乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,8,8]],"date-time":"2024-08-08T23:35:33Z","timestamp":1723160133742},"reference-count":55,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-017"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-012"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2022,5,1]],"date-time":"2022-05-01T00:00:00Z","timestamp":1651363200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-004"}],"funder":[{"DOI":"10.13039\/501100003977","name":"Israel Science Foundation","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100003977","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Expert Systems with Applications"],"published-print":{"date-parts":[[2022,5]]},"DOI":"10.1016\/j.eswa.2021.116467","type":"journal-article","created":{"date-parts":[[2022,1,13]],"date-time":"2022-01-13T01:19:29Z","timestamp":1642036769000},"page":"116467","update-policy":"http:\/\/dx.doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":3,"special_numbering":"C","title":["Prioritizing vulnerability patches in large networks"],"prefix":"10.1016","volume":"193","author":[{"given":"Amir","family":"Olswang","sequence":"first","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0002-0222-2876","authenticated-orcid":false,"given":"Tom","family":"Gonda","sequence":"additional","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0002-7229-3899","authenticated-orcid":false,"given":"Rami","family":"Puzis","sequence":"additional","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0003-4131-0382","authenticated-orcid":false,"given":"Guy","family":"Shani","sequence":"additional","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0003-4943-9324","authenticated-orcid":false,"given":"Bracha","family":"Shapira","sequence":"additional","affiliation":[]},{"ORCID":"http:\/\/orcid.org\/0000-0001-7277-6164","authenticated-orcid":false,"given":"Noam","family":"Tractinsky","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.eswa.2021.116467_b1","series-title":"Dependable systems and networks (DSN), 2012 42nd annual IEEE\/IFIP international conference on","first-page":"1","article-title":"Time-efficient and cost-effective network hardening using attack graphs","author":"Albanese","year":"2012"},{"key":"10.1016\/j.eswa.2021.116467_b2","series-title":"Research anthology on combating denial-of-service attacks","first-page":"49","article-title":"Denial-of-service (dos) attack and botnet: Network analysis, research tactics, and mitigation","author":"Arora","year":"2021"},{"key":"10.1016\/j.eswa.2021.116467_b3","series-title":"2017 IEEE conference on communications and network security (CNS)","first-page":"378","article-title":"Naggen: A network attack graph generation tool\u2014IEEE CNS 17 poster","author":"Barr\u00e8re","year":"2017"},{"key":"10.1016\/j.eswa.2021.116467_b4","series-title":"Nessus network auditing","author":"Beale","year":"2004"},{"key":"10.1016\/j.eswa.2021.116467_b5","article-title":"An attack graph based risk management approach of an enterprise lan","volume":"3","author":"Bhattacharya","year":"2008","journal-title":"Journal of Information Assurance and Security"},{"issue":"1","key":"10.1016\/j.eswa.2021.116467_b6","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1016\/S0004-3702(96)00047-1","article-title":"Fast planning through planning graph analysis","volume":"90","author":"Blum","year":"1997","journal-title":"Artificial Intelligence"},{"issue":"2","key":"10.1016\/j.eswa.2021.116467_b7","doi-asserted-by":"crossref","first-page":"136","DOI":"10.1016\/j.socnet.2007.11.001","article-title":"On variants of shortest-path betweenness centrality and their generic computation","volume":"30","author":"Brandes","year":"2008","journal-title":"Social Networks"},{"issue":"1","key":"10.1016\/j.eswa.2021.116467_b8","first-page":"47","article-title":"A tutorial on planning graph based reachability heuristics","volume":"28","author":"Bryce","year":"2007","journal-title":"AI Magazine"},{"key":"10.1016\/j.eswa.2021.116467_b9","series-title":"Information visualization","first-page":"19","article-title":"Evaluating information visualizations","author":"Carpendale","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b10","series-title":"System and method for risk detection and analysis in a computer network","author":"Cohen","year":"2012"},{"issue":"2","key":"10.1016\/j.eswa.2021.116467_b11","doi-asserted-by":"crossref","first-page":"188","DOI":"10.1109\/70.54734","article-title":"AND\/OR graph representation of assembly plans","volume":"6","author":"De\u00a0Mello","year":"1990","journal-title":"IEEE Transactions on Robotics and Automation"},{"key":"10.1016\/j.eswa.2021.116467_b12","series-title":"Information security continuous monitoring (ISCM) for federal information systems and organizations: National institute of standards and technology special publication 800-137","author":"Dempsey","year":"2012"},{"key":"10.1016\/j.eswa.2021.116467_b13","unstructured":"Durkota, K., Lis\u1ef3, V., Bo\u0161ansk\u1ef3, B., & Kiekintveld, C. (2015). Optimal network security hardening using attack graph games. In Proceedings of IJCAI (pp. 7\u201314)."},{"issue":"3","key":"10.1016\/j.eswa.2021.116467_b14","doi-asserted-by":"crossref","first-page":"250","DOI":"10.1177\/1473871613513228","article-title":"Patterns for visualization evaluation","volume":"14","author":"Elmqvist","year":"2015","journal-title":"Information Visualization"},{"key":"10.1016\/j.eswa.2021.116467_b15","series-title":"The global risks report 2018 13th edition","year":"2018"},{"key":"10.1016\/j.eswa.2021.116467_b16","doi-asserted-by":"crossref","first-page":"35","DOI":"10.2307\/3033543","article-title":"A set of measures of centrality based on betweenness","author":"Freeman","year":"1977","journal-title":"Sociometry"},{"key":"10.1016\/j.eswa.2021.116467_b17","series-title":"2008 32nd annual IEEE international computer software and applications conference","first-page":"698","article-title":"Measuring network security using bayesian network-based attack graphs","author":"Frigault","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b18","series-title":"Gartner customer for vulnerability assessment solutions","year":"2019"},{"key":"10.1016\/j.eswa.2021.116467_b19","series-title":"ICAPS","article-title":"Pruning methods for optimal delete-free planning","author":"Gefen","year":"2012"},{"key":"10.1016\/j.eswa.2021.116467_b20","series-title":"GCAI","first-page":"215","article-title":"Analysis of attack graph representations for ranking vulnerability fixes","author":"Gonda","year":"2018"},{"key":"10.1016\/j.eswa.2021.116467_b21","series-title":"IWAISe: First International Workshop on Artificial Intelligence in Security","article-title":"Ranking vulnerability fixes using planning graph analysis","author":"Gonda","year":"2017"},{"key":"10.1016\/j.eswa.2021.116467_b22","doi-asserted-by":"crossref","unstructured":"Goodall, J., Lutters, W., Rheingans, P., & Komlodi, A. (2005). Preserving the big picture: Visual network traffic analysis with tnv. In Proc. IEEE workshop visualization for computer security (VizSEC 05) (pp. 47\u201354).","DOI":"10.1109\/VIZSEC.2005.17"},{"key":"10.1016\/j.eswa.2021.116467_b23","doi-asserted-by":"crossref","first-page":"291","DOI":"10.1613\/jair.1144","article-title":"The metric-FF planning system: Translating\u201cignoring delete lists\u201dto numeric state variables","volume":"20","author":"Hoffmann","year":"2003","journal-title":"Journal of Artificial Intelligence Research"},{"key":"10.1016\/j.eswa.2021.116467_b24","series-title":"ICAPS","first-page":"364","article-title":"Simulated penetration testing: From\u201d Dijkstra\u201d to\u201d Turing Test++\u201d","author":"Hoffmann","year":"2015"},{"key":"10.1016\/j.eswa.2021.116467_b25","series-title":"International workshop on visualization for computer security","first-page":"68","article-title":"Improving attack graph visualization through data reduction and attack grouping","author":"Homer","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b26","series-title":"Dependable systems and networks workshop (DSN-W), 2013 43rd annual IEEE\/IFIP conference on","first-page":"1","article-title":"Scalable security analysis in hierarchical attack representation model using centrality measures","author":"Hong","year":"2013"},{"key":"10.1016\/j.eswa.2021.116467_b27","series-title":"Dependable systems and networks (DSN), 2014 44th annual IEEE\/IFIP international conference on","first-page":"684","article-title":"What vulnerability do we need to patch first?","author":"Hong","year":"2014"},{"issue":"20","key":"10.1016\/j.eswa.2021.116467_b28","doi-asserted-by":"crossref","first-page":"8472","DOI":"10.1109\/JSEN.2018.2866708","article-title":"Fault diagnosis based on weighted extreme learning machine with wavelet packet decomposition and KPCA","volume":"18","author":"Hu","year":"2018","journal-title":"IEEE Sensors Journal"},{"key":"10.1016\/j.eswa.2021.116467_b29","series-title":"Proceedings of the 27th annual computer security applications conference","first-page":"31","article-title":"Distilling critical attack graph surface iteratively through minimum-cost sat solving","author":"Huang","year":"2011"},{"issue":"1","key":"10.1016\/j.eswa.2021.116467_b30","doi-asserted-by":"crossref","first-page":"75","DOI":"10.1109\/TDSC.2010.61","article-title":"Extending attack graph-based security metrics and aggregating their application","volume":"9","author":"Idika","year":"2010","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"issue":"12","key":"10.1016\/j.eswa.2021.116467_b31","doi-asserted-by":"crossref","first-page":"2818","DOI":"10.1109\/TVCG.2013.126","article-title":"A systematic review on the practice of evaluating visualization","volume":"19","author":"Isenberg","year":"2013","journal-title":"IEEE Transactions on Visualization and Computer Graphics"},{"key":"10.1016\/j.eswa.2021.116467_b32","series-title":"Cyber situational awareness","first-page":"139","article-title":"Topological vulnerability analysis","author":"Jajodia","year":"2010"},{"key":"10.1016\/j.eswa.2021.116467_b33","series-title":"2011-MILCOM 2011 military communications conference","first-page":"1339","article-title":"Cauldron mission-centric cyber situational awareness with defense in depth","author":"Jajodia","year":"2011"},{"key":"10.1016\/j.eswa.2021.116467_b34","series-title":"Choosing the right sample? Experiences of selecting participants for visualization evaluation","author":"Kriglstein","year":"2015"},{"key":"10.1016\/j.eswa.2021.116467_b35","doi-asserted-by":"crossref","unstructured":"Livnat, Y., Agutter, J., Moon, S., Erbacher, R., & Foresti, S. (2005). A visualization paradigm for network intrusion detection. In Proc. sixth ann. IEEE SMC information assurance workshop (IAW 05) (pp. 92\u201399).","DOI":"10.1109\/IAW.2005.1495939"},{"issue":"6","key":"10.1016\/j.eswa.2021.116467_b36","doi-asserted-by":"crossref","first-page":"1105","DOI":"10.1109\/TVCG.2007.70522","article-title":"Visual analysis of network traffic for resource planning, interactive monitoring, and interpretation of security threats","volume":"13","author":"Mansmann","year":"2007","journal-title":"IEEE Transactions on Visualization and Computer Graphics"},{"issue":"6","key":"10.1016\/j.eswa.2021.116467_b37","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1109\/MSP.2006.145","article-title":"Common vulnerability scoring system","volume":"4","author":"Mell","year":"2006","journal-title":"IEEE Security & Privacy"},{"key":"10.1016\/j.eswa.2021.116467_b38","series-title":"2020 IEEE 17th annual consumer communications & networking conference (CCNC)","first-page":"1","article-title":"CyVi: Visualization of cyber-attack and defense effects in geographically referenced networks","author":"Muhati","year":"2020"},{"key":"10.1016\/j.eswa.2021.116467_b39","series-title":"National Institute of Standards and Technology (NIST): Vulnerabilities","year":"2019"},{"key":"10.1016\/j.eswa.2021.116467_b40","series-title":"Proceedings of the 9th annual cyber and information security research conference","first-page":"5","article-title":"Metrics suite for network attack graph analytics","author":"Noel","year":"2014"},{"key":"10.1016\/j.eswa.2021.116467_b41","series-title":"Attack planning in the real world","author":"Obes","year":"2013"},{"key":"10.1016\/j.eswa.2021.116467_b42","series-title":"Proceedings of the 13th ACM conference on computer and communications security","first-page":"336","article-title":"A scalable approach to attack graph generation","author":"Ou","year":"2006"},{"key":"10.1016\/j.eswa.2021.116467_b43","unstructured":"Ou,\u00a0X., Govindavajhala,\u00a0S., & Appel,\u00a0A. W. (2005). MulVAL: A Logic-based Network Security Analyzer. In USENIX security symposium, Vol. 8 (pp. 113\u2013128). Baltimore, MD."},{"key":"10.1016\/j.eswa.2021.116467_b44","series-title":"The PageRank citation ranking: Bringing order to the web","author":"Page","year":"1999"},{"key":"10.1016\/j.eswa.2021.116467_b45","series-title":"European symposium on research in computer security","first-page":"18","article-title":"Identifying critical attack assets in dependency attack graphs","author":"Sawilla","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b46","series-title":"The 26th international conference on automated planning and scheduling","first-page":"121","article-title":"Constructing plan trees for simulated penetration testing","author":"Shmaryahu","year":"2016"},{"issue":"2","key":"10.1016\/j.eswa.2021.116467_b47","first-page":"1","article-title":"Quantifying patch management","volume":"3","author":"Shostack","year":"2003","journal-title":"Secure Business Quarterly"},{"key":"10.1016\/j.eswa.2021.116467_b48","series-title":"Breaking the target: An analysis of target data breach and lessons learned","author":"Shu","year":"2017"},{"issue":"5","key":"10.1016\/j.eswa.2021.116467_b49","doi-asserted-by":"crossref","first-page":"516","DOI":"10.1108\/ICS-06-2014-0036","article-title":"An empirical test of the accuracy of an attack graph analysis tool","volume":"23","author":"Sommestad","year":"2015","journal-title":"Information & Computer Security"},{"key":"10.1016\/j.eswa.2021.116467_b50","series-title":"DARPA information survivability conference & exposition II, 2001. DISCEX\u201901. Proceedings, Vol. 2","first-page":"307","article-title":"Computer-attack graph generation tool","author":"Swiler","year":"2001"},{"key":"10.1016\/j.eswa.2021.116467_b51","series-title":"Tenable.sc vulnerability scanner","year":"2020"},{"issue":"5","key":"10.1016\/j.eswa.2021.116467_b52","doi-asserted-by":"crossref","first-page":"8","DOI":"10.1109\/MCG.2005.102","article-title":"Evaluating visualizations: do expert reviews work?","volume":"25","author":"Tory","year":"2005","journal-title":"IEEE Computer Graphics and Applications"},{"key":"10.1016\/j.eswa.2021.116467_b53","series-title":"Data and applications security XXII","first-page":"283","article-title":"An attack graph-based probabilistic security metric","author":"Wang","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b54","series-title":"International workshop on visualization for computer security","first-page":"44","article-title":"GARNET: A graphical attack graph and reachability network evaluation tool","author":"Williams","year":"2008"},{"key":"10.1016\/j.eswa.2021.116467_b55","article-title":"Discrete component prognosis for hybrid systems under intermittent faults","author":"Xiao","year":"2020","journal-title":"IEEE Transactions on Automation Science and Engineering"}],"container-title":["Expert Systems with Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0957417421017474?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0957417421017474?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,2,20]],"date-time":"2024-02-20T20:00:36Z","timestamp":1708459236000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0957417421017474"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5]]},"references-count":55,"alternative-id":["S0957417421017474"],"URL":"https:\/\/doi.org\/10.1016\/j.eswa.2021.116467","relation":{},"ISSN":["0957-4174"],"issn-type":[{"value":"0957-4174","type":"print"}],"subject":[],"published":{"date-parts":[[2022,5]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Prioritizing vulnerability patches in large networks","name":"articletitle","label":"Article Title"},{"value":"Expert Systems with Applications","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.eswa.2021.116467","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2022 Elsevier Ltd. All rights reserved.","name":"copyright","label":"Copyright"}],"article-number":"116467"}}