J. Kephart and D. Chess, The vision of autonomic computing, Computer, vol.36, issue.1, pp.41-50, 2003.
DOI : 10.1109/MC.2003.1160055

S. Dobson, F. Zambonelli, S. Denazis, A. Fernández, D. Ga¨?tiga¨?ti et al., A survey of autonomic communications, ACM Transactions on Autonomous and Adaptive Systems, vol.1, issue.2, pp.223-259, 2006.
DOI : 10.1145/1186778.1186782

N. Samaan and A. Karmouch, Towards Autonomic Network Management: an Analysis of Current and Future Research Directions, IEEE Communications Surveys & Tutorials, vol.11, issue.3, pp.22-36, 2009.
DOI : 10.1109/SURV.2009.090303

M. C. Huebscher and J. A. Mccann, A survey of autonomic computing???degrees, models, and applications, ACM Computing Surveys, vol.40, issue.3, pp.1-728, 2008.
DOI : 10.1145/1380584.1380585

Z. Movahedi, M. Ayari, R. Langar, and G. Pujolle, A Survey of Autonomic Network Architectures and Evaluation Criteria, IEEE Communications Surveys & Tutorials, vol.14, issue.2, pp.1-27, 2011.
DOI : 10.1109/SURV.2011.042711.00078

URL : https://hal.archives-ouvertes.fr/hal-01168689

V. Igure and R. Williams, Taxonomies of attacks and vulnerabilities in computer systems, IEEE Communications Surveys & Tutorials, vol.10, issue.1, pp.6-19, 2008.
DOI : 10.1109/COMST.2008.4483667

O. Dabbebi, R. Badonnel, and O. Festor, Dynamic exposure control in P2PSIP networks, 2012 IEEE Network Operations and Management Symposium, pp.261-268, 2012.
DOI : 10.1109/NOMS.2012.6211907

URL : https://hal.archives-ouvertes.fr/hal-00747508

P. Foreman and V. Management, Information Security, 2009.

R. E. Ball, The Fundamentals of Aircraft Combat Survivability Analysis and Design, 2003.
DOI : 10.2514/4.861239

J. Banghart and C. Johnson, The Technical Specification for the Security Content Automation Protocol (SCAP) Nist Special Publication, 2011.

A. Williams and M. Nicolett, Improve IT Security with Vulnerability Management, 2005.

Y. Diao, A. Keller, S. Parekh, and V. V. Marinov, Predicting Labor Cost through IT Management Complexity Metrics, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management, pp.274-283, 2007.
DOI : 10.1109/INM.2007.374792

A. Tang, A. Nicholson, Y. Jin, and J. Han, Using Bayesian belief networks for change impact analysis in architecture design, Journal of Systems and Software, vol.80, issue.1, pp.127-148, 2007.
DOI : 10.1016/j.jss.2006.04.004

J. Sauve, R. Santos, R. Reboucas, A. Moura, and C. Bartolini, Change Priority Determination in IT Service Management Based on Risk Exposure, IEEE Transactions on Network and Service Management, vol.5, issue.3, pp.178-187, 2008.
DOI : 10.1109/TNSM.2009.031105

J. A. Wickboldt, L. A. Bianchin, and R. C. Lunardi, Improving IT Change Management Processes with Automated Risk Assessment, Proceedings of the IEEE International Workshop on Distributed Systems: Operations and Management (DSOM'09), pp.71-84, 2009.
DOI : 10.1007/978-3-642-04989-7_6

T. Setzer, K. Bhattacharya, and H. Ludwig, Decision support for service transition management Enforce change scheduling by performing change risk and business impact analysis, NOMS 2008, 2008 IEEE Network Operations and Management Symposium, pp.200-207, 2008.
DOI : 10.1109/NOMS.2008.4575135

R. , C. Cardoso, and M. M. Freire, Towards Autonomic Minimization of Security Vulnerabilities Exploitation in Hybrid Network Environments, Proceedings of the Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services (ICAS-ISNS'05), 2005.

M. S. Ahmed, E. Al-shaer, M. M. Taibah, M. Abedin, and L. Khan, Towards autonomic risk-aware security configuration, NOMS 2008, 2008 IEEE Network Operations and Management Symposium, pp.722-725, 2008.
DOI : 10.1109/NOMS.2008.4575198

M. S. Ahmed, E. Shaer, and L. Khan, A Novel Quantitative Approach For Measuring Network Security, IEEE INFOCOM 2008, The 27th Conference on Computer Communications, pp.1957-1965, 2008.
DOI : 10.1109/INFOCOM.2008.260

R. Bohme, Vulnerability Markets What is the Economic Value of a Zero-Day Exploit?, Proceedings of the 22nd Chaos Communication Congress, 2005.

S. Frei, D. Schatzmann, B. Plattner, and B. Trammel, Modelling the Security Ecosystem -The Dynamics of (In)Security, Proceedings of the Workshop on the Economics of Information Security, 2009.

J. Demott, The Evolving Art of Fuzzing. Software Testing, The Evolving Art of Fuzzing.pdf, 2006.

T. Wang, T. Wei, G. Gu, and W. Zou, TaintScope: A Checksum-Aware Directed Fuzzing Tool for Automatic Software Vulnerability Detection, 2010 IEEE Symposium on Security and Privacy, pp.497-512, 2010.
DOI : 10.1109/SP.2010.37

H. Dai, C. Murphy, and G. Kaiser, Configuration Fuzzing for Software Vulnerability Detection, 2010 International Conference on Availability, Reliability and Security, pp.525-530, 2010.
DOI : 10.1109/ARES.2010.22

URL : http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3057938

V. Corey, C. Peterman, S. Shearin, M. Greenberg, and J. Van-bokkelen, Network forensics analysis, IEEE Internet Computing, vol.6, issue.6, pp.60-66, 2002.
DOI : 10.1109/MIC.2002.1067738

H. Achi, A. Hellany, and M. Nagrial, Network security approach for digital forensics analysis, 2008 International Conference on Computer Engineering & Systems, pp.263-267, 2008.
DOI : 10.1109/ICCES.2008.4773009

W. Wang, T. E. Daniels, M. J. Khan, M. M. Awais, and S. Shamail, A Graph-based Approach Toward Network Forensics Analysis Enabling Self-Configuration in Autonomic Systems Using Case-Based Reasoning with Improved Efficiency, Proceedings of the 4th International Conference on Autonomic and Autonomous Systems (ICAS'08), pp.112-117, 2008.

H. M. Tran and J. Schönwälder, Distributed Case-Based Reasoning for Fault Management, Proceedings of the 1st international conference on Autonomous Infrastructure, Management and Security: Inter-Domain Management (AIMS'07), pp.200-203, 2007.
DOI : 10.1007/978-3-540-72986-0_25

J. Caballero, Z. Liang, P. Poosankam, and D. Song, Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration, Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (RAID'09), pp.161-181, 2009.
DOI : 10.1007/978-3-642-04342-0_9

M. Barrère, R. Badonnel, and O. Festor, Supporting Vulnerability Awareness in Autonomic Networks and Systems with OVAL, Proceedings of the 7th IEEE International Conference on Network and Service Management (CNSM'11), 2011.

M. Barrère, G. Hurel, R. Badonnel, and O. Festor, Increasing Android Security Using a Lightweight OVAL-Based Vulnerability Assessment Framework, Proceedings of the 5th IEEE Symposium on Configuration Analytics and Automation (SafeConfig'12), 2012.
DOI : 10.1007/978-3-319-01433-3_3

N. Ziring and S. D. Quinn, Specification for the Extensible Configuration Checklist Description Format (XCCDF) NIST (National Institute of Standards and Technology), 2013.

J. A. Wang and M. Guo, OVM, Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research Cyber Security and Information Intelligence Challenges and Strategies, CSIIRW '09, pp.341-375, 2009.
DOI : 10.1145/1558607.1558646

Y. Kwon, H. J. Lee, and G. Lee, A Vulnerability Assessment Tool Based on OVAL in Linux System, Network and Parallel Computing, pp.653-660, 2004.
DOI : 10.1007/978-3-540-30141-7_95

M. Barrère, G. Betarte, and M. Rodríguez, Towards machine-assisted formal procedures for the collection of digital evidence, 2011 Ninth Annual International Conference on Privacy, Security and Trust, pp.32-35, 2011.
DOI : 10.1109/PST.2011.5971960

M. Burgess and A. Frisch, A System Engineer's Guide to Host Configuration and Maintenance Using Cfengine, of Short Topics in System Administration. USENIX Association, 2007.

G. F. Lyon, Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. USA: Insecure, 2009.

X. Ou, S. Govindavajhala, and A. W. Appel, MulVAL: A Logic-based Network Security Analyzer, on USENIX Security, 2005.

X. Ou, W. F. Boyer, and M. A. Mcqueen, A scalable approach to attack graph generation, Proceedings of the 13th ACM conference on Computer and communications security , CCS '06, pp.336-345, 2006.
DOI : 10.1145/1180405.1180446

D. Saha, Extending logical attack graphs for efficient vulnerability analysis, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, pp.63-74, 2008.
DOI : 10.1145/1455770.1455780

M. Barrère, R. Badonnel, and O. Festor, Towards the assessment of distributed vulnerabilities in autonomic networks and systems, 2012 IEEE Network Operations and Management Symposium, 2012.
DOI : 10.1109/NOMS.2012.6211916

M. Barrère, R. Badonnel, and O. Festor, Collaborative Remediation of Configuration Vulnerabilities in Autonomic Networks and Systems, Proceedings of the 8th IEEE International Conference on Network and Service Management (CNSM'12), 2012.

N. K. Pandey, S. K. Gupta, S. Leekha, and J. Zhou, ACML: Capability Based Attack Modeling Language, 2008 The Fourth International Conference on Information Assurance and Security, pp.147-154, 2008.
DOI : 10.1109/IAS.2008.26

S. J. Templeton and K. Levitt, A requires/provides model for computer attacks, Proceedings of the 2000 workshop on New security paradigms , NSPW '00, pp.31-38, 2000.
DOI : 10.1145/366173.366187

R. Lippmann, K. Ingols, and L. Laboratory, An Annotated Review of Past Papers on Attack Graphs, 2005.

P. Ammann, D. Wijesekera, and S. Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM conference on Computer and communications security , CCS '02, p.217, 2002.
DOI : 10.1145/586110.586140

T. Stallard and K. Levitt, Automated analysis for digital forensic science: semantic integrity checking, 19th Annual Computer Security Applications Conference, 2003. Proceedings., pp.160-167, 2003.
DOI : 10.1109/CSAC.2003.1254321

C. Elsaesser and M. C. Tanner, Automated Diagnosis for Computer Forensics, " tech. rep., The Mitre Corporation, 2001.

R. W. Ritchey and P. Ammann, Using model checking to analyze network vulnerabilities, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000, pp.156-165, 2000.
DOI : 10.1109/SECPRI.2000.848453

K. Scarfone and T. Grance, A framework for measuring the vulnerability of hosts, 2008 1st International Conference on Information Technology, pp.1-4, 2008.
DOI : 10.1109/INFTECH.2008.4621610

M. Abedin, S. Nessa, E. Shaer, and L. Khan, Vulnerability analysis For evaluating quality of protection of security policies, Proceedings of the 2nd ACM workshop on Quality of protection , QoP '06, 2006.
DOI : 10.1145/1179494.1179505