- Symantec Enterprise Security, Trends for 2008, April
- Symantec Enterprise Security. "Symantec Global Internet Security Threat Report - Trends for 2008", vol. XIV, April 2009. http://www.symantec.com
- (2009) Symantec Global Internet Security Threat Report , vol.14

17
- 68149135524
- IBM Global Technology Services, January 2009
- IBM Global Technology Services. "IBM Internet Security Systems X-Force 2008 Trend & Risk Report". January 2009, http://www-935.ibm.com
- IBM Internet Security Systems X-Force 2008 Trend & Risk Report

18
- 72449175091
- National Vulnerability Database
- National Vulnerability Database: http://nvd.nist.gov

19
- 84870635626
- Security Focus Vulnerability Database: http://www.securityfocus.com
- Security Focus Vulnerability Database

20
- 84871961892
- Open Source Vulnerability DataBase: http://osvdb.org
- Open Source Vulnerability DataBase

21
- 72449207417
- Secunia web site: http://secunia.com
- Secunia web site

22
- 84941185462
- The choice of a class interval
- H.A. Sturges, "The choice of a class interval", Journal of the American Statistical Association, 1926.
- (1926) Journal of the American Statistical Association
- Sturges, H.A.¹

23
- 72449177750
- EasyFit tool website: http://www.mathwave.com
- EasyFit tool website

* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.