[1] Ortalo R, Dewarte Y, Kaaniche M. Experimenting with quantitative evaluation tools for monitoring operation security[J]. IEEE Transactions on Software Engineering, 1999, 25(9-10): 633-650.
[4] Cuppens F. Alert correlation in a cooperative intrusion detection framework[C]∥Proceedings of the 2002 IEEE Symposium on Security and Privacy, Washington, DC: IEEE Computer Society, 2002.
[5]
[5] Ning P, Xu D. Learning attack strategies from intrusion alerts[C]∥Proceedings of the 10 ACM Conference on Computer and Communications Security. New York: ACM Press, 2003: 200-209.
[6]
[6] Swiler L P, Phillips C, Ellis D, et al. Computer-attack graph generation tool[C]∥Proceedings DARPA Information Survivability Conference and Exposition (DISCEX II’01), Vol 2. Anaheim: IEEE Computer Society, 2001: 1307- 1321.
[7]
[7] Swiler L P, Phillips C, Gaylor T. A graph-based network-vulnerability analysis system, SAND97-3010/1[R]. Sandia National Laboratories, Albuquerque, New Mexico and Livermore: 1998.
[8]
[8] Ritchey R, Ammann P. Using model checking analyze network vulnerability[C]∥Proceedings of IEEE Symposium on Security and Privacy. 2001:156-165.
[9]
[9] Sheyner O, Haines Jha S. Automated generation and analysis of attack graph[C]∥Proceedings of IEEE Symposium on Security and Privacy. 2002:273-284.
