{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T16:14:37Z","timestamp":1774541677407,"version":"3.50.1"},"publisher-location":"Cham","reference-count":40,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319112114","type":"print"},{"value":"9783319112121","type":"electronic"}],"license":[{"start":{"date-parts":[[2014,1,1]],"date-time":"2014-01-01T00:00:00Z","timestamp":1388534400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2014]]},"DOI":"10.1007\/978-3-319-11212-1_28","type":"book-chapter","created":{"date-parts":[[2014,8,14]],"date-time":"2014-08-14T16:36:45Z","timestamp":1408034205000},"page":"494-511","source":"Crossref","is-referenced-by-count":32,"title":["Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks"],"prefix":"10.1007","author":[{"given":"Lingyu","family":"Wang","sequence":"first","affiliation":[]},{"given":"Mengyuan","family":"Zhang","sequence":"additional","affiliation":[]},{"given":"Sushil","family":"Jajodia","sequence":"additional","affiliation":[]},{"given":"Anoop","family":"Singhal","sequence":"additional","affiliation":[]},{"given":"Massimiliano","family":"Albanese","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"28_CR1","unstructured":"Falliere, N., Murchu, L.O., Chien, E.: W32.stuxnet dossier. Symantec Security Response (2011)"},{"key":"28_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-540-30108-0_26","volume-title":"Computer Security \u2013 ESORICS 2004","author":"B. Littlewood","year":"2004","unstructured":"Littlewood, B., Strigini, L.: Redundancy and diversity in security. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol.\u00a03193, pp. 423\u2013438. Springer, Heidelberg (2004)"},{"key":"28_CR3","unstructured":"Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: A secretless framework for security through diversity. Defense Technical Information Center (2006)"},{"key":"28_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11856214_2","volume-title":"Recent Advances in Intrusion Detection","author":"D. Gao","year":"2006","unstructured":"Gao, D., Reiter, M.K., Song, D.: Behavioral distance measurement using hidden markov models. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol.\u00a04219, pp. 19\u201340. Springer, Heidelberg (2006)"},{"key":"28_CR5","unstructured":"Chun, B., Maniatis, P., Shenker, S.: Diverse replication for single-machine byzantine-fault tolerance. In: USENIX Annual Technical Conference, pp. 287\u2013292 (2008)"},{"key":"28_CR6","doi-asserted-by":"crossref","unstructured":"Garcia, M., Bessani, A., Gashi, I., Neves, N., Obelheiro, R.: OS diversity for intrusion tolerance: Myth or reality? In: 2011 IEEE\/IFIP 41st International Conference on Dependable Systems & Networks (DSN), pp. 383\u2013394 (2011)","DOI":"10.1109\/DSN.2011.5958251"},{"key":"28_CR7","unstructured":"Bhatkar, S., DuVarney, D., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, Washington, DC, vol.\u00a0120 (2003)"},{"key":"28_CR8","unstructured":"Team, T.P.: PaX address space layout randomization, \n                  \n                    http:\/\/pax.grsecurity.net\/"},{"key":"28_CR9","doi-asserted-by":"crossref","unstructured":"Kc, G., Keromytis, A., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 272\u2013280. ACM (2003)","DOI":"10.1145\/948109.948146"},{"key":"28_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-70542-0_1","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S. Bhatkar","year":"2008","unstructured":"Bhatkar, S., Sekar, R.: Data space randomization. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol.\u00a05137, pp. 1\u201322. Springer, Heidelberg (2008)"},{"key":"28_CR11","doi-asserted-by":"crossref","unstructured":"Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1st edn. Springer (2011)","DOI":"10.1007\/978-1-4614-0977-9"},{"key":"28_CR12","doi-asserted-by":"crossref","unstructured":"Yang, Y., Zhu, S., Cao, G.: Improving sensor network immunity under worm attacks: a software diversity approach. In: Proceedings of the 9th ACM International Symposium on Mobile ad hoc Networking and Computing, pp. 149\u2013158. ACM (2008)","DOI":"10.1145\/1374618.1374640"},{"key":"28_CR13","unstructured":"Caballero, J., Kampouris, T., Song, D., Wang, J.: Would diversity really increase the robustness of the routing infrastructure against software defects? In: Proceedings of the Network and Distributed System Security Symposium (2008)"},{"key":"28_CR14","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4899-7214-9","volume-title":"The ecology of invasion by animals and plants","author":"C. Elton","year":"1958","unstructured":"Elton, C.: The ecology of invasion by animals and plants. University of Chicago Press, Chicago (1958)"},{"key":"28_CR15","volume-title":"Ecological diversity","author":"E. Pielou","year":"1975","unstructured":"Pielou, E.: Ecological diversity. Wiley, New York (1975)"},{"issue":"2","key":"28_CR16","doi-asserted-by":"publisher","first-page":"427","DOI":"10.2307\/1934352","volume":"54","author":"M. Hill","year":"1973","unstructured":"Hill, M.: Diversity and evenness: a unifying notation and its consequences. Ecology\u00a054(2), 427\u2013432 (1973)","journal-title":"Ecology"},{"issue":"3","key":"28_CR17","doi-asserted-by":"publisher","first-page":"477","DOI":"10.1890\/10-2402.1","volume":"93","author":"T. Leinster","year":"2012","unstructured":"Leinster, T., Cobbold, C.: Measuring diversity: the importance of species similarity. Ecology\u00a093(3), 477\u2013489 (2012)","journal-title":"Ecology"},{"key":"28_CR18","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (2002)"},{"key":"28_CR19","doi-asserted-by":"crossref","unstructured":"Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of ACM CCS 2002 (2002)","DOI":"10.1145\/586139.586140"},{"key":"28_CR20","doi-asserted-by":"crossref","unstructured":"Albanese, M., Jajodia, S., Noel, S.: A time-efficient approach to cost-effective network hardening using attack graphs. In: Proceedings of the 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN 2012), pp. 1\u201312 (2012)","DOI":"10.1109\/DSN.2012.6263942"},{"key":"28_CR21","volume-title":"Computers and intractability: A guide to the theory of NP-Completeness","author":"M. Garey","year":"1979","unstructured":"Garey, M., Johnson, D.: Computers and intractability: A guide to the theory of NP-Completeness. W.H. Freeman, San Francisco (1979)"},{"key":"28_CR22","unstructured":"Yuan, S., Varma, S., Jue, J.: Minimum-color path problems for reliability in mesh networks. In: 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), pp. 2658\u20132669 (2005)"},{"key":"28_CR23","doi-asserted-by":"crossref","unstructured":"Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic bayesian network. In: Proceedings of 4th ACM QoP (2008)","DOI":"10.1145\/1456362.1456368"},{"issue":"6","key":"28_CR24","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1109\/MSP.2006.145","volume":"4","author":"P. Mell","year":"2006","unstructured":"Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy\u00a04(6), 85\u201389 (2006)","journal-title":"IEEE Security & Privacy"},{"key":"28_CR25","unstructured":"National vulnerability database, \n                  \n                    http:\/\/www.nvd.org\n                  \n                  \n                 (May 9, 2008)"},{"key":"28_CR26","unstructured":"Gaitanis, K., Cohen, E.: Open bayes 0.1.0 (2013), \n                  \n                    https:\/\/pypi.python.org\/pypi\/OpenBayes"},{"key":"28_CR27","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/TDSC.2010.61","volume":"9","author":"N. Idika","year":"2012","unstructured":"Idika, N., Bhargava, B.: Extending attack graph-based security metrics and aggregating their application. IEEE Transactions on Dependable and Secure Computing\u00a09, 75\u201385 (2012)","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"28_CR28","doi-asserted-by":"crossref","unstructured":"Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Proceedings of 3rd ACM QoP (2007)","DOI":"10.1145\/1314257.1314273"},{"issue":"3","key":"28_CR29","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1109\/TSE.2010.60","volume":"37","author":"P. Manadhata","year":"2011","unstructured":"Manadhata, P., Wing, J.: An attack surface metric. IEEE Trans. Softw. Eng.\u00a037(3), 371\u2013386 (2011)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"28_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"573","DOI":"10.1007\/978-3-642-15497-3_35","volume-title":"Computer Security \u2013 ESORICS 2010","author":"L. Wang","year":"2010","unstructured":"Wang, L., Jajodia, S., Singhal, A., Noel, S.: k-zero day safety: Measuring the security risk of networks against unknown attacks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol.\u00a06345, pp. 573\u2013587. Springer, Heidelberg (2010)"},{"issue":"1","key":"28_CR31","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/TDSC.2013.24","volume":"11","author":"L. Wang","year":"2013","unstructured":"Wang, L., Jajodia, S., Singhal, A., Cheng, P., Noel, S.: k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities. IEEE Transactions on Dependable and Secure Computing\u00a011(1), 30\u201344 (2013)","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"28_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-540-73538-0_9","volume-title":"Data and Applications Security XXI","author":"L. Wang","year":"2007","unstructured":"Wang, L., Singhal, A., Jajodia, S.: Measuring the overall security of network configurations using attack graphs. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol.\u00a04602, pp. 98\u2013112. Springer, Heidelberg (2007)"},{"issue":"6","key":"28_CR33","doi-asserted-by":"publisher","first-page":"825","DOI":"10.1109\/TDSC.2012.66","volume":"9","author":"H. Holm","year":"2012","unstructured":"Holm, H., Ekstedt, M., Andersson, D.: Empirical analysis of system-level vulnerability metrics through actual attacks. IEEE Trans. Dependable Secur. Comput.\u00a09(6), 825\u2013837 (2012)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"28_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"626","DOI":"10.1007\/978-3-642-15497-3_38","volume-title":"Computer Security \u2013 ESORICS 2010","author":"N. Kheir","year":"2010","unstructured":"Kheir, N., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: A service dependency model for cost-sensitive intrusion response. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol.\u00a06345, pp. 626\u2013642. Springer, Heidelberg (2010)"},{"key":"28_CR35","unstructured":"Avizienis, A., Chen, L.: On the implementation of n-version programming for software fault tolerance during execution. In: Proc. IEEE COMPSAC., vol.\u00a077, pp. 149\u2013155 (1977)"},{"issue":"5","key":"28_CR36","doi-asserted-by":"publisher","first-page":"498","DOI":"10.1109\/TC.2002.1004589","volume":"51","author":"S. Mitra","year":"2002","unstructured":"Mitra, S., Saxena, N., McCluskey, E.: A design diversity metric and analysis of redundant systems. IEEE Trans. Comput.\u00a051(5), 498\u2013510 (2002)","journal-title":"IEEE Trans. Comput."},{"issue":"2","key":"28_CR37","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1145\/384192.384195","volume":"33","author":"B. Littlewood","year":"2001","unstructured":"Littlewood, B., Popov, P., Strigini, L.: Modeling software design diversity: A review. ACM Comput. Surv.\u00a033(2), 177\u2013208 (2001)","journal-title":"ACM Comput. Surv."},{"key":"28_CR38","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1145\/1146269.1146277","volume-title":"Proceedings of the 2005 Workshop on New Security Paradigms, NSPW 2005","author":"R. Maxion","year":"2005","unstructured":"Maxion, R.: Use of diversity as a defense mechanism. In: Proceedings of the 2005 Workshop on New Security Paradigms, NSPW 2005, pp. 21\u201322. ACM, New York (2005)"},{"issue":"1","key":"28_CR39","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1109\/TDSC.2008.1","volume":"6","author":"A. Sa\u00efdane","year":"2009","unstructured":"Sa\u00efdane, A., Nicomette, V., Deswarte, Y.: The design of a generic intrusion-tolerant architecture for web servers. IEEE Trans. Dependable Sec. Comput.\u00a06(1), 45\u201358 (2009)","journal-title":"IEEE Trans. Dependable Sec. Comput."},{"key":"28_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/11663812_3","volume-title":"Recent Advances in Intrusion Detection","author":"E. Totel","year":"2006","unstructured":"Totel, E., Majorczyk, F., M\u00e9, L.: Cots diversity based intrusion detection and application to web servers. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol.\u00a03858, pp. 43\u201362. Springer, Heidelberg (2006)"}],"container-title":["Lecture Notes in Computer Science","Computer Security - ESORICS 2014"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-11212-1_28","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,22]],"date-time":"2019-09-22T20:03:40Z","timestamp":1569182620000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-11212-1_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014]]},"ISBN":["9783319112114","9783319112121"],"references-count":40,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-11212-1_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014]]}}}