[1] |
Swiler L P, Phillips C, Ellis D. Computerattack graph generation tool[C]∥Proc of the 2nd DARPA Information Survivability Conference & Exposition, 2001:307321.
|
[2] |
Sheyner O, Haines J, Jha S, et al. Automated generation and analysis of attack graphs[C]∥Proc of the IEEE Symposium on Security and Privacy, 2002:254265.
|
[3] |
Chen XiuZhen, Zheng QingHua, Guan XiaoHong, et al. Quantitative hierarchical threat evaluation model for network security[J]. Journal of Software, 2006, 17(4):885897.(in Chinese)
|
[4] |
Long Men,Xia Jingbo,Zhang Ziyang,et al. Network security assessment based on node correlated HMM[J].Journal of Beijing University of Posts and Telecommunications,2010, 33(6):121124.(in Chinese)
|
[5] |
Su Jibin, Xiao Zongshui,Xiao Yingjie. Analysis and research on network vulnerability based on exploit graph[J].Computer Engineering, 2009, 23(35):155160.
|
[6] |
Hu Zhenyu,Zhang Ruiling,Sun Fuchun.Bayesian model for tracing and locating a network attack[J]. Journal of Zhengzhou University (Natural Science Edition), 2008, 3(40):4447.
|
[7] |
Zhang Tao, Hu Mingzeng, Li Dong, et al. Quantificational assessment of software vulnerability[J].Computer Engineering and Application, 2005,41(27):750.
|
[8] |
CNCert. Vulnerability announcement [EB/OL]. [20121025]. http://www.cert.org.cn/publish/main/9/index.html.
|
[9] |
Red Hat Inc.Red hat CVE[EB/OL].[20121025].https://www.redhat.com/security/data/cve/.
|
[10] |
CERT.CERT/CC statistics [EB/OL]. [20121025].http://www.cert.org/stats/.
|
[11] |
Qian Meng, Mao Handong, Yao Li, et al. Network security analysis model based on logic exploitation graph[J].Computer Engineering,2009,35(9):147152.
|
[12] |
Liu Fang. Research on the theories and key technologies of information system security evaluation[D]. Changsha:National University of Defense Technology, 2005. (in Chinese)
|
[13] |
Wang Lianqiang.Information security risk assessment methodology and key technology research[D]. Tianjing:Nankai University, 2006. (in Chinese)
|
[14] |
Mao Handong. A novel assessment approach based on logical exploitation graph model for network security[D]. Changsha:National University of Defense Technology, 2008. (in Chinese)
|
[15] |
Chen Guang. Research on method of information system information security risk management[D].Changsha:National University of Defense Technology, 2008. (in Chinese)
|
|
附中文参考文献:
|
[4] |
龙门,夏靖波,张子阳,等. 节点相关的隐马尔科夫模型的网络安全评估[J]. 北京邮电大学.2010,33(6):121124.
|
[5] |
苏继斌,肖宗水,肖迎杰.基于渗透图的网络弱点分析与研究[J]. 计算机工程.2009,35(23):155160.
|
[6] |
胡振宇,张瑞玲,孙富春.基于贝叶斯方法的网络攻击定位和追踪模型[J]. 郑州大学学报(理学版).2008,40(3):4447.
|
[7] |
张涛,胡铭曾,李东,等.一种量化的软件弱点评估方法[J].计算机工程与应用,2005,41(27):79.
|
[8] |
国家互联网应急中心.漏洞公告[EB/OL].[20121025].http://www.cert.org.cn/publish/main/9/index.html.
|
[9] |
Red Hat Inc.红帽漏洞CVE数据库[EB/OL].[20121025].https://www.redhat.com/security/data/cve/.
|
[11] |
钱猛,毛捍东,姚莉,等.基于逻辑渗透图的网络安全分析模型[J]. 计算机工程. 2009, 35(9):147152.
|
[12] |
刘芳.信息系统安全评估理论及其关键技术研究[D]. 长沙:国防科学技术大学,2005.
|
[13] |
王连强. 信息安全风险评估方法及关键技术研究[D]. 天津:南开大学,2006.
|
[14] |
毛捍东.基于逻辑渗透图模型的网络安全风险评估方法研究[D].长沙:国防科学技术大学,2008.
|
[15] |
陈光.信息系统信息安全风险管理方法研究[D].北京:国防科学技术大学,2006.
|