[1] |
RISTENPART T , TROMER E , SHACHAM H , et al. Hey,you,get off of my cloud:exploring information leakage in third-party compute clouds[C]// ACM Conference on Computer and Communications Se-curity. c2009:199-212.
|
[2] |
BELLOVIN S . On the brittleness of software and the infeasibility of security metrics[J]. IEEE Security and Privacy, 2006,4(4): 96-.
|
[3] |
BOZORGI M , SAUL L , SAVAGE , et al. Beyond heuristics:learning to classify vulnerabilities and predict exploits[C]// ACM Sigkdd Inter-national Conference on Knowledge Discovery & Data Mining. ACM, c2010:105-114.
|
[4] |
IBM. IBM Internet Security Systems X-Force 2008 Trend and Risk Report[R]. White paper, 2009.
|
[5] |
A complete guide to the common vulnerability scoring system[S].
|
[6] |
OWASP Top Ten[EB/OL]. , 2003.
|
[7] |
SANS Top-20 Security Risks[EB/OL]. , 2009.
|
[8] |
CHEN X , ZHANG M , MAO Z , et al. Automating network application dependency discovery:Experiences,limitations,and new solu-tions[C]// Usenix Symposium on Operating Systems Design & Im-plementation. c2008:117-130.
|
[9] |
ENSEL C . A scalable approach to automated service dependency modeling in heterogeneous environments[C]// IEEE International En-terprise Distributed Object Computing Conference. c2001:128-139.
|
[10] |
DOUGHERTY C . Vulnerability metric[EB/OL]. , c2008,07,24.
|
[11] |
SAWILLA R OU X . Identifying critical attack assets in depend-ency attack graphs[C]// European Symposium on Computer Secu-rity-esorics. c2008:18-34.
|
[12] |
OSVDB . The open source vulnerability database[S].
|
[13] |
CVE Editorial Board. Common vulnerabilities and exposures:the standard for information security vulnerability names[S].
|
[14] |
GYONGYI Z , GARCIA H , PEDERSEN J . GARCIA H,PEDERSEN J.Combating web spam with trustrank[C]// Thirtieth International Conference on Very Large Data Bases. c2010:576-587.
|
[15] |
CHRISTOS T . Software for Cloud[S].
|
[16] |
SCARFONE K MELL P . An analysis of cvss version 2 vulnerabil-ity scoring[C]// FDTC 2013. International Symposium on Empirical Software Engi-neering & Measurement c2009:516-525.
|
[17] |
FRUHWIRTH C MANNISTO T . Improving cvss-based vulnerability prioritization and response with context information[C]// ESEM. International Symposium on Empirical Software Engi-neering & Measurement c2009:535-544.
|
[18] |
MOORE D SHANNON C CLAFFY K . A case study on the spread and victims of an Internet worm[C]// ESEM. Internet Measurement Workshop c2002:273-284.
|