Synchronous_Firing/OJ_Template/First Revise and Resubmit/Bibliography.bib

@article{schneier_modeling_1999,
	title = {Modeling {Security} {Threats}},
	url = {https://www.schneier.com/academic/archives/1999/12/attack_trees.html},
	author = {Schneier, Bruce},
	year = {1999},
	journal = {Dr. Dobb's Journal},
	note = {vol. 24, no.12}
}

@article{phillips_graph-based_1998,
	title = {A graph-based system for network-vulnerability analysis},
	volume = {Part F1292},
	issn = {1581131682},
	doi = {10.1145/310889.310919},
	abstract = {This paper presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The graph-based tool can identify the set of attack paths that have a high probability of success (or a low "effort" cost) for the attacker. The system could be used to test the effectiveness of making configuration changes, implementing an intrusion detection system, etc. The analysis system requires as input a database of common attacks, broken into atomic steps, specific network configuration and topology information, and an attacker profile. The attack information is "matched" with the network configuration information and an attacker profile to create a superset attack graph. Nodes identify a stage of attack, for example the class of machines the attacker has accessed and the user privilege level he or she has compromised. The arcs in the attack graph represent attacks or stages of attacks. By assigning probabilities of success on the arcs or costs representing level-of-effort for the attacker, various graph algorithms such as shortest-path algorithms can identify the attack paths with the highest probability of success.},
	journal = {Proceedings New Security Paradigms Workshop},
	author = {Phillips, Cynthia and Swiler, Laura Painton},
	note = {doi: 10.1145/310889.310919},
	year = {1998},
	keywords = {Attack graph, Computer security, Network vulnerability},
	pages = {71--79},
	file = {310889.310919:/home/noah/Zotero/storage/JMW5DI72/310889.310919.pdf:application/pdf},
}

@article{ou_scalable_2006,
	title = {A {Scalable} {Approach} to {Attack} {Graph} {Generation}},
	issn = {1595935185},
	author = {Ou, Xinming and Boyer, Wayne F and Mcqueen, Miles A},
	year = {2006},
	journal = {CCS '06: Proceedings of the 13th ACM conference on Computer and communications security},
	keywords = {attack graphs, enterprise network security, logic-programming},
	pages = {336--345},
	file = {1180405.1180446:/home/noah/Zotero/storage/TJKHVC4R/1180405.1180446.pdf:application/pdf},
}

@misc{j_hale_compliance_nodate,
	title = {Compliance {Method} for a {Cyber}-{Physical} {System}},
	author = {{J. Hale} and Hawrylak, P. and Papa, M.},
	note = {U.S. Patent Number 9,471,789, Oct. 18, 2016.},
	number = {9471789},
	file = {Complaince_Graph_US_Patent_9471789:/home/noah/Zotero/storage/55BZN4U7/Complaince_Graph_US_Patent_9471789.pdf:application/pdf},
}

@inproceedings{baloyi_guidelines_2019,
	address = {Skukuza South Africa},
	title = {Guidelines for {Data} {Privacy} {Compliance}: {A} {Focus} on {Cyberphysical} {Systems} and {Internet} of {Things}},
	doi = {10.1145/3351108.3351143},
	booktitle = {{SAICSIT} '19: {Proceedings} of the {South} {African} {Institute} of {Computer} {Scientists} and {Information} {Technologists} 2019},
	publisher = {Association for Computing Machinery},
	author = {Baloyi, Ntsako and Kotzé, Paula},
	year = {2019},
}

@article{allman_complying_2006,
	title = {Complying with {Compliance}: {Blowing} it off is not an option.},
	volume = {4},
	number = {7},
	journal = {ACM Queue},
	author = {Allman, Eric},
	year = {2006},
}

@article{sheyner_automated_2002,
	title = {Automated {Generation} and {Analysis} of {Attack} {Graphs}},
	issn = {9781787284395},
	journal = {Proceeding of 2002 IEEE Symposium on Security and Privacy},
	author = {Sheyner, O. and Haines, J. and Jha, S. and Lippmann, R.. and Wing, J.},
	year = {2002},
	pages = {254--265},
	file = {sheyner-wing02:/home/noah/Zotero/storage/BV6NHT6L/sheyner-wing02.pdf:application/pdf},
}

@article{zhang_boosting_2017,
	title = {Boosting the performance of {FPGA}-based graph processor using hybrid memory cube: {A} case for breadth first search},
	issn = {9781450343541},
	doi = {10.1145/3020078.3021737},
	abstract = {Large graph processing has gained great attention in recent years due to its broad applicability from machine learning to social science. Large real-world graphs, however, are inherently difficult to process efficiently, not only due to their large memory footprint, but also that most graph algorithms entail memory access patterns with poor locality and a low compute-to-memory access ratio. In this work, we leverage the exceptional random access performance of emerging Hybrid Memory Cube (HMC) technology that stacks multiple DRAM dies on top of a logic layer, combined with the flexibility and efficiency of FPGA to address these challenges. To our best knowledge, this is the first work that implements a graph processing system on a FPGA-HMC platform based on software/hardware co-design and co-optimization. We first present the modifications of algorithm and a platform-aware graph processing architecture to perform level-synchronized breadth first search (BFS) on FPGA-HMC platform. To gain better insights into the potential bottlenecks of proposed implementation, we develop an analytical performance model to quantitatively evaluate the HMC access latency and corresponding BFS performance. Based on the analysis, we propose a two-level bitmap scheme to further reduce memory access and perform optimization on key design parameters (e.g. memory access granularity). Finally, we evaluate the performance of our BFS implementation using the AC-510 development kit from Micron. We achieved 166 million edges traversed per second (MTEPS) using GRAPH500 benchmark on a random graph with a scale of 25 and an edge factor of 16, which significantly outperforms CPU and other FPGA-based large graph processors.},
	journal = {FPGA 2017 - Proceedings of the 2017 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays},
	author = {Zhang, Jialiang and Khoram, Soroosh and Li, Jing},
	year = {2017},
	pages = {207--216},
	file = {Boosting the Performance of FPGA-based Graph Processor using Hybrdi Memory Cube:/home/noah/Zotero/storage/CDKPUXYF/Boosting the Performance of FPGA-based Graph Processor using Hybrdi Memory Cube.pdf:application/pdf},
}

@inproceedings{Monotonicity,
	author = {Ammann, Paul and Wijesekera, Duminda and Kaushik, Saket},
	title = {Scalable, Graph-Based Network Vulnerability Analysis},
	year = {2002},
	isbn = {1581136129},
	publisher = {Association for Computing Machinery},
	address = {New York, NY, USA},
	url = {https://doi.org/10.1145/586110.586140},
	doi = {10.1145/586110.586140},
	abstract = {Even well administered networks are vulnerable to attack. Recent work in network security has focused on the fact that combinations of exploits are the typical means by which an attacker breaks into a network. Researchers have proposed a variety of graph-based algorithms to generate attack trees (or graphs). Either structure represents all possible sequences of exploits, where any given exploit can take advantage of the penetration achieved by prior exploits in its chain, and the final exploit in the chain achieves the attacker's goal. The most recent approach in this line of work uses a modified version of the model checker NuSMV as a powerful inference engine for chaining together network exploits, compactly representing attack graphs, and identifying minimal sets of exploits. However, it is also well known that model checkers suffer from scalability problems, and there is good reason to doubt whether a model checker can handle directly a realistic set of exploits for even a modest-sized network. In this paper, we revisit the idea of attack graphs themselves, and argue that they represent more information explicitly than is necessary for the analyst. Instead, we propose a more compact and scalable representation. Although we show that it is possible to produce attack trees from our representation, we argue that more useful information can be produced, for larger networks, while bypassing the attack tree step. Our approach relies on an explicit assumption of monotonicity, which, in essence, states that the precondition of a given exploit is never invalidated by the successful application of another exploit. In other words, the attacker never needs to backtrack. The assumption reduces the complexity of the analysis problem from exponential to polynomial, thereby bringing even very large networks within reach of analysis},
	booktitle = {Proceedings of the 9th ACM Conference on Computer and Communications Security},
	pages = {217–224},
	numpages = {8},
	keywords = {network security, scalability, model checking, monotonic analysis, exploit, vulnerability},
	location = {Washington, DC, USA},
	series = {CCS '02}
}

@inbook{TVA,
	author = {Jajodia, Sushil and Noel, Steven},
	year = {2010},
	month = {09},
	pages = {139-154},
	title = {Topological Vulnerability Analysis},
	volume = {46},
	isbn = {978-1-4419-0139-2},
	journal = {Cyber Situational Awareness, Advances in Information Security, Volume 46. ISBN 978-1-4419-0139-2. Springer-Verlag US, 2010, p. 139},
	doi = {10.1007/978-1-4419-0140-8_7}
}

@phdthesis{louthan_hybrid_2011,
	title = {Hybrid {Attack} {Graphs} for {Modeling} {Cyber}-{Physical} {Systems}},
	author = {Louthan, G},
	school = {The {University} of {Tulsa}},
	year = {2011},
	keywords = {icle},
	file = {louthan_thesis:/home/noah/Zotero/storage/5SBCLYA3/louthan_thesis.pdf:application/pdf},
}

@phdthesis{cook_rage_2018,
	title = {{RAGE}: {The} {Rage} {Attack} {Graph} {Engine}},
	author = {Cook, Kyle},
	school = {The {University} of {Tulsa}},
	year = {2018},
	file = {Kyle Cook Thesis:/home/noah/Zotero/storage/2SR28HM2/Kyle Cook Thesis.pdf:application/pdf},
}

@phdthesis{nichols_2018,
	title = {{Hybrid} {Attack} {Graphs} for {Use} with a {Simulation} of a {Cyber-Physical} {System}},
	author = {Nichols, Will M.},
	school = {The {University} of {Tulsa}},
	year = {2018},
	file = {Will_Nichols_Thesis_FINAL_VER:/home/noah/Zotero/storage/8AXSZXJN/Will_Nichols_Thesis_FINAL_VER.pdf:application/pdf},
}

@article{ming_jo,
author = {Li, Ming and Hawrylak, Peter and Hale, John},
title = {Strategies for Practical Hybrid Attack Graph Generation and Analysis},
year = {2021},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
issn = {2692-1626},
url = {https://doi.org/10.1145/3491257},
doi = {10.1145/3491257},
abstract = {As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but also integrates components that operate in the continuous domain, such as sensors and actuators. Using AGs on CPSs requires that the system models and exploit patterns capture both token- and real-valued information. In this paper, we describe a hybrid AG model for security analysis of CPSs and computer networks. Specifically, we focus on two issues related to applying the model in practice: efficient hybrid AG generation and techniques for information extraction from them. To address the first issue, we present an accelerated hybrid AG generator that employs parallel programming and high performance computing (HPC). We conduct performance tests on CPU and GPU platforms to characterize the efficiency of our parallel algorithms. To address the second issue, we introduce an analytical regimen based on centrality analysis and apply it to a hybrid AG generated for a target CPS system to discover effective vulnerability remediation solutions.},
note = {Just Accepted},
journal = {Digital Threats},
month = {oct},
keywords = {cyber-physical system, high performance computing, attack graph, breadth-first search}
}

@inproceedings{CPSIOT,
author = {Al Ghazo, Alaa T. and Ibrahim, Mariam and Ren, Hao and Kumar, Ratnesh},
title = {A2G2V: Automated Attack Graph Generator and Visualizer},
year = {2018},
isbn = {9781450358606},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
url = {https://doi.org/10.1145/3215466.3215468},
doi = {10.1145/3215466.3215468},
abstract = {The Internet of Things (IoT) and Cyber-Physical Systems (CPS) technologies have increased the complexity of systems and also exposed them to additional vulnerabilities. Attack-graphs are graphical representations that provide a complete view of how inter-dependencies among atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Their manual construction is tedious, error-prone, and time consuming. This paper presents a model-based Automated Attack-Graph Generator and Visualizer (A2G2V). Given the networked system description (its components, connectivity, services it supports, their vulnerabilities and protections), the attack graph enlists set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise a certain system-level security. The proposed A2G2V tool extends an existing formal methods tool (a model-checker) by integrating with it an architecture description tool, our own code (for parsing counterexamples, encoding those for specification relaxation, iterating till all attack sequences are revealed), and also a graph visualization tool.},
booktitle = {Proceedings of the 1st ACM MobiHoc Workshop on Mobile IoT Sensing, Security, and Privacy},
articleno = {3},
numpages = {6},
keywords = {Model Checking, Security, Enumerating Counterexamples, Internet of Things, Attack Graph, Cyber-Physical Systems},
location = {Los Angeles, CA, USA},
series = {Mobile IoT SSP'18}
}

@article{10.1145/3105760,
author = {Mu\~{n}oz-Gonz\'{a}lez, Luis and Sgandurra, Daniele and Paudice, Andrea and Lupu, Emil C.},
title = {Efficient Attack Graph Analysis through Approximate Inference},
year = {2017},
issue_date = {August 2017},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
volume = {20},
number = {3},
issn = {2471-2566},
url = {https://doi.org/10.1145/3105760},
doi = {10.1145/3105760},
abstract = {Attack graphs provide compact representations of the attack paths an attacker can follow to compromise network resources from the analysis of network vulnerabilities and topology. These representations are a powerful tool for security risk assessment. Bayesian inference on attack graphs enables the estimation of the risk of compromise to the system’s components given their vulnerabilities and interconnections and accounts for multi-step attacks spreading through the system. While static analysis considers the risk posture at rest, dynamic analysis also accounts for evidence of compromise, for example, from Security Information and Event Management software or forensic investigation. However, in this context, exact Bayesian inference techniques do not scale well. In this article, we show how Loopy Belief Propagation—an approximate inference technique—can be applied to attack graphs and that it scales linearly in the number of nodes for both static and dynamic analysis, making such analyses viable for larger networks. We experiment with different topologies and network clustering on synthetic Bayesian attack graphs with thousands of nodes to show that the algorithm’s accuracy is acceptable and that it converges to a stable solution. We compare sequential and parallel versions of Loopy Belief Propagation with exact inference techniques for both static and dynamic analysis, showing the advantages and gains of approximate inference techniques when scaling to larger attack graphs.},
journal = {ACM Trans. Priv. Secur.},
month = {jul},
articleno = {10},
numpages = {30},
keywords = {probabilistic graphical models, approximate inference, Bayesian networks}
}

@ARTICLE{8290918,
author={Wang, Huan and Chen, Zhanfang and Zhao, Jianping and Di, Xiaoqiang and Liu, Dan}, 
journal={IEEE Access}, 
title={A Vulnerability Assessment Method in Industrial Internet of Things Based on Attack Graph and Maximum Flow},
year={2018},
volume={6},
number={}, 
pages={8599-8609},
doi={10.1109/ACCESS.2018.2805690}
}

@inproceedings{centrality_based,
author = {Gonda, Tom and Pascal, Tal and Puzis, Rami and Shani, Guy and Shapira, Bracha},
year = {2018},
month = {09},
pages = {},
title = {Analysis of Attack Graph Representations for Ranking Vulnerability Fixes},
doi = {10.29007/2c1q}
}

@misc{DMCA,
	title = {H.R.2281 - {Digital {Millennium} {Copyright} {Act}}},
	note = {Pub. L. No. 105-304. 1998 [Online]. Available: https://www.govinfo.gov/content/pkg/PLAW-105publ304/html/PLAW-105publ304.htm},
}

@inproceedings{Piracy,
  author={Kim, Yesol and Moon, Jeongoh and Cho, Seong Je and Park, Minkyu and Han, Sangchul},
  booktitle={2014 Eighth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing}, 
  title={Efficient Identification of Windows Executable Programs to Prevent Software Piracy}, 
  year={2014},
  volume={},
  number={},
  pages={236-240},
  doi={10.1109/IMIS.2014.29}
}

@inproceedings{Android_Piracy,
  author={Kumari, Neha and Chen, Min},
  booktitle={2022 IEEE 5th International Conference on Multimedia Information Processing and Retrieval (MIPR)}, 
  title={Malware and Piracy Detection in Android Applications}, 
  year={2022},
  volume={},
  number={},
  pages={306-311},
  doi={10.1109/MIPR54900.2022.00061}}