C. W. Axelrod, Accounting for Value and Uncertainty in Security Metrics, Information Systems Control Journal, vol.6, pp.1-6, 2008.

B. A. Blakely, Cyberprints Identifying Cyber Attackers by Feature Analysis. Doctoral Dissertation, 2012.

R. Dantu, P. Kolan, and J. Cangussu, Network risk management using attacker profiling, Security and Communication Networks, pp.83-96, 2009.
DOI : 10.1002/sec.58

N. C. Idika, Characterizing and Aggregating Attack Graph-Based Security Metric, pp.1-131, 2010.

M. Jahnke, C. Thul, and P. Martini, Graph based Metrics for Intrusion Response Measures in Computer Networks, 32nd IEEE Conference on Local Computer Networks (LCN 2007), 2007.
DOI : 10.1109/LCN.2007.45

W. Kanoun, N. Cuppens-boulahia, F. Cuppens, and J. Araujo, Automated Reaction Based on Risk Analysis and Attackers Skills in Intrusion Detection Systems. CRiSIS'08, pp.117-124, 2008.
URL : https://hal.archives-ouvertes.fr/hal-00540864

N. Kheir, N. Cuppens-boulahia, F. Cuppens, and H. Debar, A Service Dependency Model for Cost-Sensitive Intrusion Response, ESORICS'10, pp.626-642, 2010.
DOI : 10.1007/978-3-642-15497-3_38
URL : https://hal.archives-ouvertes.fr/hal-01164601

I. Kotenko and A. Chechulin, A Cyber Attack Modeling and Impact Assessment Framework. CyCon'2013, pp.119-142, 2013.

I. Kotenko, I. Saenko, O. Polubelova, and E. Doynikova, The Ontology of Metrics for Security Evaluation and Decision Support in SIEM Systems, 2013 International Conference on Availability, Reliability and Security, 2013.
DOI : 10.1109/ARES.2013.84

P. K. Manadhata and J. Wing, An Attack Surface Metric, IEEE Transactions on Software Engineering, vol.37, issue.3, pp.371-386, 2010.
DOI : 10.1109/TSE.2010.60

A. Mayer, Operational Security Risk Metrics: Definitions, Calculations, Visualizations. Metricon 2.0, CTO RedSeal Systems, 2007.

P. Mell, K. Scarfone, and S. Romanosky, A Complete Guide to the Common Vulnerability Scoring System Version 2, 2007.

A. P. Moore, R. J. Ellison, and R. C. Linger, Attack Modeling for Information Security and Survivability, 2001.

N. Poolsappasit, R. Dewri, and I. Ray, Dynamic Security Risk Management Using Bayesian Attack Graphs, IEEE Transactions on Dependable and Secure Computing, vol.9, issue.1, pp.61-74, 2012.
DOI : 10.1109/TDSC.2011.34

N. Seddigh, P. Pieda, A. Matrawy, B. Nandy, I. Lambadaris et al., Current Trends and Advances in Information Assurance Metrics, Proc. of the 2nd Annual Conference on Privacy, Security and Trust, 2004.

M. Swanson, N. Bartol, J. Sabato, J. Hash, and L. Graffo, Security Metrics Guide for Information Technology Systems, NIST Special Publication, pp.800-55, 2003.
DOI : 10.6028/NIST.SP.800-55

R. Vaughn, R. Henning, and A. Siraj, Information assurance measures and metrics - state of practice and proposed taxonomy, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the, 2003.
DOI : 10.1109/HICSS.2003.1174904