{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,28]],"date-time":"2025-09-28T20:50:43Z","timestamp":1759092643222,"version":"3.40.3"},"publisher-location":"Berlin, Heidelberg","reference-count":31,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642224232"},{"type":"electronic","value":"9783642224249"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22424-9_2","type":"book-chapter","created":{"date-parts":[[2011,6,20]],"date-time":"2011-06-20T06:37:35Z","timestamp":1308551855000},"page":"17-34","source":"Crossref","is-referenced-by-count":15,"title":["Effective Network Vulnerability Assessment through Model Abstraction"],"prefix":"10.1007","author":[{"given":"Su","family":"Zhang","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xinming","family":"Ou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"Homer","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"2_CR1","doi-asserted-by":"crossref","unstructured":"Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of 9th ACM Conference on Computer and Communications Security, Washington, DC (November 2002)","DOI":"10.1145\/586110.586140"},{"key":"2_CR2","doi-asserted-by":"crossref","unstructured":"Dacier, M., Deswarte, Y., Ka\u00e2niche, M.: Models and tools for quantitative assessment of operational security. In: IFIP SEC (1996)","DOI":"10.1007\/978-1-5041-2919-0_15"},{"key":"2_CR3","doi-asserted-by":"crossref","unstructured":"Dawkins, J., Hale, J.: A systematic approach to multi-stage network attack analysis. In: Proceedings of Second IEEE International Information Assurance Workshop, pp. 48\u201356 (April 2004)","DOI":"10.1109\/IWIA.2004.1288037"},{"key":"2_CR4","doi-asserted-by":"crossref","unstructured":"Dewri, R., Poolsappasit, N., Ray, I., Whitley, D.: Optimal security hardening using multi-objective optimization on attack tree models of networks. In: 14th ACM Conference on Computer and Communications Security, CCS (2007)","DOI":"10.1145\/1315245.1315272"},{"key":"2_CR5","doi-asserted-by":"crossref","unstructured":"Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM Workshop on Quality of Protection (2008)","DOI":"10.1145\/1456362.1456368"},{"key":"2_CR6","unstructured":"Homer, J., Ou, X., Schmidt, D.: A sound and practical approach to quantifying security risk in enterprise networks. Technical report, Kansas State University (2009)"},{"key":"2_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1007\/978-3-540-85933-8_7","volume-title":"Visualization for Computer Security","author":"J. Homer","year":"2008","unstructured":"Homer, J., Varikuti, A., Ou, X., McQueen, M.A.: Improving attack graph visualization through data reduction and attack grouping. In: Goodall, J.R., Conti, G., Ma, K.-L. (eds.) VizSec 2008. LNCS, vol.\u00a05210, pp. 68\u201379. Springer, Heidelberg (2008)"},{"key":"2_CR8","doi-asserted-by":"crossref","unstructured":"Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: 22nd Annual Computer Security Applications Conference (ACSAC), Miami Beach, Florida (December 2006)","DOI":"10.1109\/ACSAC.2006.39"},{"key":"2_CR9","unstructured":"Jajodia, S., Noel Advanced, S.: cyber attack modeling analysis and visualization. Technical Report AFRL-RI-RS-TR-2010-078, Air Force Research Laboratory (March 2010)"},{"key":"2_CR10","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/0-387-24230-9_9","volume-title":"Managing Cyber Threats: Issues, Approaches and Challanges, Massive computing","author":"S. Jajodia","year":"2003","unstructured":"Jajodia, S., Noel, S., O\u2019Berry, B.: Topological analysis of network attack vulnerability. In: Kumar, V., Srivastava, J., Lazarevic, A. (eds.) Managing Cyber Threats: Issues, Approaches and Challanges, Massive computing, vol.\u00a05, pp. 247\u2013266. Springer, Heidelberg (2003)"},{"issue":"8","key":"2_CR11","doi-asserted-by":"publisher","first-page":"523","DOI":"10.1177\/0037549706072046","volume":"82","author":"W. Li","year":"2006","unstructured":"Li, W., Vaughn, R.B., Dandass, Y.S.: An approach to model network exploitations using exploitation graphs. SIMULATION\u00a082(8), 523\u2013541 (2006)","journal-title":"SIMULATION"},{"key":"2_CR12","doi-asserted-by":"crossref","unstructured":"Lippmann, R.P., Ingols, K.W.: An annotated review of past papers on attack graphs. Technical report, MIT Lincoln Laboratory (March 2005)","DOI":"10.21236\/ADA431826"},{"key":"2_CR13","unstructured":"Lippmann, R.P., Ingols, K.W., Scott, C., Piwowarski, K., Kratkiewicz, K., Artz, M., Cunningham, R.: Evaluating and strengthening enterprise network security using attack graphs. Technical Report ESC-TR-2005-064, MIT Lincoln Laboratory (October 2005)"},{"key":"2_CR14","unstructured":"Mell, P., Scarfone, K., Romanosky, S.: A Complete Guide to the Common Vulnerability Scoring System Version 2.0. In: Forum of Incident Response and Security Teams (FIRST) (June 2007)"},{"key":"2_CR15","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1145\/1029208.1029225","volume-title":"VizSEC\/DMSEC 2004: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security","author":"S. Noel","year":"2004","unstructured":"Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: VizSEC\/DMSEC 2004: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 109\u2013118. ACM Press, New York (2004)"},{"key":"2_CR16","unstructured":"Noel, S., Jajodia, S., Wang, L., Singhal, A.: Measuring security risk of networks using attack graphs. International Journal of Next-Generation Computing\u00a01(1) (July 2010)"},{"key":"2_CR17","doi-asserted-by":"crossref","unstructured":"Ortalo, R., Deswarte, Y., Ka\u00e2niche Experimenting, M.: with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering\u00a0 25(5) (1999)","DOI":"10.1109\/32.815323"},{"key":"2_CR18","doi-asserted-by":"crossref","unstructured":"Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: 13th ACM Conference on Computer and Communications Security (CCS), pp. 336\u2013345 (2006)","DOI":"10.1145\/1180405.1180446"},{"key":"2_CR19","unstructured":"Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium (2005)"},{"key":"2_CR20","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/310889.310919","volume-title":"NSPW 1998: Proceedings of the 1998 Workshop on New Security Paradigms","author":"C. Phillips","year":"1998","unstructured":"Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: NSPW 1998: Proceedings of the 1998 Workshop on New Security Paradigms, pp. 71\u201379. ACM Press, New York (1998)"},{"key":"2_CR21","doi-asserted-by":"crossref","unstructured":"Saha, D.: Extending logical attack graphs for efficient vulnerability analysis. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS (2008)","DOI":"10.1145\/1455770.1455780"},{"key":"2_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-540-88313-5_2","volume-title":"Computer Security - ESORICS 2008","author":"R.E. Sawilla","year":"2008","unstructured":"Sawilla, R.E., Ou, X.: Identifying critical attack assets in dependency attack graphs. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol.\u00a05283, pp. 18\u201334. Springer, Heidelberg (2008)"},{"key":"2_CR23","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 254\u2013265 (2002)","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"2_CR24","doi-asserted-by":"crossref","unstructured":"Swiler, L.P., Phillips, C., Ellis, D., Chakerian, S.: Computer-attack graph generation tool. In: DARPA Information Survivability Conference and Exposition (DISCEX II 2001), vol.\u00a02 (June 2001)","DOI":"10.1109\/DISCEX.2001.932182"},{"key":"2_CR25","doi-asserted-by":"publisher","first-page":"659","DOI":"10.1016\/j.cose.2010.02.002","volume":"29","author":"M. Ekstedt","year":"2010","unstructured":"Ekstedt, M., Sommestad, T., Johnson, P.: A probabilistic relational model for security risk analysis. Computer & Security\u00a029, 659\u2013679 (2010)","journal-title":"Computer & Security"},{"key":"2_CR26","unstructured":"Tidwell, T., Larson, R., Fitch, K., Hale, J.: Modeling Internet attacks. In: Proceedings of the 2001 IEEE Workshop on Information Assurance and Security, West Point, NY (June 2001)"},{"key":"2_CR27","doi-asserted-by":"crossref","unstructured":"Wang, L., Islam, T., Long, T., Singhal, A., Jajodia, S.: An attack graph-based probabilistic security metric. In: Proceedings of The 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, DBSEC 2008 (2008)","DOI":"10.1007\/978-3-540-70567-3_22"},{"key":"2_CR28","doi-asserted-by":"crossref","unstructured":"Wang, L., Singhal, A., Jajodia, S.: Measuring network security using attack graphs. In: Third Workshop on Quality of Protection, QoP (2007)","DOI":"10.1145\/1314257.1314273"},{"key":"2_CR29","doi-asserted-by":"crossref","unstructured":"Wang, L., Singhal, A., Jajodia, S.: Measuring the overall security of network configurations using attack graphs. In: Proceedings of 21th IFIP WG 11.3 Working Conference on Data and Applications Security, DBSEC 2007 (2007)","DOI":"10.1007\/978-3-540-73538-0_9"},{"key":"2_CR30","unstructured":"Williams, L., Lippmann, R., Ingols, K.: An interactive attack graph cascade and reachability display. In: IEEE Workshop on Visualization for Computer Security, VizSEC 2007 (2007)"},{"key":"2_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"138","DOI":"10.1007\/978-3-642-15512-3_8","volume-title":"Recent Advances in Intrusion Detection","author":"Y. Xu","year":"2010","unstructured":"Xu, Y., Bailey, M., Vander Weele, E., Jahanian, F.: CANVuS: Context-aware network vulnerability scanning. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol.\u00a06307, pp. 138\u2013157. Springer, Heidelberg (2010)"}],"container-title":["Lecture Notes in Computer Science","Detection of Intrusions and Malware, and Vulnerability Assessment"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22424-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,11,25]],"date-time":"2021-11-25T23:18:48Z","timestamp":1637882328000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22424-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642224232","9783642224249"],"references-count":31,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22424-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2011]]}}}