5Howard M, Pincus J, Wing J M. Computer Securing in the 21st Century. Springer, 2005:109-137
6Ortalo R, Deswarte Y, Kaaniche M. Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering, 1999, 25 (5) : 633-651
7Ammann P, Wijesekera D, Kaushik S. Scalable, graphbased network vulnerability analysis//Proceedings of the 5th ACM Conference on Computer and Communications Security. Washington DC, USA, 2002:217-224
8Gehani A, Kedem G. Rheostat: Real-time risk management//Proceedings of the 7th International Symposium on Recent Advances in Intrusion Detection. French Riviera, France, 2004:296-314
9Jonsson E, Olovsson T. An empirical model of the security intrusion process//Proceedings of the 11th Annual Conference on Computer Assurance. Gaithersburg, 1996:176-186
10Jonsson E, Olovsson T. A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering, 1997, 23(4): 235-245