{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T10:10:02Z","timestamp":1748686202411,"version":"3.41.0"},"reference-count":38,"publisher":"Oxford University Press (OUP)","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["J Cyber Secur"],"DOI":"10.1093\/cybsec\/tyv002","type":"journal-article","created":{"date-parts":[[2015,11,6]],"date-time":"2015-11-06T03:19:14Z","timestamp":1446779954000},"page":"tyv002","source":"Crossref","is-referenced-by-count":3,"title":["Optimizing time allocation for network defence"],"prefix":"10.1093","author":[{"given":"Tristan","family":"Caulfield","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andrew","family":"Fielder","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"286","published-online":{"date-parts":[[2015,11,5]]},"reference":[{"key":"2016010804073695000_tyv002v1.1","unstructured":"Schneier B . Managed security monitoring: closing the window of exposure, 2000."},{"key":"2016010804073695000_tyv002v1.2","doi-asserted-by":"crossref","unstructured":"Frei S May M Fiedler U . Large-scale vulnerability analysis. In: Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense. ACM, 2006, 131\u20138.","DOI":"10.1145\/1162666.1162671"},{"key":"2016010804073695000_tyv002v1.3","doi-asserted-by":"crossref","unstructured":"Beres Y Griffin J Shiu S . Analysing the performance of security solutions to reduce vulnerability exposure window. In: Computer Security Applications Conference, 2008. ACSAC 2008. Annual. IEEE, 2008, 33\u201342.","DOI":"10.1109\/ACSAC.2008.42"},{"key":"2016010804073695000_tyv002v1.4","doi-asserted-by":"publisher","DOI":"10.1016\/j.ejor.2011.05.050"},{"key":"2016010804073695000_tyv002v1.5","doi-asserted-by":"crossref","unstructured":"Arora A Telang R Xu H . Optimal policy for software vulnerability disclosure, arbeitsbericht der h. john heinz iii school of public policy and management, 2004.","DOI":"10.2139\/ssrn.669023"},{"key":"2016010804073695000_tyv002v1.6","doi-asserted-by":"publisher","DOI":"10.1016\/j.infoecopol.2009.10.002"},{"key":"2016010804073695000_tyv002v1.7","doi-asserted-by":"publisher","DOI":"10.1287\/isre.1080.0226"},{"key":"2016010804073695000_tyv002v1.8","unstructured":"Dacier M Deswarte Y Ka\u00e2niche M . Quantitative assessment of operational security: Models and tools. In: Katsikas SK Gritzalis D. (eds), Information Systems Security. London: Chapman & Hall, 1996, 179\u201386."},{"key":"2016010804073695000_tyv002v1.9","doi-asserted-by":"publisher","DOI":"10.1109\/32.815323"},{"key":"2016010804073695000_tyv002v1.10","doi-asserted-by":"crossref","unstructured":"Phillips C Swiler LP . A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 Workshop on New Security Paradigms. ACM, 1998, 71\u201379.","DOI":"10.1145\/310889.310919"},{"key":"2016010804073695000_tyv002v1.11","doi-asserted-by":"crossref","unstructured":"Moskowitz IS Kang MH . An insecurity flow model. In: Proceedings of the 1997 Workshop on New Security Paradigms. ACM, 1998, 61\u201374.","DOI":"10.1145\/283699.283741"},{"key":"2016010804073695000_tyv002v1.12","doi-asserted-by":"crossref","unstructured":"Dawkins J Hale J . A systematic approach to multi-stage network attack analysis. In: Information Assurance Workshop, 2004. Second IEEE International. IEEE, 2004, 48\u201356.","DOI":"10.1109\/IWIA.2004.1288037"},{"key":"2016010804073695000_tyv002v1.13","doi-asserted-by":"crossref","unstructured":"Frigault M Wang L Singhal A . Measuring network security using dynamic Bayesian network. In: Proceedings of the 4th ACM Workshop on Quality of Protection. ACM, 2008, 23\u201330.","DOI":"10.1145\/1456362.1456368"},{"key":"2016010804073695000_tyv002v1.14","doi-asserted-by":"crossref","unstructured":"Ray I Poolsapassit N . Using attack trees to identify malicious attacks from authorized insiders. In: Computer Security\u2013ESORICS 2005. Springer, 2005, 231\u201346.","DOI":"10.1007\/11555827_14"},{"key":"2016010804073695000_tyv002v1.15","doi-asserted-by":"crossref","unstructured":"Saha D . Extending logical attack graphs for efficient vulnerability analysis. In: Proceedings of the 15th ACM Conference on Computer and Communications Security. ACM, 2008, 63\u201374.","DOI":"10.1145\/1455770.1455780"},{"key":"2016010804073695000_tyv002v1.16","doi-asserted-by":"crossref","unstructured":"Wang L Singhal A Jajodia S . Measuring the overall security of network configurations using attack graphs. In: Data and Applications Security XXI. Springer, 2007, 98\u2013112.","DOI":"10.1007\/978-3-540-73538-0_9"},{"key":"2016010804073695000_tyv002v1.17","doi-asserted-by":"publisher","DOI":"10.1109\/MITP.2004.89"},{"key":"2016010804073695000_tyv002v1.18","doi-asserted-by":"crossref","unstructured":"Butler SA . Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th International Conference on Software Engineering. ACM, 2002, 232\u201340.","DOI":"10.1145\/581339.581370"},{"key":"2016010804073695000_tyv002v1.19","doi-asserted-by":"crossref","unstructured":"Noel S Jajodia S O\u2019Berry B . Efficient minimum-cost network hardening via exploit dependency graphs. In: Computer Security Applications Conference, 2003. 19th Annual. IEEE, 2003, 86\u201395.","DOI":"10.1109\/CSAC.2003.1254313"},{"key":"2016010804073695000_tyv002v1.20","unstructured":"Butler SA Fischbeck P . Multi-attribute risk assessment. In: Symposium on Requirements Engineering for Information Security, 2002."},{"key":"2016010804073695000_tyv002v1.21","doi-asserted-by":"publisher","DOI":"10.1007\/s10922-008-9109-x"},{"key":"2016010804073695000_tyv002v1.22","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.06.018"},{"key":"2016010804073695000_tyv002v1.23","doi-asserted-by":"crossref","unstructured":"Dantu R Loper K Kolan P . Risk management using behavior based attack graphs. In: Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on, Vol. 1. IEEE, 2004, 445\u20139.","DOI":"10.1109\/ITCC.2004.1286496"},{"key":"2016010804073695000_tyv002v1.24","doi-asserted-by":"crossref","unstructured":"Dantu R Kolan P Akl R . Classification of attributes and behavior in risk management using bayesian networks. In: Intelligence and Security Informatics, 2007 IEEE. IEEE, 2007, 71\u201374.","DOI":"10.1109\/ISI.2007.379536"},{"key":"2016010804073695000_tyv002v1.25","doi-asserted-by":"publisher","DOI":"10.1002\/sec.58"},{"key":"2016010804073695000_tyv002v1.26","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2006.04.001"},{"key":"2016010804073695000_tyv002v1.27","doi-asserted-by":"crossref","unstructured":"Xie P Li JH Ou X . Using bayesian networks for cyber security analysis. In: Dependable Systems and Networks (DSN), 2010 IEEE\/IFIP International Conference IEEE, 2010, 211\u201320.","DOI":"10.1109\/DSN.2010.5544924"},{"key":"2016010804073695000_tyv002v1.28","doi-asserted-by":"crossref","unstructured":"Liu Y Man H . Network vulnerability assessment using bayesian networks. In: Defense and Security. International Society for Optics and Photonics, 2005, 61\u201371.","DOI":"10.1117\/12.604240"},{"key":"2016010804073695000_tyv002v1.29","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.34"},{"key":"2016010804073695000_tyv002v1.30","doi-asserted-by":"crossref","unstructured":"Dewri R Poolsappasit N Ray I . Optimal security hardening using multi-objective optimization on attack tree models of networks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM, 2007, 204\u201313.","DOI":"10.1145\/1315245.1315272"},{"key":"2016010804073695000_tyv002v1.31","doi-asserted-by":"crossref","unstructured":"Moore AP Ellison RJ Linger RC . Attack modeling for information security and survivability. Technical report, DTIC Document, 2001.","DOI":"10.21236\/ADA387544"},{"key":"2016010804073695000_tyv002v1.32","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-004-0060-x"},{"key":"2016010804073695000_tyv002v1.33","doi-asserted-by":"crossref","unstructured":"Fielder A Panaousis E Malacaria P . Game theory meets information security management. In: ICT Systems Security and Privacy Protection. Springer, 2014, 15\u201329.","DOI":"10.1007\/978-3-642-55415-5_2"},{"key":"2016010804073695000_tyv002v1.34","doi-asserted-by":"publisher","DOI":"10.1073\/pnas.39.10.1095"},{"key":"2016010804073695000_tyv002v1.35","first-page":"195","article-title":"Perseus: randomized point-based value iteration for pomdps","volume":"24","author":"Spaan","year":"2005","journal-title":"J Artif Int Res"},{"key":"2016010804073695000_tyv002v1.36","doi-asserted-by":"publisher","DOI":"10.1287\/opre.21.5.1071"},{"key":"2016010804073695000_tyv002v1.37","unstructured":"The Julia language. http:\/\/julialang.org\/ (20 October 2015, date last accessed)."},{"key":"2016010804073695000_tyv002v1.38","doi-asserted-by":"publisher","DOI":"10.1016\/S0022-0531(03)00005-X"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/cybersecurity\/article-pdf\/1\/1\/37\/7000804\/tyv002.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T09:42:32Z","timestamp":1748684552000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-lookup\/doi\/10.1093\/cybsec\/tyv002"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,11,5]]},"references-count":38,"alternative-id":["10.1093\/cybsec\/tyv002"],"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyv002","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"type":"print","value":"2057-2085"},{"type":"electronic","value":"2057-2093"}],"subject":[],"published":{"date-parts":[[2015,11,5]]}}}