{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,5]],"date-time":"2025-05-05T07:44:42Z","timestamp":1746431082486},"publisher-location":"Cham","reference-count":25,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319600796"},{"type":"electronic","value":"9783319600802"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-60080-2_18","type":"book-chapter","created":{"date-parts":[[2017,6,1]],"date-time":"2017-06-01T14:40:06Z","timestamp":1496328006000},"page":"234-249","source":"Crossref","is-referenced-by-count":4,"title":["Scalable Attack Path Finding for Increased Security"],"prefix":"10.1007","author":[{"given":"Tom","family":"Gonda","sequence":"first","affiliation":[]},{"given":"Rami","family":"Puzis","sequence":"additional","affiliation":[]},{"given":"Bracha","family":"Shapira","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,6,2]]},"reference":[{"issue":"12","key":"18_CR1","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/S1353-4858(12)70111-3","volume":"2012","author":"B Morrow","year":"2012","unstructured":"Morrow, B.: Byod security challenges: control and protect your most sensitive data. Netw. Secur. 2012(12), 5\u20138 (2012)","journal-title":"Netw. Secur."},{"key":"18_CR2","doi-asserted-by":"crossref","unstructured":"Zhang, S., Zhang, X., Ou, X.: After we knew it: empirical study and modeling of cost-effectiveness of exploiting prevalent known vulnerabilities across IaaS cloud. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 317\u2013328. ACM (2014)","DOI":"10.1145\/2590296.2590300"},{"issue":"2","key":"18_CR3","first-page":"1","volume":"3","author":"A Shostack","year":"2003","unstructured":"Shostack, A.: Quantifying patch management. Secure Bus. Q. 3(2), 1\u20134 (2003)","journal-title":"Secure Bus. Q."},{"key":"18_CR4","doi-asserted-by":"crossref","unstructured":"Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 217\u2013224. ACM (2002)","DOI":"10.1145\/586110.586140"},{"key":"18_CR5","unstructured":"Sheyner, O.M.: Scenario graphs and attack graphs. Ph.D. thesis, US Air Force Research Laboratory (2004)"},{"key":"18_CR6","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: a logic-based network security analyzer. In: USENIX Security (2005)"},{"key":"18_CR7","unstructured":"Roberts, M., Howe, A., Ray, I., Urbanska, M., Byrne, Z.S., Weidert, J.M.: Personalized vulnerability analysis through automated planning. In: Working Notes of IJCAI 2011, Workshop Security and Artificial Intelligence (SecArt 2011), vol. 4 (2011)"},{"key":"18_CR8","unstructured":"Sarraute, C.: New algorithms for attack planning. In: FRHACK Conference, Besan\u00e7on, France (2009)"},{"key":"18_CR9","unstructured":"Ghosh, N., Ghosh, S.: An intelligent technique for generating minimal attack graph. In: First Workshop on Intelligent Security on Security and Artificial Intelligence (SecArt 2009). Citeseer (2009)"},{"issue":"1","key":"18_CR10","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9(1), 61\u201374 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"18_CR11","doi-asserted-by":"crossref","unstructured":"Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: 22nd Annual Conference on Computer Security Applications Conference, ACSAC 2006, pp. 121\u2013130. IEEE (2006)","DOI":"10.1109\/ACSAC.2006.39"},{"key":"18_CR12","doi-asserted-by":"crossref","unstructured":"Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 336\u2013345. ACM (2006)","DOI":"10.1145\/1180405.1180446"},{"key":"18_CR13","unstructured":"Beale, J., Deraison, R., Meer, H., Temmingh, R., Walt, C.V.D.: Nessus Network Auditing. Syngress Publishing, Rockland (2004)"},{"key":"18_CR14","unstructured":"OpenVAS Developers: The Open Vulnerability Assessment System (OpenVAS) (2012)"},{"key":"18_CR15","doi-asserted-by":"crossref","first-page":"291","DOI":"10.1613\/jair.1144","volume":"20","author":"J Hoffmann","year":"2003","unstructured":"Hoffmann, J.: The Metric-FF planning system: translating \u201cignoring delete lists\u201d to numeric state variables. J. Artif. Intell. Res. 20, 291\u2013341 (2003)","journal-title":"J. Artif. Intell. Res."},{"key":"18_CR16","unstructured":"Obes, J.L., Sarraute, C., Richarte, G.: Attack planning in the real world. arXiv preprint arXiv:1306.4044 (2013)"},{"key":"18_CR17","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1613\/jair.1918","volume":"26","author":"Y Chen","year":"2006","unstructured":"Chen, Y., Wah, B.W., Hsu, C.W.: Temporal planning using subgoal partitioning and resolution in SGPlan. J. Artif. Intell. Res. 26, 323\u2013369 (2006)","journal-title":"J. Artif. Intell. Res."},{"key":"18_CR18","doi-asserted-by":"crossref","unstructured":"Albanese, M., Jajodia, S., Noel, S.: Time-efficient and cost-effective network hardening using attack graphs. In: 2012 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 1\u201312. IEEE (2012)","DOI":"10.1109\/DSN.2012.6263942"},{"key":"18_CR19","doi-asserted-by":"crossref","unstructured":"Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109\u2013118. ACM (2004)","DOI":"10.1145\/1029208.1029225"},{"key":"18_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1007\/978-3-540-85933-8_7","volume-title":"Visualization for Computer Security","author":"J Homer","year":"2008","unstructured":"Homer, J., Varikuti, A., Ou, X., McQueen, M.A.: Improving attack graph visualization through data reduction and attack grouping. In: Goodall, J.R., Conti, G., Ma, K.-L. (eds.) VizSec 2008. LNCS, vol. 5210, pp. 68\u201379. Springer, Heidelberg (2008). doi: 10.1007\/978-3-540-85933-8_7"},{"key":"18_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/978-3-642-22424-9_2","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"S Zhang","year":"2011","unstructured":"Zhang, S., Ou, X., Homer, J.: Effective network vulnerability assessment through model abstraction. In: Holz, T., Bos, H. (eds.) DIMVA 2011. LNCS, vol. 6739, pp. 17\u201334. Springer, Heidelberg (2011). doi: 10.1007\/978-3-642-22424-9_2"},{"key":"18_CR22","unstructured":"Homer, J., Ou, X., Schmidt, D.: A sound and practical approach to quantifying security risk in enterprise networks. Kansas State University Technical Report, pp. 1\u201315 (2009)"},{"key":"18_CR23","unstructured":"CVSS: A complete guide to the common vulnerability scoring system (2007)"},{"key":"18_CR24","unstructured":"Shmaryahu, D.: Constructing plan trees for simulated penetration testing. In: The 26th International Conference on Automated Planning and Scheduling, vol. 121 (2016)"},{"key":"18_CR25","doi-asserted-by":"crossref","unstructured":"Hoffmann, J.: Simulated penetration testing: from \u201cDijkstra\u201d to \u201cturing test++\u201d. In: ICAPS, pp. 364\u2013372 (2015)","DOI":"10.1609\/icaps.v25i1.13684"}],"container-title":["Lecture Notes in Computer Science","Cyber Security Cryptography and Machine Learning"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-60080-2_18","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,23]],"date-time":"2023-08-23T21:32:12Z","timestamp":1692826332000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-60080-2_18"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319600796","9783319600802"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-60080-2_18","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]}}}