Measurement and preference function modelling, International Transactions in Operational Research, vol.19, issue.2, pp.173-183, 2005. ,
DOI : 10.1016/0022-2496(77)90033-5
Security attribute evaluation method, Proceedings of the 24th international conference on Software engineering , ICSE '02, pp.232-240, 2002. ,
DOI : 10.1145/581339.581370
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.70.9285
Measurement Theory and Dimensional Analysis: Methodological Impact on the Comparison and Evaluation Process, Volume 3: 19th International Conference on Design Theory and Methodology; 1st International Conference on Micro- and Nanosystems; and 9th International Conference on Advanced Vehicle Tire Technologies, Parts A and B, 2007. ,
DOI : 10.1115/DETC2007-34364
A review of the fundamental concepts of measurement, Measurement, vol.2, issue.1, pp.25-34, 1984. ,
DOI : 10.1016/0263-2241(84)90020-4
Complete Guide to Security and Privacy Metrics. Measuring Regulatory Compliance, Operational Resilience, and ROI, 2007. ,
Measuring Relative Attack Surfaces, 2003. ,
DOI : 10.1007/0-387-24006-3_8
Directions in security metric research, 2009. ,
DOI : 10.6028/NIST.IR.7564
Security metrics: replacing fear, uncertainty, and doubt, 2007. ,
Assessment of enterprise information security -an architecture theory diagram definition, Proc. of CSER-05, 2005. ,
Assessment of enterprise information security -estimating the credibility of the results, Proc. of SREIS-05, 2005. ,
A quantitative model of the security intrusion process based on attacker behavior, IEEE Transactions on Software Engineering, vol.23, issue.4, pp.235-245, 1997. ,
DOI : 10.1109/32.588541
Fuzzy metrics and statistical metric spaces, Kybernetica, vol.11, issue.5, pp.336-344, 1974. ,
A method for modeling and quantifying the security attributes of intrusion tolerant systems, Performance Evaluation, vol.56, issue.1-4, pp.1-4167, 2004. ,
DOI : 10.1016/j.peva.2003.07.008
Measuring a system's attack surface, 2004. ,
An Attack Surface Metric, IEEE Transactions on Software Engineering, vol.37, issue.3, 2005. ,
DOI : 10.1109/TSE.2010.60
An approach to measuring a system's attack surface, 2007. ,
Analysis of security protocols as open systems, Theoretical Computer Science, vol.290, issue.1, pp.1057-1106, 2003. ,
DOI : 10.1016/S0304-3975(02)00596-0
Experimenting with quantitative evaluation tools for monitoring operational security, IEEE Transactions on Software Engineering, vol.25, issue.5, pp.633-650, 1999. ,
DOI : 10.1109/32.815323
A weakest-adversary security metric for network configuration security analysis, Proceedings of the 2nd ACM workshop on Quality of protection , QoP '06, 2006. ,
DOI : 10.1145/1179494.1179502
Risk management guide for information technology systems, 2001. ,
DOI : 10.6028/NIST.SP.800-30
Basic measurement theory Institute for mathematical studies in the social science, 1962. ,
Quantifying the Security of Composed Systems, Proc. of PPAM-05, 2005. ,
DOI : 10.1007/11752578_124
Information security models and metrics, Proceedings of the 43rd annual southeast regional conference on , ACM-SE 43, pp.178-184, 2005. ,
DOI : 10.1145/1167253.1167295
An Attack Graph-Based Probabilistic Security Metric, Proc. of DBSec-09, 2008. ,
DOI : 10.1016/j.comcom.2006.06.018
Minimum-cost network hardening using attack graphs, Computer Communications, vol.29, issue.18, pp.3812-3824, 2006. ,
DOI : 10.1016/j.comcom.2006.06.018