R. Anderson and T. Moore, Information Security Economics -and Beyond, Proceedings of the 27th annual International Crytology Conference on Advances in Cryptology CRYPTO'07, pp.68-91, 2007.
DOI : 10.1007/978-3-540-70525-3_5
URL : http://archive.nyu.edu/bitstream/2451/23353/2/econ_crypto.pdf

P. L. Campbell and J. E. Stamp, A Classification Scheme for Risk Assessment Methods. Sandia National Laboratories, 2004.

L. Carin, G. Cybenko, and J. Hughes, Quantitative Evaluation of Risk for Investment Efficient Strategies in Cybersecurity: The QuERIES Methodology . http://www.securitymetrics.org/content/attach/Metricon3.0/metricon3- cybenko20article.pdf. Approved for Public Release, 2007.

L. Carin, G. Cybenko, and J. Hughes, Cybersecurity Strategies: The QuERIES Methodology, Computer, vol.41, issue.8, pp.20-26, 2008.
DOI : 10.1109/MC.2008.295

L. A. Cox and J. , Game Theory and Risk Analysis, Risk Analysis, vol.107, issue.1, pp.1062-1068, 2009.
DOI : 10.1093/acprof:oso/9780199269181.001.0001

K. Hausken, Probabilistic Risk Analysis and Game Theory, Risk Analysis, vol.12, issue.1, 2002.
DOI : 10.1111/0272-4332.t01-1-00002

I. Guide, Risk management -Vocabulary -Guidelines for use in standards, 2002.

J. Jormakka and J. V. Mölsä, Modelling Information Warfare as a Game, Journal of Information Warfare, vol.4, issue.2, pp.12-25, 2005.

P. Liu and W. Zang, Incentive-based modeling and inference of attacker intent, objectives, and strategies, Proceedings of the 10th ACM conference on Computer and communications security, CCS '03, pp.179-189, 2003.
DOI : 10.1145/948109.948135
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.134.8958

M. Soldal-lund, B. Solhaug, and K. Stølen, A Guided Tour of the CORAS Method, Model-Driven Risk Analysis, pp.23-43, 2011.

E. Rasmusen, Games and information: An introduction to game theory, 2006.

R. D. Jr and . Fricker, Game theory in an age of terrorism: How can statisticians contribute?, 2006.

D. Ross, Game theory, 2010.

S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya et al., A Survey of Game Theory as Applied to Network Security, 2010 43rd Hawaii International Conference on System Sciences, pp.1-10, 2010.
DOI : 10.1109/HICSS.2010.35

G. Stoneburner, A. Goguen, and A. Feringa, Risk Management Guide for Information Technology Systems, NIST Special Publication, pp.800-830, 2002.
DOI : 10.6028/NIST.SP.800-30
URL : http://www.dtic.mil/get-tr-doc/pdf?AD=ADA396553

N. Nassim and . Taleb, The Black Swan: The Impact of the Highly Improbable. Random House Trade Paperbacks, 2010.

A. Vorster and L. Labuschagne, A framework for comparing different information security risk analysis methodologies research conference of the South African institute of computer scientists and information technologists on IT research in developing countries, Proceedings of the 2005 annual SAICSIT '05 South African Institute for Computer Scientists and Information Technologists, pp.95-103, 2005.

J. Watson, Strategy : An Introduction to Game Theory, W. W. Norton & Company, 2008.