Computer Science ›› 2022, Vol. 49 ›› Issue (9): 306-311.doi: 10.11896/jsjkx.210600171
• Information Security • Previous Articles Next Articles
LIU Jie-ling1, LING Xiao-bo2, ZHANG Lei3, WANG Bo1, WANG Zhi-liang1, LI Zi-mu1, ZHANG Hui1, YANG Jia-hai1, WU Cheng-nan4
CLC Number:
[1]KOTZIAS P,BILGE L,VERVIER P,et al.Mind your own busi-ness:a longitudinal study of threats and vulnerabilities in enterprises [C]//26th Annual Network and Distributed System Security Symposium.San Diego:The Internet Society,2019. [2]NOUR B,MASTORAKIS S,ULLAH R,et al.Information-centric networking in wireless environments:security risks and challenges [J].IEEE Wireless Communications,2021,28(2):121-127. [3]OLTSIK J.2017:Security operations challenges,priorities,and strategies [R/OL].[2021-01-19].https://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14273.pdf. [4]BROUGHTON K.Automated incident response:respond to eve-ry alert [R/OL].[2021-01-19].https://swimlane.com/blog/automated-incident-response-respondevery-alert/. [5]SPATHOULAS G P,KATSIKAS S K.Using a Fuzzy Inference System to Reduce False Positives in Intrusion Detection [C]//International Conference on Systems,Signals and Image Processing.IEEE,2009. [6]BIANCO D.The numbers game:how many alerts are too many to handle? [R/OL].[2021-01-19].https://www2.fireeye.com/StopTheNoise-IDC-Numbers-Game-Special-Report.html. [7]ALBERTS C,DPRPFEE A,STEVENS J,et al.OCTAVE-S implementation guide,version 1.0 [R/OL].[2021-01-20].https://resources.sei.cmu.edu/asset_files/Handbook/2005_002_001_14273.pdf. [8]MARBUKH V.Towards robust security risk metrics for networked systems:work in progress[C]//17th IFIP/IEEE International Symposium on Integrated Network Management.IEEE,2021:658-661. [9]SENDI S A,BARZEGAR R A,CHERIET M.Taxonomy of information security risk assessment [J].Computers & Security,2016,57:14-30. [10]Joint Task Force Transformation Initiative.Managing information security risk:organization,mission,and information system view [R/OL].[2021-01-20].https://csrc.nist.gov/publications/detail/sp/800-39/final. [11]International Organization for Standardization.Information technology-security techniques-information security risk management [R/OL].[2021-01-20].https://www.iso.org/standard/42107.html. [12]British Standards.Information security management systems.Guidelines for information risk management [R/OL].[2021-01-20].https://shop.bsigroup.com/ProductDetail?pid=000000000030354572. [13]Fair Institute.Measuring and managing information risk:a fair approach.[R/OL].[2021-01-20].https://www.fairinstitute.org/fair-book. [14]Microsoft.Microsoft security risk assessment.[R/OL].[2021-01-20].https://servicetrust.microsoft.com/ViewPage/RiskAssessmentOverview. [15]SCHMITZ C,PAPE S.LiSRA:lightweight security risk assessment for decision support in information security [J/OL].Computers & Security,2020,90.https://www.sciencedirect.com/science/article/pii/S0167404819301993. [16]FIGUEIRA T P,BRAVO L C,LOPEZ R L J.Improving information security risk analysis by including threat-occurrence predictive models [J/OL].Computers & Security,2020,88.https://www.sciencedirect.com/science/article/pii/S0167404819301592. [17]TANTAWY A,ABDELWAHED S,ERRADI A,et al.Model-based risk assessment for cyber physical systems security [J/OL].Computers & Security,2020,96.https://www.sciencedirect.com/science/article/pii/S016740482030136X. [18]Mandiant.MANDIANT:Exposing One of China's Cyber Espionage Units [R/OL].[2021-01-20].https://www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf. [19]MITRE.ATT&CK [R/OL].[2021-01-20].https://attack.mitre.org. [20]MITRE.CAPEC:common attack pattern enumeration and classification [R/OL].[2021-01-20].https://capec.mitre.org/index.html. [21]Forum of Incident Response and Security Teams.Common vulnerability scoring system v3.0:specification document [R/OL].[2021-01-20].https://www.first.org/cvss/specification-document. [22]Microsoft.STRIDE chart [R/OL].[2021-01-20].https://www.microsoft.com/security/blog/2007/09/11/stride-chart/. |
[1] | ZHAO Dong-mei, WU Ya-xing, ZHANG Hong-bin. Network Security Situation Prediction Based on IPSO-BiLSTM [J]. Computer Science, 2022, 49(7): 357-362. |
[2] | DU Hong-yi, YANG Hua, LIU Yan-hong, YANG Hong-peng. Nonlinear Dynamics Information Dissemination Model Based on Network Media [J]. Computer Science, 2022, 49(6A): 280-284. |
[3] | LYU Peng-peng, WANG Shao-ying, ZHOU Wen-fang, LIAN Yang-yang, GAO Li-fang. Quantitative Method of Power Information Network Security Situation Based on Evolutionary Neural Network [J]. Computer Science, 2022, 49(6A): 588-593. |
[4] | DENG Kai, YANG Pin, LI Yi-zhou, YANG Xing, ZENG Fan-rui, ZHANG Zhen-yu. Fast and Transmissible Domain Knowledge Graph Construction Method [J]. Computer Science, 2022, 49(6A): 100-108. |
[5] | ZHANG Shi-peng, LI Yong-zhong. Intrusion Detection Method Based on Denoising Autoencoder and Three-way Decisions [J]. Computer Science, 2021, 48(9): 345-351. |
[6] | CHEN Hai-biao, HUANG Sheng-yong, CAI Jie-rui. Trust Evaluation Protocol for Cross-layer Routing Based on Smart Grid [J]. Computer Science, 2021, 48(6A): 491-497. |
[7] | WANG Jin-heng, SHAN Zhi-long, TAN Han-song, WANG Yu-lin. Network Security Situation Assessment Based on Genetic Optimized PNN Neural Network [J]. Computer Science, 2021, 48(6): 338-342. |
[8] | YONG Qi, JIANG Wei-na, LUO Yu-ze. Trial Risk Assessment System Based on Fuzzy Number Similarity [J]. Computer Science, 2021, 48(5): 209-216. |
[9] | ZHANG Kai, LIU Jing-ju. Attack Path Analysis Method Based on Absorbing Markov Chain [J]. Computer Science, 2021, 48(5): 294-300. |
[10] | LIU Quan-ming, LI Yin-nan, GUO Ting, LI Yan-wei. Intrusion Detection Method Based on Borderline-SMOTE and Double Attention [J]. Computer Science, 2021, 48(3): 327-332. |
[11] | WANG Yu-chen, QI Wen-hui, XU Li-zhen. Security Cooperation of UAV Swarm Based on Blockchain [J]. Computer Science, 2021, 48(11A): 528-532. |
[12] | LIU Shan-shan, ZHU Hai-long, HAN Xiao-xia, MU Quan-qi, HE Wei. Enterprise Risk Assessment Model Based on Principal Component Regression and HierarchicalBelief Rule Base [J]. Computer Science, 2021, 48(11A): 570-575. |
[13] | MA Lin, WANG Yun-xiao, ZHAO Li-na, HAN Xing-wang, NI Jin-chao, ZHANG Jie. Network Intrusion Detection System Based on Multi-model Ensemble [J]. Computer Science, 2021, 48(11A): 592-596. |
[14] | WANG Xiao-xiao, WANG Ting-wen, MA Yu-ling, FAN Jia-yi, CUI Chao-ran. Credit Risk Assessment Method of P2P Online Loan Borrowers Based on Deep Forest [J]. Computer Science, 2021, 48(11A): 429-434. |
[15] | JIANG Jian-feng, SUN Jin-xia, YOU Lan-tao. Security Clustering Strategy Based on Particle Swarm Optimization Algorithm in Wireless Sensor Network [J]. Computer Science, 2021, 48(11A): 452-455. |
|