References

QRS2021

Samuel, J., Jaskolka, J., & Yee, G. O. (2021, December). Analyzing Structural Security Posture to Evaluate System Design Decisions. In 2021 IEEE 21st International Conference on Software Quality, Reliability and Security (QRS) (pp. 8-17). IEEE.

CMU2012

Gennari, J., & Garlan, D. (2012). Measuring attack surface in software architecture. Technical Report CMU-ISR-11–121, Carnegie Mellon University, Tech. Rep.

IEEE2019

Yee, G. O. (2019, May). Modeling and reducing the attack surface in software systems. In 2019 IEEE/ACM 11th International Workshop on Modelling in Software Engineering (MiSE) (pp. 55-62). IEEE.

IEEE2006

Halfond, W. G., Viegas, J., & Orso, A. (2006, March). A classification of SQL-injection attacks and countermeasures. In Proceedings of the IEEE international symposium on secure software engineering (Vol. 1, pp. 13-15). IEEE.

IEEE2021

Samuel, J., Jaskolka, J., & Yee, G. O. (2021, May). Leveraging External Data Sources to Enhance Secure System Design. In 2021 Reconciling Data Analytics, Automation, Privacy, and Security: A Big Data Challenge (RDAAPS) (pp. 1-8). IEEE.

IEEE2010

Manadhata, P. K., & Wing, J. M. (2010). An attack surface metric. IEEE Transactions on Software Engineering, 37(3), 371-386.

OXFORD2018

Newman, M. (2018). Networks. Oxford university press.

JOURNAL1987

Bonacich, P. (1987). Power and centrality: A family of measures. American journal of sociology, 92(5), 1170-1182.

NVD

National Institute of Standards and Technology, “National Vulnerability Database (NVD).”, https://nvd.nist.gov/.

MITRE2018

Strom, B. E., Applebaum, A., Miller, D. P., Nickels, K. C., Pennington, A. G., & Thomas, C. B. (2018). Mitre att&ck: Design and philosophy. Technical report.

CCCS

Canadian Centre for Cyber Security, “Alerts & Advisories”, https://cyber.gc.ca/en/alerts-advisories/.

CARLETON2021

Samuel, J. F. (2021). A Data-Driven Approach to Evaluate the Security of System Designs (Doctoral dissertation, Carleton University).