{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:36:21Z","timestamp":1750221381225,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":35,"publisher":"ACM","license":[{"start":{"date-parts":[[2018,3,29]],"date-time":"2018-03-29T00:00:00Z","timestamp":1522281600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2018,3,29]]},"DOI":"10.1145\/3190645.3190673","type":"proceedings-article","created":{"date-parts":[[2018,3,30]],"date-time":"2018-03-30T12:21:43Z","timestamp":1522412503000},"page":"1-9","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["Improving offensive cyber security assessments using varied and novel initialization perspectives"],"prefix":"10.1145","author":[{"given":"Jacob","family":"Oakley","sequence":"first","affiliation":[{"name":"Towson University"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2018,3,29]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"7","volume":"15","year":"2017","journal-title":"Accessed"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1276958.1277345"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2991079.2991111"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"crossref","unstructured":"s. ghosh and s. juneja \"Computing worst-case tail probabilities in credit risk \" in 38th conference on Winter simulation 2006.   s. ghosh and s. juneja \"Computing worst-case tail probabilities in credit risk \" in 38th conference on Winter simulation 2006.","DOI":"10.1109\/WSC.2006.323080"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2995959.2995969"},{"key":"e_1_3_2_1_6_1","unstructured":"The TREsPASS Project \"TREsPASS \" 2017. {Online}. Available: https:\/\/www.trespass-project.eu\/. {Accessed 4 October 2017}.  The TREsPASS Project \"TREsPASS \" 2017. {Online}. Available: https:\/\/www.trespass-project.eu\/. {Accessed 4 October 2017}."},{"key":"e_1_3_2_1_7_1","unstructured":"J. Heiser \"Understanding Data Leakage \" Gartner Research Report 2017.  J. Heiser \"Understanding Data Leakage \" Gartner Research Report 2017."},{"key":"e_1_3_2_1_8_1","unstructured":"CERT \"Common Sense Guide to Prevention and Detection of Insider Threat \" CERT 2009. {Online}. Available: http:\/\/www.ncix.gov\/issues\/ithreat\/csg-v3.pdf. {Accessed 7 2017}.  CERT \"Common Sense Guide to Prevention and Detection of Insider Threat \" CERT 2009. {Online}. Available: http:\/\/www.ncix.gov\/issues\/ithreat\/csg-v3.pdf. {Accessed 7 2017}."},{"key":"e_1_3_2_1_9_1","unstructured":"Imperva \"Hacker Intelligence Initiative Report \" Imperva 2016.  Imperva \"Hacker Intelligence Initiative Report \" Imperva 2016."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/781027.781045"},{"key":"e_1_3_2_1_11_1","unstructured":"Eeye Security Inc. \"Microsoft IIS Buffer Overflow Advisory \" 2001. {Online}. Available: http : \/\/www.eeye.com\/html\/ -- Research\/Advisories\/AD20010618.html. {Accessed 7 2017}.  Eeye Security Inc. \"Microsoft IIS Buffer Overflow Advisory \" 2001. {Online}. Available: http : \/\/www.eeye.com\/html\/ -- Research\/Advisories\/AD20010618.html. {Accessed 7 2017}."},{"key":"e_1_3_2_1_12_1","unstructured":"K. Poore \"Nimda Worm - Why is it Different? \" SANS Institute InfoSec Reading Room 11 November 2001.  K. Poore \"Nimda Worm - Why is it Different? \" SANS Institute InfoSec Reading Room 11 November 2001."},{"key":"e_1_3_2_1_13_1","unstructured":"SANS \"IDFAQ: An analysis of SQL.Spider-B (Digispid.B.Worm Spida MSSQL Worm and SQLSnake) \" SANS 2003.  SANS \"IDFAQ: An analysis of SQL.Spider-B (Digispid.B.Worm Spida MSSQL Worm and SQLSnake) \" SANS 2003."},{"key":"e_1_3_2_1_14_1","unstructured":"M. Bauer \"Paranoid Penguin: Designing and Using DMZ Networks to Protect Internet Servers \" Linux Journal vol. 2001 no. 83es March 2001.   M. Bauer \"Paranoid Penguin: Designing and Using DMZ Networks to Protect Internet Servers \" Linux Journal vol. 2001 no. 83es March 2001."},{"key":"e_1_3_2_1_15_1","unstructured":"Verizon \"2017 Data Breach Investigations Report (DBIR) \" Verizon 2017.  Verizon \"2017 Data Breach Investigations Report (DBIR) \" Verizon 2017."},{"key":"e_1_3_2_1_16_1","unstructured":"Industrial Control Systems Cyber Emergency Response Team \"ICS-CERT Year in Review \" NCCIC 2016.  Industrial Control Systems Cyber Emergency Response Team \"ICS-CERT Year in Review \" NCCIC 2016."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2459976.2460034"},{"key":"e_1_3_2_1_18_1","unstructured":"\"Data Classification Standard \" 22 April 2013. {Online}. Available: https:\/\/security.berkeley.edu\/data-classification-standard. {Accessed 16 7 2017}.  \"Data Classification Standard \" 22 April 2013. {Online}. Available: https:\/\/security.berkeley.edu\/data-classification-standard. {Accessed 16 7 2017}."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1179494.1179497"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/2665936.2665939"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/2372225.2372229"},{"key":"e_1_3_2_1_22_1","unstructured":"The Open Web Application Security Project (OWASP) \"What is Attack Surface Analysis and Why is it Important? \" OWASP July 2015. {Online}. Available: https:\/\/www.owasp.org\/index.php\/Attack_Surface_Analysis_Cheat_Sheet. {Accessed 17 July 2017}.  The Open Web Application Security Project (OWASP) \"What is Attack Surface Analysis and Why is it Important? \" OWASP July 2015. {Online}. Available: https:\/\/www.owasp.org\/index.php\/Attack_Surface_Analysis_Cheat_Sheet. {Accessed 17 July 2017}."},{"key":"e_1_3_2_1_23_1","unstructured":"SANS Technology Institute \"Security Laboratory: Defense In Depth Series \" SANS 2016. {Online}. Available: https:\/\/www.sans.edu\/cyber-research\/security-laboratory\/article\/did-attack-surface. {Accessed 17th July 2017}.  SANS Technology Institute \"Security Laboratory: Defense In Depth Series \" SANS 2016. {Online}. Available: https:\/\/www.sans.edu\/cyber-research\/security-laboratory\/article\/did-attack-surface. {Accessed 17th July 2017}."},{"key":"e_1_3_2_1_24_1","unstructured":"M. Chapple \"Four Tips for Securing a Network DMZ \" 18 May 2012. {Online}. Available: https:\/\/fedtechmagazine.com\/article\/2012\/05\/four-tips-securing-network-dmz-fed. {Accessed 17 July 2017}.  M. Chapple \"Four Tips for Securing a Network DMZ \" 18 May 2012. {Online}. Available: https:\/\/fedtechmagazine.com\/article\/2012\/05\/four-tips-securing-network-dmz-fed. {Accessed 17 July 2017}."},{"key":"e_1_3_2_1_25_1","unstructured":"That Security Blog \"Penetration Testing and Rules of engagement \" 3 September 2016. {Online}. Available: https:\/\/fl0x2208.wordpress.com\/2016\/09\/03\/penetration-testing-and-rules-of-engagement\/. {Accessed 18 July 2017}.  That Security Blog \"Penetration Testing and Rules of engagement \" 3 September 2016. {Online}. Available: https:\/\/fl0x2208.wordpress.com\/2016\/09\/03\/penetration-testing-and-rules-of-engagement\/. {Accessed 18 July 2017}."},{"key":"e_1_3_2_1_26_1","unstructured":"pentest-standard \"pre-engagement \" 16 August 2014. {Online}. Available: http:\/\/www.pentest-standard.org\/index.php\/Pre-engagement. {Accessed 18 July 2017}.  pentest-standard \"pre-engagement \" 16 August 2014. {Online}. Available: http:\/\/www.pentest-standard.org\/index.php\/Pre-engagement. {Accessed 18 July 2017}."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1179494.1179506"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/511446.511518"},{"volume-title":"Lyon","year":"2007","author":"Schmidt M.","key":"e_1_3_2_1_29_1"},{"volume-title":"Hilton Head","year":"2000","author":"Wood B. J.","key":"e_1_3_2_1_30_1"},{"key":"e_1_3_2_1_31_1","unstructured":"C. Kirsch \"What is Penetration Testing? \" Rapid7 17 April 2013. {Online}. Available: https:\/\/community.rapid7.com\/docs\/DOC-2248. {Accessed 19 July 2017}.  C. Kirsch \"What is Penetration Testing? \" Rapid7 17 April 2013. {Online}. Available: https:\/\/community.rapid7.com\/docs\/DOC-2248. {Accessed 19 July 2017}."},{"key":"e_1_3_2_1_32_1","unstructured":"D. Russel and G. T. Gangemi Computer Security Basics Sebastopol: O'Reilly & Associates.   D. Russel and G. T. Gangemi Computer Security Basics Sebastopol: O'Reilly & Associates."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2875475.2875484"},{"volume-title":"New York: Simon & Shuster","year":"1991","author":"Hafner K.","key":"e_1_3_2_1_34_1"},{"key":"e_1_3_2_1_35_1","unstructured":"C. Han and R. Dongre \"Q&A What Motivates Cyber-Attackers? \" Talent First Network October 2014. {Online}. Available: https:\/\/timreview.ca\/article\/838. {Accessed 18 July 2017}.  C. Han and R. Dongre \"Q&A What Motivates Cyber-Attackers? \" Talent First Network October 2014. {Online}. Available: https:\/\/timreview.ca\/article\/838. {Accessed 18 July 2017}."}],"event":{"name":"ACM SE '18: Southeast Conference","sponsor":["ACM Association for Computing Machinery"],"location":"Richmond Kentucky","acronym":"ACM SE '18"},"container-title":["Proceedings of the ACMSE 2018 Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3190645.3190673","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3190645.3190673","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T02:26:50Z","timestamp":1750213610000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3190645.3190673"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,3,29]]},"references-count":35,"alternative-id":["10.1145\/3190645.3190673","10.1145\/3190645"],"URL":"https:\/\/doi.org\/10.1145\/3190645.3190673","relation":{},"subject":[],"published":{"date-parts":[[2018,3,29]]},"assertion":[{"value":"2018-03-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}