Moore A P, Ellison R J, Linger R C. Attack modeling for information survivability. Pittsburgh: Carnegie Melon University, 2001.
[2]
Ray I, Poolsappasit N. Using attack trees to identify malicious attacks from authorized insiders[C]//Proceedings of 10th European Symp. Research in Computer Security (ESORICS \'05). Milan, Italy: Springer Berlin Heidelberg, 2005:231-246.
[3]
Buldas A, Laud P, Priisalu J, et al. Rational choice of security measures via multi-parameter attack trees[C]//Proceedings of 1st International Workshop on Critical Information Infrastructures Security.[S.l.]: Springer, 2006, 4347: 235-248.
[4]
Jürgenson A, Willemson J. Processing multi-parameter attack trees with estimated parameter values[C]//Proceedings of IWSEC.[S.l.]:Springer, 2007:308-319.
[5]
Jürgenson A, Willemson J. Computing exact outcomes of multi-parameter attack trees[C]//Proceedings of OTM.[S.l.]:Springer, 2008:1036-1051.
[6]
Lin Jincherng, Chen Janmin, Chen Chouchuan, et al. A game theoretic approach to decision and analysis in strategies of attack and defense[C]//Proceedings of Third IEEE International Conference on Secure Software Integration and Reliability Improvement.[S.l.]: IEEE, 2009:75-81.
[7]
Lü Wenping, Li Weimin. Space based information system security risk evaluation based on improved attack trees[C]//Proceedings of Third International Conference on Multimedia Information Networking and Security.[S.l.]: IEEE,2011: 480-483.
[8]
Poolsappasit Nayot, Dewri Rinku, Ray Indrajit. Dynamic security risk management using Bayesian attack graphs[J]. IEEE Transactions on Dependable and Secure Computing, 2012,9(1):61-74.
[9]
Weiss J D. A system security engineering process[C]//Proceedings of the 14th National Computer Security Conference. Washington D.C., USA: National Institute of Standards and Technology, National Computer Security Center, 1991:572-581.
Edge K S. A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees[D]. Ohio: Air Force Institute of Technology, 2007.
[12]
Espedahlen J H. Attack trees describing security in distributed internet-enabled metrology[D]. Gj?ik, Norway: Department of Computer Science and Media Technology, Gj?ik University College, 2007.
[13]
Convery S, Cook D, Franz M. An attack tree for the border gateway protocol[EB/OL].[2004-02-26]. http://www.ietf.org/proceedings/04aug/I-D/draft-ietf-rpsec-bgpattack-00.txt.
[14]
Ten C W,Liu C C, Govindarasu M. Vulnerability assessment of cybersecurity for SCADA systems using attack trees[C]//Proceedings of IEEE Power Engineering Society General Meeting.[S.l.]: IEEE, 2007:2527-2534.
[15]
Saini V, Duan Q, Paruchuri V. Threat modeling using attack trees[J]. Comput Small Coll, 2008,23(4):124-131.
[16]
Standardization Technical Committee of the National Information Security. GB-T20984-2007 information security technology-risk assessment specification for information security[S]. Beijing: Inspection and Quarantine of the People\'s Republic of China, 2007.
[17]
Ellis Horowitz. Fundamentals of data structures in C++[M]. Li Jianzhong, transl. Beijing: China Machine Press, 2007:184-187.
