A review of attack graph and attack tree visual syntax in cyber security
Perceiving and understanding cyber-attacks can be a difficult task, and more effective
techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) …
techniques are needed to aid cyber-attack perception. Attack modelling techniques (AMTs) …
DAG-based attack and defense modeling: Don't miss the forest for the attack trees
B Kordy, L Piètre-Cambacédès, P Schweitzer - Computer science review, 2014 - Elsevier
This paper presents the current state of the art on attack and defense modeling approaches
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical …
Automated security test generation with formal threat models
Security attacks typically result from unintended behaviors or invalid inputs. Security testing
is labor intensive because a real-world program usually has too many invalid inputs. It is …
is labor intensive because a real-world program usually has too many invalid inputs. It is …
How well does llm generate security tests?
Developers often build software on top of third-party libraries (Libs) to improve programmer
productivity and software quality. The libraries may contain vulnerabilities exploitable by …
productivity and software quality. The libraries may contain vulnerabilities exploitable by …
An empirical evaluation of the effectiveness of attack graphs and fault trees in cyber-attack perception
Perceiving and understanding cyber-attacks can be a difficult task. This problem is widely
recognized and welldocumented, and more effective techniques are needed to aid cyber …
recognized and welldocumented, and more effective techniques are needed to aid cyber …
ASE: A comprehensive pattern-driven security methodology for distributed systems
Incorporating security features is one of the most important and challenging tasks in
designing distributed systems. Over the last decade, researchers and practitioners have …
designing distributed systems. Over the last decade, researchers and practitioners have …
Reinforcement learning architecture for web recommendations
N Golovin, E Rahm - International Conference on Information …, 2004 - ieeexplore.ieee.org
A large number of Web sites use online recommendations to make Web users interested in
their products or content. Since no single recommendation approach is always best it is …
their products or content. Since no single recommendation approach is always best it is …
Moderator factors of software security and performance verification
Context: Security and performance are critical software non-functional requirements.
Therefore, verification activities should be included in the development process to identify …
Therefore, verification activities should be included in the development process to identify …
Attack model based penetration test for SQL injection vulnerability
W Tian, JF Yang, J Xu, GN Si - 2012 IEEE 36th annual …, 2012 - ieeexplore.ieee.org
The penetration test is a crucial way to enhance the security of web applications. Improving
accuracy is the core issue of the penetration test research. The test case is an important …
accuracy is the core issue of the penetration test research. The test case is an important …
Knowledge-based security testing of web applications by logic programming
This article introduces a new method for knowledge-based security testing by logic
programming and the related tool implementation for model-based non-functional security …
programming and the related tool implementation for model-based non-functional security …