Journal Article |
Standardization of File Recovery Classification and Authentication |
Final |
12/01/2019 |
Journal Article |
Toward Cyberresiliency in the Context of Cloud Computing |
Final |
12/01/2018 |
Journal Article |
Toward Cyberresiliency in the Context of Cloud Computing |
Final |
12/01/2018 |
Journal Article |
Bad Security Metrics Part 2: Solutions |
Final |
04/16/2018 |
Journal Article |
Bad Security Metrics Part 1: Problems |
Final |
02/14/2018 |
Conference Proceedings |
Securing Networks Against Unpatchable and Unknown Vulnerabilities Using Heterogeneous Hardening Options |
Final |
06/22/2017 |
Conference Proceedings |
Threat Modeling for Cloud Data Center Infrastructures |
Final |
10/26/2016 |
Conference Proceedings |
Diversifying Network Services under Cost Constraints for Better Resilience against Unknown Attacks |
Final |
07/20/2016 |
Journal Article |
Network Diversity: A Security Metric for Evaluating the Resilience of Networks Against Zero-Day Attacks |
Final |
01/12/2016 |
Journal Article |
Network Diversity: A Security Metric for Evaluating the Resilience of Networks Against Zero-Day Attacks |
Final |
01/12/2016 |
Conference Proceedings |
The Authentication Equation: A Tool to Visualize the Convergence of Security and Usability of Text-Based Passwords |
Final |
08/02/2015 |
ITL Bulletin |
Cryptographic Module Validation Program (CMVP) |
Final |
12/01/2014 |
Book Section |
Metrics of Security |
Final |
10/03/2014 |
Conference Proceedings |
Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks |
Final |
09/11/2014 |
ITL Bulletin |
Release of NIST Interagency Report 7946, CVSS Implementation Guidance |
Final |
07/10/2014 |
Conference Proceedings |
Using Network Tainting to Bound the Scope of Network Ingress Attacks |
Final |
07/01/2014 |
Journal Article |
Aggregating Vulnerability Metrics in Enterprise Networks using Attack Graphs |
Final |
09/20/2013 |
Journal Article |
Aggregating Vulnerability Metrics in Enterprise Networks using Attack Graphs |
Final |
09/20/2013 |
Conference Paper |
Security Ontologies for Enterprise Level Risk Assessment |
Final |
12/07/2012 |
Conference Proceedings |
Aggregating CVSS Base Scores for Semantics-Rich Network Security Metrics |
Final |
10/11/2012 |
Conference Paper |
Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense |
Final |
06/11/2012 |
NISTIR 7788 |
Security Risk Analysis of Enterprise Networks Using Probabilistic Attack Graphs |
Final |
08/01/2011 |
Journal Article |
Research Directions in Security Metrics |
Final |
04/04/2011 |
Conference Proceedings |
k-Zero Day Safety: Measuring the Security Risk of Networks Against Unknown Attacks |
Final |
12/10/2010 |
Journal Article |
Measuring Security Risk of Networks Using Attack Graphs |
Final |
07/14/2010 |
ITL Bulletin |
Security Metrics: Measurements to Support the Continued Development of Information Security Technology |
Final |
01/27/2010 |
NISTIR 7564 |
Directions in Security Metrics Research |
Final |
04/30/2009 |
Conference Paper |
Evidence-Based, Good Enough, and Open |
Final |
08/04/2008 |
Conference Proceedings |
An Attack Graph-Based Probabilistic Security Metric |
Final |
07/16/2008 |
Conference Proceedings |
A Framework for Measuring the Vulnerability of Hosts |
Final |
06/30/2008 |
ITL Bulletin |
Testing Intrusion Detection Systems |
Final |
07/01/2003 |