Applications of qualitative modeling to knowledge-based risk assessment studies
IEA/AIE '89 Proceedings of the 2nd international conference on Industrial and engineering applications of artificial intelligence and expert systems - Volume 1
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
NSPW '97 Proceedings of the 1997 workshop on New security paradigms
DNS and BIND
Writing Secure Code
Software Measurement: A Necessary Scientific Basis
IEEE Transactions on Software Engineering
The coras approach for model-based risk management applied to e-commerce domain
Proceedings of the IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Managing vulnerabilities of information systems to security incidents
ICEC '03 Proceedings of the 5th international conference on Electronic commerce
The CORAS methodology: model-based risk assessment using UML and UP
UML and the unified process
Efficient Minimum-Cost Network Hardening Via Exploit Dependency Graphs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Risk-based Systems Security Engineering: Stopping Attacks with Intention
IEEE Security and Privacy
Security Meter: A Practical Decision-Tree Model to Quantify Risk
IEEE Security and Privacy
Risky trust: risk-based analysis of software systems
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Assessing the risk of intercepting VoIP calls
Computer Networks: The International Journal of Computer and Telecommunications Networking
Relationships between information security metrics: an empirical study
Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop
A stochastic model of attack process for the evaluation of security metrics
Computer Networks: The International Journal of Computer and Telecommunications Networking
Hi-index | 0.25 |
The aim of this work is to evaluate the risk of an external attack to the network of our Department in the University. Thus, this work wants to complement the results in [M. Benini, S. Sicari, A mathematical framework for risk assessment, in: H. Labiod, M. Badra (Eds.), New Technologies, Mobility and Security, Signals and Communication, Springer-Verlag, May 2007, pp. 459-469] where a mathematical framework justifying our risk assessment method has been presented. Hence, this article describes a detailed account of our experience where the instruments, the techniques and the results are described and evaluated.