Uncertainty and Risk Management in Cyber Situational Awareness
作者: Jason Li , Xinming Ou , Raj Rajagopalan
DOI: 10.1007/978-1-4419-0140-8_4
关键词:
摘要: Handling cyber threats unavoidably needs to deal with both uncertain and imprecise information. What we can observe as potential malicious activities seldom give us 100% confidence on important questions care about, e.g. what machines are compromised damage has been incurred. In security planning, need information how likely a vulnerability lead successful compromise better balance functionality, performance, ease of use. These at best qualitative often vague imprecise. situational awareness, have rely such imperfect detect real attacks prevent an attack from happening through appropriate risk management. This chapter surveys existing technologies in handling uncertainty management awareness.
springer.com
harvard.edu
sci-hub.st 参考文章(54)
Davide Balzarotti, Mattia Monga, Sabrina Sicari, Assessing the risk of using vulnerable components Quality of Protection. pp. 65- 77 ,(2006) , 10.1007/978-0-387-36584-8_6
Stefan Axelsson, A Preliminary Attempt to Apply Detection and Estimation Theory to Intrusion Detection ,(2007)
Lingyu Wang, Anoop Singhal, Sushil Jajodia, Measuring the overall security of network configurations using attack graphs Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security. pp. 98- 112 ,(2007) , 10.1007/978-3-540-73538-0_9
Kenneth Konyndyk, Introductory Modal Logic ,(1986)
Eugene H. Spafford, Daniel Farmer, The COPS Security Checker System USENIX Summer. pp. 165- 170 ,(1990)
Yan Zhai, Peng Ning, P. Iyer, D.S. Reeves, Reasoning about complementary intrusion evidence annual computer security applications conference. pp. 39- 48 ,(2004) , 10.1109/CSAC.2004.29
C.R. Ramakrishnan, R. Sekar, Model-based analysis of configuration vulnerabilities Journal of Computer Security. ,vol. 10, pp. 189- 209 ,(2002) , 10.3233/JCS-2002-101-209
Lingyu Wang, Tania Islam, Tao Long, Anoop Singhal, Sushil Jajodia, An Attack Graph-Based Probabilistic Security Metric Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security. ,vol. 5094, pp. 283- 296 ,(2008) , 10.1007/978-3-540-70567-3_22
S. Noel, E. Robertson, S. Jajodia, Correlating intrusion events and building attack scenarios through attack graph distances annual computer security applications conference. pp. 350- 359 ,(2004) , 10.1109/CSAC.2004.11
Gaspar Modelo-Howard, Saurabh Bagchi, Guy Lebanon, Determining Placement of Intrusion Detectors for a Distributed Application through Bayesian Network Modeling recent advances in intrusion detection. pp. 271- 290 ,(2008) , 10.1007/978-3-540-87403-4_15