EDP Sciences logo
Web of Conferences logo
Search
Menu
All issues Volume 97 (2024) BIO Web Conf., 97 (2024) 00085 References
Open Access
Issue
BIO Web Conf.
Volume 97, 2024
Fifth International Scientific Conference of Alkafeel University (ISCKU 2024)
Article Number 00085
Number of page(s) 18
DOI https://doi.org/10.1051/bioconf/20249700085
Published online 05 April 2024
  • A. Ramos, M. Lazar, R. Holanda Filho, J. J. P. C. P. C. Rodrigues, R. H. Filho, and J. J. P. C. P. C. Rodrigues, “Model-based quantitative network security metrics: A survey,” IEEE Communications Surveys and Tutorials, vol. 19, no. 4, pp. 2704–2734, 2017, DOI: 10.1109/COMST.2017.2745505. [CrossRef] [Google Scholar]
  • Z. J. Al-araji, S. S. A. Syed, M. W. Al-salihi, H.A. Al-lamy, M. Ahmed, and W. Raad, “Network Traffic Classification for Attack Detection Using Big Data Tools : A Review,” Intelligent and Interactive Computing, Lecture Notes in Networks and Systems 67, Vol. 67, pp. 355–363, 2019, doi: DOI: 10.1007/978-981-13-6031-2_37. [CrossRef] [Google Scholar]
  • A. A. Mutlag, M. K. A. Ghani, and M. A. Mohammed, “A Healthcare Resource Management Optimization Framework for ECG Biomedical Sensors,” in Efficient Data Handling for Massive Internet of Medical Things, Springer, Cham, 2021, pp. 229–244. [CrossRef] [Google Scholar]
  • Zaid, J. Al-Araji, S. S. Syed Ahmad, and R. S. Abdullah, “Attack Prediction to Enhance Attack Path Discovery Using Improved Attack Graph,” Karbala International Journal of Modern Science, 8, no. 3, pp. 313–329, Aug. 2022, DOI: 10.33640/2405-609X.3235. [CrossRef] [Google Scholar]
  • M. A. Mohammed et al., “A comprehensive investigation of machine learning feature extraction and classification methods for automated diagnosis of covid-19 based on x-ray images,” Computers, Materials and Continua, 66, no. 3, 2020. [Google Scholar]
  • C. Phillips and L. P. Swiler, “A graph-based system for network-vulnerability analysis,” in Proceedings of the 1998 Workshop on New Security Paradigms, 1998, pp. 71–79. DOI: 10.1145/310889.310919. [CrossRef] [Google Scholar]
  • L. P. Swiler, C. Phillips, D. Ellis, and S. Chakerian, “Computer-attack graph generation tool,” Proceedings - DARPA Information Survivability Conference and Exposition II, DISCEX 2001, Vol. 2, pp. 307–321, 2001, DOI: 10.1109/DISCEX.2001.932182. [CrossRef] [Google Scholar]
  • P. Ammann, D. Wijesekera, and S. Kaushik, “Scalable, graph-based network vulnerability analysis,” in Proceedings of the ACM Conference on Computer and Communications Security, 2002, no. June, pp. 217–224. DOI: 10.1145/586110.586140. [CrossRef] [Google Scholar]
  • V. Mehta, C. Bartzis, H. Zhu, E. Clarke, and J. Wing, “Ranking attack graphs,” in International Workshop on Recent Advances in Intrusion Detection, 2006, pp. 127–144. [CrossRef] [Google Scholar]
  • Chen, Y., Lv, K., & Hu, C., “Optimal Attack Path Generation Based on Supervised Kohonen Neural Network,” in 11th International Conference, NSS 2017 Helsinki, Finland, August 21-23, 2017 Proceedings, 2017, 32, no. 2, pp. 399–412. DOI: 10.1016/j.jnca.2008.06.001. [Google Scholar]
  • H. Li, Y. Wang, and Y. Cao, “Searching Forward Complete Attack Graph Generation Algorithm Based on Hypergraph Partitioning,” Procedia Comput Sci, Vol. 107, no. Icict, pp. 27–38, 2017, DOI: 10.1016/j.procs.2017.03.052. [CrossRef] [Google Scholar]
  • B. Yuan, Z. Pan, F. Shi, and Z. Li, “An Attack Path Generation Methods Based on Graph Database,” in 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC), 2020, Vol. 1, no. Itnec, pp. 1905–1910. [CrossRef] [Google Scholar]
  • K. Kaynar, “A taxonomy for attack graph generation and usage in network security,” Journal of Information Security and Applications, Vol. 29, no. August, pp. 27–56, 2016, DOI: 10.1016/j.jisa.2016.02.001. [CrossRef] [Google Scholar]
  • Z. J. Al-Araji, S. S. S. Ahmed, R. S. Abdullah, A. A. Mutlag, H. A. A. Raheem, and S. R. H. Basri, “Attack graph reachability: concept, analysis, challenges and issues,” Network Security, vol. 2021, no. 6, pp. 13–19, 2021, DOI: 10.1016/S1353-4858(21)00065-9. [CrossRef] [Google Scholar]
  • Y. Cheng, J. Deng, J. Li, S. A. Deloach, and A. Singhal, Metrics of Security, vol. 62. Springer International Publishing Switzerland 2014, 2014. DOI: 10.1007/978-3-319-11391-3. [Google Scholar]
  • N. C. Idika, “Characterizing and Aggregating Attack Graph-Based Security Metrics,” Purdue University, 2010. [Google Scholar]
  • P. Jamshidi, A. Ahmad, and C. Pahl, “Cloud Migration Research: A Systematic Review,” IEEE Transactions on Cloud Computing, 1, no. 2, pp. 142–157, Jul. 2013, DOI: 10.1109/TCC.2013.10. [CrossRef] [Google Scholar]
  • P. Brereton, B. A. Kitchenham, D. Budgen, M. Turner, and M. Khalil, “Lessons from applying the systematic literature review process within the software engineering domain,” Journal of Systems and Software, 80, no. 4, pp. 571–583, Apr. 2007, DOI: 10.1016/j.jss.2006.07.009. [CrossRef] [Google Scholar]
  • M. Haghi Kashani and E. Mahdipour, “Load Balancing Algorithms in Fog Computing: A Systematic Review,” IEEE Trans Serv Comput, 2022, DOI: 10.1109/TSC.2022.3174475. [Google Scholar]
  • A. A. Mutlag, M. K. Abd Ghani, N. Arunkumar, M. A. Mohammed, and O. Mohd, “Enabling technologies for fog computing in healthcare IoT systems,” Future Generation Computer Systems, Vol. 90, pp. 62–78, Jan. 2019, DOI: 10.1016/j.future.2018.07.049. [CrossRef] [Google Scholar]
  • S. Bansal, H. Aggarwal, and M. Aggarwal, “A systematic review of task scheduling approaches in fog computing,” Transactions on Emerging Telecommunications Technologies, p. e4523, May 2022, DOI: 10.1002/ett.4523. [CrossRef] [Google Scholar]
  • Z. J. Al-Araji, S. S. S. Ahmad, N. Kausar, A. Farhani, E. Ozbilgekahveci, and T. Cagin, “Fuzzy Theory in Fog Computing: Review, Taxonomy, and Open Issues,” IEEE Access, Vol. 10, pp. 126931–126956, 2022, DOI: 10.1109/ACCESS.2022.3225462. [CrossRef] [Google Scholar]
  • M. A. Mohammed, M. K. Abd Ghani, R. I. Hamed, and D. A. Ibrahim, “Review on Nasopharyngeal Carcinoma: Concepts, methods of analysis, segmentation, classification, prediction and impact: A review of the research literature,” J Comput Sci, Vol. 21, pp. 283–298, 2017. [CrossRef] [Google Scholar]
  • A. A. Mutlag, M. K. Abd Ghani, N. Arunkumar, M. A. Mohammed, and O. Mohd, “Enabling technologies for fog computing in healthcare IoT systems,” Future Generation Computer Systems, Vol. 90, pp. 62–78, 2019, DOI: 10.1016/j.future.2018.07.049. [CrossRef] [Google Scholar]
  • Zaid, J. Al-Araji, S. S. S. Ahmad, and R. S. Abdullah, “Propose Vulnerability Metrics to Measure Network Secure using Attack Graph,” International Journal of Advanced Computer Science and Applications, vol. 12, no. 5, pp. 51–58, 2021, DOI: 10.14569/IJACSA.2021.0120508. [Google Scholar]
  • S. Y. Enoch, J. B. Hong, M. Ge, and D. S. Kim, “Composite metrics for network security analysis,” Software Networking, vol. 2017, no. 1, pp. 137–160, 2017. [CrossRef] [Google Scholar]
  • A. Roy, D. S. Kim, and K. S. Trivedi, “Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees,” in IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), 2012, pp. 1–12. [Google Scholar]
  • D. P. Sharma et al., “Dynamic Security Metrics for Software-Defined Network-based Moving Target Defense,” Journal of Network and Computer Applications, Vol. 170, no. November, p. 102805, 2020, DOI: 10.1016/j.jnca.2020.102805. [CrossRef] [Google Scholar]
  • L. Wang, T. Islam, T. Long, A. Singhal, and S. Jajodia, “An attack graph-based probabilistic security metric,” Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 5094, no. 2008, pp. 283–296, 2008, DOI: 10.1007/978-3-540-70567-3_22. [Google Scholar]
  • M. Ge, J. B. Hong, W. Guttmann, and D. S. Kim, “A framework for automating security analysis of the internet of things,” Journal of Network and Computer Applications, Vol. 83, no. January, pp. 12–27, 2017, DOI: 10.1016/j.jnca.2017.01.033. [CrossRef] [Google Scholar]
  • A. Roy, D. S. Kim, and K. S. Trivedi, “Attack countermeasure trees (ACT): towards unifying the constructs of attack and defense trees,” Security and Communication Networks, vol. 5, no. 8, pp. 929–943, 2012. [CrossRef] [Google Scholar]
  • O. Duman, M. Zhang, L. Wang, M. Debbabi, R. Atallah, and B. Lebel, “Factor of Security (FoS): Quantifying the Security Effectiveness of Redundant Smart Grid Subsystems,” IEEE Trans Dependable Secure Comput, vol. 19, no. 2, pp. 1018–1035, 2020, DOI: 10.1109/tdsc.2020.3009931. [Google Scholar]
  • J. B. Hong, S. Y. Enoch, D. S. Kim, A. Nhlabatsi, N. Fetais, and K. M. Khan, “Dynamic security metrics for measuring the effectiveness of moving target defense techniques,” Comput Secur, Vol. 79, pp. 33–52, 2018, DOI: 10.1016/j.cose.2018.08.003. [CrossRef] [Google Scholar]
  • J. Pamula, S. Jajodia, P. Ammann, and V. Swarup, “A weakest-adversary security metric for network configuration security analysis,” in Proceedings of the 2nd ACM workshop on Quality of protection, 2006, pp. 31–38. [CrossRef] [Google Scholar]
  • R. Ortalo, Y. Deswarte, and M. Kaâniche, “Experimenting with quantitative evaluation tools for monitoring operational security,” IEEE Transactions on Software Engineering, vol. 25, no. 5, pp. 633–650, 1999, DOI: 10.1109/32.815323. [CrossRef] [Google Scholar]
  • S. Y. Enoch, M. Ge, J. B. Hong, H. Alzaid, and D. S. Kim, “A systematic evaluation of cybersecurity metrics for dynamic networks,” Computer Networks, Vol. 144, no. October, pp. 216–229, 2018, DOI: 10.1016/j.comnet.2018.07.028. [CrossRef] [Google Scholar]
  • M. Keramati and M. Keramati, “Novel security metrics for ranking vulnerabilities in computer networks,” in 2014 7th International Symposium on Telecommunications, IST 2014, Dec. 2014, pp. 883–888. DOI: 10.1109/ISTEL.2014.7000828. [CrossRef] [Google Scholar]
  • W. Li and R. B. Vaughn, “Cluster security research involving the modeling of network exploitations using exploitation graphs,” in Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID’06), 2006, Vol. 2, no. July, p. 26. DOI: 10.1109/ccgrid.2006.1630921. [CrossRef] [Google Scholar]
  • N. Idika and B. Bhargava, “Extending attack graph-based security metrics and aggregating their application,” IEEE Trans Dependable Secure Comput, vol. 9, no. 1, pp. 75–85, 2010, DOI: 10.1109/TDSC.2010.61. [Google Scholar]
  • L. Wang, A. Singhal, and S. Jajodia, “Measuring the overall security of network configurations using attack graphs,” in IFIP Annual Conference on Data and Applications Security and Privacy, 2007, pp. 98–112. DOI: 10.1007/978-3-540-73538-0_9. [Google Scholar]
  • R. Lippmann et al., “Validating and Restoring Defense in Depth Using Attack Graphs,” in MILCOM 2006 - 2006 IEEE Military Communications conference, 2006, pp. 1–10. [Google Scholar]
  • M. Cremonini and P. Martini, “Evaluating Information Security Investments from Attackers Perspective: the Return-On-Attack (ROA),” in 4th Workshop on the Economics of Information Security, 2005, no. January, p. 4. [Google Scholar]
  • A. Amos-Binks, J. Clark, K. Weston, M. Winters, and K. Harfoush, “Efficient Attack Plan Recognition using Automated Planning,” in 2017 IEEE Symposium on Computers and Communications (ISCC), 2017, pp. 1–6. [Google Scholar]
  • M. J. F. Alenazi and J. P. G. Sterbenz, “Evaluation and Improvement of Network Resilience against Attacks using Graph Spectral Metrics,” in Proceedings - 2015 Resilience Week, RSW 2015, 2015, pp. 206–211. DOI: 10.1109/RWEEK.2015.7287447. [Google Scholar]
  • G. S. Bopche and B. M. Mehtre, “Exploiting curse of diversity for improved network security,” in 2015 International Conference on Advances in Computing, Communications and Informatics, ICACCI 2015, 2015, pp. 1975–1981. DOI: 10.1109/ICACCI.2015.7275907. [Google Scholar]
  • Q. Zhang, J. H. Cho, T. J. Moore, and I. R. Chen, “Vulnerability-Aware Resilient Networks: Software Diversity-based Network Adaptation,” IEEE Transactions on Network and Service Management, vol. 18, no. 3, pp. 3154–3169, 2020, DOI: 10.1109/TNSM.2020.3047649. [Google Scholar]
  • P. Mukherjee and C. Mazumdar, “Attack difficulty metric for assessment of network security,” in ACM International Conference Proceeding Series, 2018, pp. 1–10. DOI: 10.1145/3230833.3232817. [Google Scholar]
  • Y. Zhang, L. Wang, Y. Xiang, and C.-W. Ten, “Power system reliability evaluation with SCADA cybersecurity considerations,” IEEE Transactions on …, pp. 1–15, 2015. [Google Scholar]
  • G. S. Bopche and B. M. Mehtre, “Graph similarity metrics for assessing temporal changes in attack surface of dynamic networks,” Comput Secur, Vol. 64, no. January, pp. 16–43, 2017, DOI: 10.1016/j.cose.2016.09.010. [CrossRef] [Google Scholar]
  • P. S. Patapanchala, C. Huo, R. B. Bobba, and E. Cotilla-Sanchez, “Exploring security metrics for electric grid infrastructures leveraging attack graphs,” in 2016 IEEE Conference on Technologies for Sustainability, SusTech 2016, 2017, pp. 89–95. DOI: 10.1109/SusTech.2016.7897148. [Google Scholar]
  • S. Zonouz, C. M. Davis, K. R. Davis, R. Berthier, R. B. Bobba, and W. H. Sanders, “SOCCA: A security-oriented cyber-physical contingency analysis in power infrastructures,” IEEE Trans Smart Grid, vol. 5, no. 1, pp. 3–13, 2013. [Google Scholar]
  • C. Shan, B. Jiang, J. Xue, F. Guan, and N. Xiao, “An Approach for Internal Network Security Metric Based on Attack Probability,” Security and Communication Networks, Vol. 2018, Apr. 2018, DOI: 10.1155/2018/3652170. [Google Scholar]
  • M. Ge and D. S. Kim, “A framework for modeling and assessing security of the internet of things,” in 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS), 2015, pp. 776–781. [Google Scholar]
  • S. E. Yusuf, M. Ge, J. B. Hong, H. Alzaid, and D. S. Kim, “Evaluating the effectiveness of security metrics for dynamic networks,” in Proceedings - 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, 11th IEEE International Conference on Big Data Science and Engineering and 14th IEEE International Conference on Embedded Software and Systems, 2017, pp. 277–284. DOI: 10.1109/Trustcom/BigDataSE/ICESS.2017.248. [Google Scholar]
  • S. M. Abraham, “Estimating Mean Time to Compromise Using Non-homogenous ContinuousTime Markov Models,” Proceedings - International Computer Software and Applications Conference, Vol. 2, pp. 467–472, 2016, DOI: 10.1109/COMPSAC.2016.11. [Google Scholar]
  • A. Kundu, N. Ghosh, I. Chokshi, and S. K. Ghosh, “Analysis of attack graph-based metrics for quantification of network security,” in 2012 Annual IEEE India Conference, INDICON 2012, 2012, pp. 530–535. DOI: 10.1109/INDCON.2012.6420675. [Google Scholar]
  • F. Dai, K. Zheng, S. Luo, and B. Wu, “Towards a multiobjective framework for evaluating network security under exploit attacks,” in IEEE International Conference on Communications, Sep. 2015, vol. 2015-September, pp. 7186–7191. DOI: 10.1109/ICC.2015.7249473. [Google Scholar]
  • B. Asvija, R. Eswari, and M. B. Bijoy, “Bayesian attack graphs for platform virtualized infrastructures in clouds,” Journal of Information Security and Applications, Vol. 51, p. 102455, 2020. [CrossRef] [Google Scholar]
  • A. Ben Aissa, I. Abdalla, L. F. Hussein, and A. Elhadad, “A novel stochastic model for cybersecurity metric inspired by markov chain model and attack graphs,” International Journal of Scientific and Technology Research, vol. 9, no. 3, pp. 6329–6335, 2020. [Google Scholar]
  • M. Ge, J. B. Hong, W. Guttmann, and D. S. Kim, “A framework for automating security analysis of the internet of things,” Journal of Network and Computer Applications, Vol. 83, no. April 2016, pp. 12–27, 2017, DOI: 10.1016/j.jnca.2017.01.033. [CrossRef] [Google Scholar]
  • S. Y. Enoch, C. Y. Moon, D. Lee, M. K. Ahn, and D. S. Kim, “A practical framework for cyber defense generation, enforcement and evaluation,” Computer Networks, Vol. 208, no. November 2021, p. 108878, 2022, DOI: 10.1016/j.comnet.2022.108878. [CrossRef] [Google Scholar]
  • S. Y. Enoch, J. B. Hong, and D. S. Kim, “Security modelling and assessment of modern networks using time independent Graphical Security Models,” Journal of Network and Computer Applications, Vol. 148, no. May, p. 102448, 2019, DOI: 10.1016/j.jnca.2019.102448. [CrossRef] [Google Scholar]
  • S. E. Yusuf, M. Ge, J. B. Hong, H. K. Kim, P. Kim, and D. S. Kim, “Security Modelling and Analysis of Dynamic Enterprise Networks,” in 2016 IEEE International Conference on Computer and Information Technology (CIT), 2016, pp. 249–256. [CrossRef] [Google Scholar]
  • M. S. Barik, A. Sengupta, and C. Mazumdar, “Attack Graph Generation and Analysis Techniques,” Def Sci J., vol. 66, no. 6, pp. 559–567, 2016, DOI: 10.14429/dsj.66.10795. [CrossRef] [Google Scholar]
  • P. Morrison, D. Moye, R. Pandita, and L. Williams, “Mapping the field of software life cycle security metrics,” Inf Softw Technol, Vol. 102, no. May, pp. 146–159, 2018, DOI: 10.1016/j.infsof.2018.05.011. [CrossRef] [Google Scholar]
  • M. Ge, J. B. Hong, S. E. Yusuf, and D. S. Kim, “Proactive defense mechanisms for the software-defined Internet of Things with non-patchable vulnerabilities,” Future Generation Computer Systems, Vol. 78, pp. 568–582, 2018, DOI: 10.1016/j.future.2017.07.008. [CrossRef] [Google Scholar]
  • M. Pendleton, R. Garcia-Lebron, J.-H. Cho, and S. Xu, “A survey on systems security metrics,” ACM Computing Surveys (CSUR), vol. 49, no. 4, pp. 1–35, 2016. [Google Scholar]
  • Y. Cherdantseva et al., “A review of cyber security risk assessment methods for SCADA systems,” Comput Secur, Vol. 56, pp. 1–27, 2016, DOI: 10.1016/j.cose.2015.09.009. [CrossRef] [Google Scholar]
  • S. Y. Enoch, M. Ge, J. B. Hong, and D. Seong Kim, “Model-based Cybersecurity Analysis: Past Work and Future Directions,” in Proceedings - Annual Reliability and Maintainability Symposium, 2021, vol. 2021-May. DOI: 10.1109/RAMS48097.2021.9605784. [Google Scholar]
  • A. Longueira-Romerc, R. Iglesias, D. Gonzalez, and I. Garitano, “How to Quantify the Security Level of Embedded Systems? A Taxonomy of Security Metrics,” IEEE International Conference on Industrial Informatics (INDIN), vol. 2020-July, pp. 153–158, 2020, DOI: 10.1109/INDIN45582.2020.9442219. [Google Scholar]

Current usage metrics show cumulative count of Article Views (full-text article views including HTML views, PDF and ePub downloads, according to the available data) and Abstracts Views on Vision4Press platform.

Data correspond to usage on the plateform after 2015. The current usage metrics is available 48-96 hours after online publication and is updated daily on week days.

Initial download of the metrics may take a while.