Network defenses based on traditional tools, techniques, and procedures (TTP) fail to
account for the attacker's inherent advantage present due to the static nature of network …

Security metrics have received significant attention. However, they have not been
systematically explored based on the understanding of attack-defense interactions, which …

Security risk assessment and mitigation are two vital processes that need to be executed to
maintain a productive IT infrastructure. On one hand, models such as attack graphs and …

Measurement of software security is a long-standing challenge to the research community.
At the same time, practical security metrics and measurements are essential for secure …

This paper presents the current state of the art on attack and defense modeling approaches
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …

Software vulnerabilities pose significant security risks to the host computing system. Faced
with continuous disclosure of software vulnerabilities, system administrators must prioritize …

Security event correlation approaches are necessary to detect and predict incremental
threats such as multi-step or targeted attacks (advanced persistent threats) and other causal …

This paper presents a novel model of intrusion analysis built by analysts, derived from years
of experience, asking the simple question,“What is the underlying method to our work?” The …

Given the increasing dependence of our societies on networked information systems, the
overall security of these systems should be measured and improved. Existing security …

Industrial IoT (IIoT) refers to the application of IoT in industrial management to improve the
overall operational efficiency. With IIoT that accelerates the industrial automation process by …