Adversary work factor as a metric for information assurance
Proceedings of the 2000 workshop on New security paradigms
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Using Model Checking to Analyze Network Vulnerabilities
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Threat Modeling
Computer security strength and risk: a quantitative approach
Computer security strength and risk: a quantitative approach
Heuristics for scalable compound exposure analysis: a foundation for a comprehensive security risk assessment
A Host-Based Approach to Network Attack Chaining Analysis
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Practical Attack Graph Generation for Network Defense
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Strata-Gem utilizes mission trees to perform risk assessments by linking an organization's objectives to the IT assets that implement them. Critical states are identified which indicate goals that a potential attacker can achieve to prevent each asset from completing its objectives. Those goals are then used as states to drive attack and fault tree analysis to determine the likelihood of an attack. This provides a quantitative risk measurement to be calculated for each asset, objective, and the overall organization.