As computer networks continue to grow, it becomes increasingly more important to automate the process of evaluating their vulnerability to attacks. Despite the best efforts of software architects and developers, network hosts inevitably contain a number of vulnerabilities. Hence, it is not feasible for a network administrator to remove all vulnerabilities present in the network hosts. Therefore...

In-depth analysis of network security vulnerability must consider attacker exploits not just in isolation, but also in combination. The general approach to this problem is to compute attack paths (combinations of exploits), from which one can decide whether a given set of network hardening measures guarantees the safety of given critical resources. We go beyond attack paths to compute actual se...

We propose a novel approach to estimating the impact of an attack using a data model and an impact model on top of an attack graph. The data model describes how data flows between nodes in the network – how it is copied and processed by softwares and hosts – while the impact model models how exploitation of vulnerabilities affects the data flows with respect to the confidentiality, integrity an...

Abstract. Various tools exist to analyze enterprise network systems and to produce attack graphs detailing how attackers might penetrate into the system. These attack graphs, however, are often complex and difficult to comprehend fully, and a human user may find it problematic to reach appropriate configuration decisions. This paper presents methodologies that can 1) automatically identify port...

To explore the robustness of recommender systems , researchers have proposed various shilling attack models and analyzed their adverse effects. Primitive attacks are highly feasible but less effective due to simplistic handcrafted rules, while upgraded more powerful costly difficult deploy because they require knowledge from recommendations. In this paper, we a novel called Graph cOnvolution-ba...

we consider a dynamic domination problem for graphs in which an infinitesequence of attacks occur at vertices with guards and the guard at theattacked vertex is required to vacate the vertex by moving to a neighboringvertex with no guard. other guards are allowed to move at the same time, andbefore and after each attack and the resulting guard movements, the verticescontaining guards form a dom...

this paper investigate iranian tourism demand to malaysia using the recently developed autoregressive distributed lag (ardl) ‘bound test’ approach to cointegration for 2000:q1 to 2013:q4. the demand for tourism has been explained by macroeconomic variables, including income in iran, tourism prices in malaysia, tourism price substitute, travel cost and trade value between iran and malaysia. in a...

AND/OR graphs and minimum-cost solution graphs have been studied extensively in artificial intelligence (see, e.g., Nilsson [14]). Generally, the AND/OR graphs are used to model problem solving processes. The minimum-cost solution graph can be used to attack the problem with the least resource. However, in many cases we want to solve the problem within the shortest time period and we assume tha...