{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T04:56:23Z","timestamp":1773204983442,"version":"3.50.1"},"publisher-location":"Boston, MA","reference-count":15,"publisher":"Springer US","isbn-type":[{"value":"9780387290164","type":"print"},{"value":"9780387365848","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-36584-8_5","type":"book-chapter","created":{"date-parts":[[2008,5,5]],"date-time":"2008-05-05T22:11:39Z","timestamp":1210025499000},"page":"49-64","source":"Crossref","is-referenced-by-count":64,"title":["Time-to-Compromise Model for Cyber Risk Reduction Estimation"],"prefix":"10.1007","author":[{"given":"Miles A.","family":"McQueen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wayne F.","family":"Boyer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mark A.","family":"Flynn","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"George A.","family":"Beitel","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"5_CR1","unstructured":"Browne, H. K., McHugh, J., Arbaugh, W.A. and Fithen, W.L., \u201cA trend Analysis of Exploitations,\u201d technical report CS-TR-4200, University of Maryland and Software Engineering Institute, November 2002."},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Cohen, F., \u201cManaging Network Security The Millisecond Fantasy,\u201d http:\/\/all.net\/journal\/netsec\/1999-2003.html , 2003.","DOI":"10.1016\/S1353-4858(00)80022-7"},{"key":"5_CR3","unstructured":"Evans, M., Hastings, N. and Peacock, B., \u201cStatistical Distributions,\u201d Second Edition, 1993."},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Jonsson, E., \u201cA Quantitative Model of the Security Intrusion Process Based on Attacker Behavior,\u201d IEEE Transactions on Software Engineering, Vol 23 No 4, April 1997.","DOI":"10.1109\/32.588541"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Rescorla, E., \u201cIs Finding Security Holes a Good Idea,\u201d IEEE Security & Privacy, January\u2013February 2005.","DOI":"10.1109\/MSP.2005.17"},{"key":"5_CR6","volume":"VI","year":"2004","unstructured":"Turner, D., ed., \u201cSymantec Internet Security Threat Report,\u201d Volume VI, September, 2004, http:\/\/enterprisesecurity.symantec.com\/content.cfm?articleid-1539 , 2004.","journal-title":"Symantec Internet Security Threat Report"},{"key":"5_CR7","unstructured":"Byres, E. J., Franz, M. and Miller, D., \u201cThe Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems\u201d, International Infrastructure Survivability Workshop (IISW \u201804, IEEE, Lisbon, Portugal, December 4, 2004"},{"key":"5_CR8","volume-title":"Expected Losses, Insurability, and Benefits from Reducing Vulnerability to Attacks","author":"R. E. Carlson","year":"2004","unstructured":"Carlson, R. E., Turnquist, M. A. and Nozick, L. K., Expected Losses, Insurability, and Benefits from Reducing Vulnerability to Attacks, SAND2004-0742, Sandia National Laboratories, Albuquerque, New Mexico, 2004."},{"key":"5_CR9","first-page":"179","volume-title":"Information Systems Security","author":"M. Dacier","year":"1996","unstructured":"Dacier, M., Deswarte, Y. and Kaaniche, M., \u201cQuantitative Assessment of Operational Security: Models and Tools\u201d Information Systems Security, ed. by S. K. Katsikas and D. Gritzalis, London, Chapman & Hall, p. 179\u201386, 1996."},{"key":"5_CR10","unstructured":"Haimes, Yacov Y., \u201cAccident Precursors, Terrorist Attacks, and Systems Engineering,\u201d Presented at the NAE Workshop, 2003."},{"key":"5_CR11","unstructured":"Madan, B.B., Go\u0161eva-Popstojavova, K., Vaidyanathan, K. and Trivedi, K. S., \u201cModeling and Quantification of Security Attributes of Software Systems,\u201d International Conference on Dependable Systems and Networks, Washington, DC,, 2002."},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Major, J. A., \u201cAdvanced Techniques for Modeling Terrorism Risk,\u201d Journal of Risk Finance, Fall 2002.","DOI":"10.1108\/eb022950"},{"key":"5_CR13","unstructured":"McQueen, M. A., Boyer, W. F., Flynn, M. A. and Beitel, G. A., \u201cQuantitative Cyber Risk Reduction Estimation for a SCADA Control System\u201d, INL\/EXT-05-00319, Idaho National Laboratory, CSSC Report, prepared for U.S. Department of Homeland Security, May 17, 2005."},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R. and Wing, J. M., \u201cAutomated Generation and Analysis of Attack Graphs,\u201d Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, Berkeley, California, May 2002, 273\u2013284.","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"5_CR15","unstructured":"Taylor C, Krings, A. and Alves-Foss, J., \u201cRisk Analysis and Probabilistic Survivability Assessment (RAPSA): An Assessment Approach for Power Substation Hardening,\u201d Proc. ACM Workshop on Scientific Aspects of Cyber Terrorism, (SACT), Washington DC, November 21, 2002."}],"container-title":["Advances in Information Security","Quality of Protection"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-36584-8_5.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,28]],"date-time":"2021-04-28T01:57:07Z","timestamp":1619575027000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-36584-8_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387290164","9780387365848"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-36584-8_5","relation":{},"subject":[]}}