P. Ammann, D. Wijesekera, and S. Kaushik, Scalable, graph-based network vulnerability analysis, Proceedings of the 9th ACM Conference on Computer and Communications Security, pp.217-224, 2002.

X. Chen, M. Zhang, Z. M. Mao, and P. Bahl, Automating network application dependency discovery: Experiences, limitations, and new solutions, In: OSDI, vol.8, pp.117-130, 2008.

J. Dai, X. Sun, P. Liu, and N. Giacobe, Gaining big picture awareness through an interconnected cross-layer situation knowledge reference model, Cyber Security (CyberSecurity), 2012 International Conference on, pp.83-92, 2012.

R. Dewri, N. Poolsappasit, I. Ray, and D. Whitley, Optimal security hardening using multi-objective optimization on attack tree models of networks, Proceedings of the 14th ACM conference on Computer and communications security, pp.204-213, 2007.

M. Frigault and L. Wang, Measuring network security using bayesian network-based attack graphs, Proceedings of the 2008 32nd Annual IEEE International Computer Software and Applications Conference, pp.698-703, 2008.

M. Frigault, L. Wang, A. Singhal, and S. Jajodia, Measuring network security using dynamic bayesian network, Proceedings of the 4th ACM workshop on Quality of protection, pp.23-30, 2008.

S. Jajodia, S. Noel, and B. Oberry, Topological analysis of network attack vulnerability, Managing Cyber Threats, pp.247-266, 2005.

G. Jakobson, Mission cyber security situation assessment using impact dependency graphs, Information Fusion (FUSION), 2011 Proceedings of the 14th International Conference on, pp.1-8, 2011.

, NIST: Cvss score, 2017.

S. Noel, S. Jajodia, B. O'berry, and M. Jacobs, Efficient minimum-cost network hardening via exploit dependency graphs, Computer security applications conference, 2003. proceedings. 19th annual, pp.86-95, 2003.

X. Ou, W. F. Boyer, and M. A. Mcqueen, A scalable approach to attack graph generation, Proceedings of the 13th ACM conference on Computer and communications security, pp.336-345, 2006.

C. Phillips and L. P. Swiler, A graph-based system for network-vulnerability analysis, Proceedings of the 1998 workshop on New security paradigms, pp.71-79, 1998.

N. Poolsappasit, R. Dewri, and I. Ray, Dynamic security risk management using bayesian attack graphs, IEEE Transactions on Dependable and Secure Computing, vol.9, issue.1, pp.61-74, 2012.

I. Ray and N. Poolsapassit, Using attack trees to identify malicious attacks from authorized insiders, European Symposium on Research in Computer Security, pp.231-246, 2005.

P. Saripalli and B. Walters, Quirc: A quantitative impact and risk assessment framework for cloud security, Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on, pp.280-288, 2010.

O. Sheyner, J. Haines, S. Jha, R. Lippmann, and J. M. Wing, Automated generation and analysis of attack graphs, Proceedings. 2002 IEEE Symposium on, pp.273-284, 2002.

X. Sun, A. Singhal, and P. Liu, Who touched my mission: Towards probabilistic mission impact assessment, Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense, pp.21-26, 2015.

X. Sun, A. Singhal, and P. Liu, Towards actionable mission impact assessment in the context of cloud computing, IFIP Annual Conference on Data and Applications Security and Privacy, pp.259-274, 2017.
URL : https://hal.archives-ouvertes.fr/hal-01684363

Y. Sun, T. Y. Wu, X. Liu, and M. S. Obaidat, Multilayered impact evaluation model for attacking missions, IEEE Systems Journal, vol.10, issue.4, pp.1304-1315, 2016.