{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T04:10:13Z","timestamp":1749787813220,"version":"3.41.0"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319498058"},{"type":"electronic","value":"9783319498065"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-49806-5_14","type":"book-chapter","created":{"date-parts":[[2016,11,23]],"date-time":"2016-11-23T12:34:29Z","timestamp":1479904469000},"page":"263-282","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["Network Vulnerability Analysis Using a Constrained Graph Data Model"],"prefix":"10.1007","author":[{"given":"Mridul Sankar","family":"Barik","sequence":"first","affiliation":[]},{"given":"Chandan","family":"Mazumdar","sequence":"additional","affiliation":[]},{"given":"Amarnath","family":"Gupta","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,11,24]]},"reference":[{"key":"14_CR1","unstructured":"Asterixdb. https:\/\/asterixdb.ics.uci.edu\/ . Accessed 30 July 2016"},{"key":"14_CR2","unstructured":"Cypher query language. https:\/\/neo4j.com\/developer\/cypher-query-language\/ . Accessed 30 July 2016"},{"key":"14_CR3","unstructured":"Neo4j graph database. https:\/\/neo4j.com\/ . Accessed 30 July 2016"},{"key":"14_CR4","unstructured":"Property graph model. https:\/\/github.com\/tinkerpop\/blueprints\/wiki\/Property-Graph-Model . Accessed 30 July 2016"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, New York, pp. 217\u2013224. ACM (2002)","DOI":"10.1145\/586110.586140"},{"issue":"4","key":"14_CR6","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1145\/2389241.2389250","volume":"37","author":"P Barcel\u00f3","year":"2012","unstructured":"Barcel\u00f3, P., Libkin, L., Lin, A.W., Wood, P.T.: Expressive languages for path queries over graph-structured data. ACM Trans. Database Syst. (TODS) 37(4), 31 (2012)","journal-title":"ACM Trans. Database Syst. (TODS)"},{"key":"14_CR7","series-title":"Communications in Computer and Information Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/978-3-642-54525-2_22","volume-title":"Recent Trends in Computer Networks and Distributed Systems Security","author":"MS Barik","year":"2014","unstructured":"Barik, M.S., Mazumdar, C.: A graph data model for attack graph generation and analysis. In: Mart\u00ednez P\u00e9rez, G., Thampi, S.M., Ko, R., Shu, L. (eds.) SNDS 2014. CCIS, vol. 420, pp. 239\u2013250. Springer, Heidelberg (2014). doi: 10.1007\/978-3-642-54525-2_22"},{"key":"14_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/3-540-58618-0_72","volume-title":"Computer Security \u2014 ESORICS 94","author":"M Dacier","year":"1994","unstructured":"Dacier, M., Deswarte, Y.: Privilege graph: an extension to the typed access matrix model. In: Gollmann, D. (ed.) ESORICS 1994. LNCS, vol. 875, pp. 319\u2013334. Springer, Heidelberg (1994). doi: 10.1007\/3-540-58618-0_72"},{"key":"14_CR9","doi-asserted-by":"crossref","unstructured":"Ingols, K., Chu, M., Lippmann, R., Webster, S., Boyer, S.: Modeling modern network attacks and countermeasures using attack graphs. In: Computer Security Applications Conference, ACSAC 2009, Annual, pp. 117\u2013126, December 2009","DOI":"10.1109\/ACSAC.2009.21"},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: ACSAC 2006: Proceedings of the 22nd Annual Computer Security Applications Conference, Washington, DC, USA, pp. 121\u2013130. IEEE Computer Society (2006)","DOI":"10.1109\/ACSAC.2006.39"},{"key":"14_CR11","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/0-387-24230-9_9","volume-title":"Managing Cyber Threats","author":"S Jajodia","year":"2005","unstructured":"Jajodia, S., Noel, S., Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats, pp. 247\u2013266. Springer, New York (2005)"},{"key":"14_CR12","unstructured":"Jha, S., Sheyner, O., Wing, J.: Two formal analysis of attack graphs. In: CSFW 2002: Proceedings of the 15th IEEE Workshop on Computer Security Foundations, Washington, DC, USA, p. 49. IEEE Computer Society (2002)"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Lippmann, R., Ingols, K., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Validating and restoring defense in depth using attack graphs. In: Proceedings of the 2006 IEEE Conference on Military Communications, MILCOM 2006, Piscataway, NJ, USA, pp. 981\u2013990. IEEE Press (2006)","DOI":"10.1109\/MILCOM.2006.302434"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Liu, C., Singhal, A., Wijesekera, D.: Using attack graphs in forensic examinations. In: 2012 Seventh International Conference on Availability, Reliability and Security (ARES), pp. 596\u2013603, August 2012","DOI":"10.1109\/ARES.2012.58"},{"key":"14_CR15","unstructured":"Noel, S., Harley, E., Tam, K.H., Gyor, G.: Big-data architecture for cyber attack graphs: representing security relationships in nosql graph databases. In: 2015 IEEE International Symposium on Technologies for Homeland Security (HST), April 2015"},{"key":"14_CR16","doi-asserted-by":"crossref","unstructured":"Noel, S., Jajodia, S.: Metrics suite for network attack graph analytics. In: Proceedings of the 9th Annual Cyber and Information Security Research Conference, CISR 2014, New York, NY, USA, pp. 5\u20138. ACM (2014)","DOI":"10.1145\/2602087.2602117"},{"key":"14_CR17","doi-asserted-by":"crossref","unstructured":"Noel, S., Robertson, E., Jajodia, S.: Correlating intrusion events, building attack scenarios through attack graph distances. In: ACSAC 2004: Proceedings of the 20th Annual Computer Security Applications Conference, Washington, DC, USA, pp. 350\u2013359. IEEE Computer Society (2004)","DOI":"10.1109\/CSAC.2004.11"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: CCS 2006: Proceedings of the 13th ACM Conference on Computer and Communications Security, New York, NY, USA, pp. 336\u2013345. ACM (2006)","DOI":"10.1145\/1180405.1180446"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Pamula, J., Jajodia, S., Ammann, P., Swarup, V.: A weakest-adversary security metric for network configuration security analysis. In: QoP 2006: Proceedings of the 2nd ACM Workshop on Quality of Protection, New York, NY, USA, pp. 31\u201338. ACM (2006)","DOI":"10.1145\/1179494.1179502"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: NSPW 1998: Proceedings of the 1998 Workshop on New Security Paradigms, New York, NY, USA, pp. 71\u201379. ACM (1998)","DOI":"10.1145\/310889.310919"},{"key":"14_CR21","doi-asserted-by":"crossref","unstructured":"Ritchey, R.W., Ammann, P.: Using model checking to analyze network vulnerabilities. In: SP 2000: Proceedings of the 2000 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 156. IEEE Computer Society (2000)","DOI":"10.1109\/SECPRI.2000.848453"},{"key":"14_CR22","volume-title":"Secrets & Lies: Digital Security in a Networked World","author":"B Schneier","year":"2000","unstructured":"Schneier, B.: Secrets & Lies: Digital Security in a Networked World, 1st edn. John Wiley & Sons Inc., New York (2000)","edition":"1"},{"key":"14_CR23","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation, analysis of attack graphs. In: SP 2002: Proceedings of the 2002 IEEE Symposium on Security and Privacy, Washington, DC, USA, p. 273. IEEE Computer Society (2002)","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"14_CR24","doi-asserted-by":"crossref","unstructured":"Thalheim, B.: Extended entity-relationship model. In: Liu, L., Tamer \u00d6zsu, M. (eds.) Encyclopedia of Database Systems, pp. 1083\u20131091. Springer, New York (2009)","DOI":"10.1007\/978-0-387-39940-9_157"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Proceeedings of the 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, pp. 283\u2013296, Springer, Heidelberg (2008)","DOI":"10.1007\/978-3-540-70567-3_22"},{"issue":"1","key":"14_CR26","doi-asserted-by":"publisher","first-page":"30","DOI":"10.1109\/TDSC.2013.24","volume":"11","author":"L Wang","year":"2014","unstructured":"Wang, L., Jajodia, S., Singhal, A., Cheng, P., Noel, S.: k-zero day safety: a network security metric for measuring the risk of unknown vulnerabilities. IEEE Trans. Dependable Secure Comput. 11(1), 30\u201344 (2014)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"15","key":"14_CR27","doi-asserted-by":"publisher","first-page":"2917","DOI":"10.1016\/j.comcom.2006.04.001","volume":"29","author":"L Wang","year":"2006","unstructured":"Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. Comput. Commun. 29(15), 2917\u20132933 (2006)","journal-title":"Comput. Commun."},{"issue":"18","key":"14_CR28","doi-asserted-by":"publisher","first-page":"3812","DOI":"10.1016\/j.comcom.2006.06.018","volume":"29","author":"L Wang","year":"2006","unstructured":"Wang, L., Noel, S., Jajodia, S.: Minimum-cost network hardening using attack graphs. Comput. Commun. 29(18), 3812\u20133824 (2006)","journal-title":"Comput. Commun."},{"key":"14_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"119","DOI":"10.1007\/11805588_9","volume-title":"Data and Applications Security XX","author":"L Wang","year":"2006","unstructured":"Wang, L., Yao, C., Singhal, A., Jajodia, S.: Interactive analysis of attack graphs using relational queries. In: Damiani, E., Liu, P. (eds.) DBSec 2006. LNCS, vol. 4127, pp. 119\u2013132. Springer, Heidelberg (2006). doi: 10.1007\/11805588_9"},{"issue":"4","key":"14_CR30","doi-asserted-by":"publisher","first-page":"419","DOI":"10.3233\/JCS-2008-0327","volume":"16","author":"L Wang","year":"2008","unstructured":"Wang, L., Yao, C., Singhal, A., Jajodia, S.: Implementing interactive analysis of attack graphs using relational databases. J. Comput. Secur. 16(4), 419\u2013437 (2008)","journal-title":"J. Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Information Systems Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-49806-5_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,12]],"date-time":"2025-06-12T20:41:55Z","timestamp":1749760915000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-49806-5_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319498058","9783319498065"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-49806-5_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"24 November 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Systems Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Jaipur","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 December 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 December 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"iciss2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/iciss16.mnit.ac.in\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}