|
| Citation | Technique | Description |
|
| [102] | A framework for the comparison of security adaptation approaches | Five security adaptations were compared in this framework. The framework includes three perspectives that are life cycle, security, and adaptation. The evaluation illustrated that in each adaptation approach the monitor and analysis phase is described. |
| [103] | Information security risk assessment | The analysis showed that this method gets more scientific evaluation and reliable and stable results on the evaluation of the risk of the control systems of industry. |
| [104] | State fusion finite state machine model | In this paper, an SF-FSM model was proposed to recognize a legitimate application to evaluate its vulnerabilities and illegal behavior of unauthorized parties for an industrial control system. |
| [105] | Core unified risk framework (CURF) | This approach is suitable for the qualitative comparison of activities and processes in each method of information security risk assessment (ISRA) and presented a measure of completeness. |
| [106] | Complexity metrics for software security improvement | For the security level of computer-based systems, improving software security is essential. |
| [107] | Security vulnerability assessment, prevention, and prediction (SVAPP) | The proposed SVAPP methodology exploits an active security barrier approach and adapts it to suit the security facet. |
| [108] | Security quality requirements engineering (SQUARE) method | In this paper, SQUARE effectiveness was evaluated in terms of its artifacts (attack tree, security templates, system architecture diagram and use-case diagram, and scenarios), a set of security goals, vulnerabilities, threats, and prioritized and categorized security requirements. |
| [109] | SODA | In this paper, SODA was introduced, which leverages integrate virtual network functions (VNFs) and software-defined networking (SDN) to realize service management and security policy for IoT environments. |
| [110] | Evaluating of security risks framework | In this article, the security risks for IEC 61850 network, intelligent electronic devices (IEDs), and distributed denial of service (DDoS) attack assessment within an SDN-enabled smart grid communication network. |
| [111] | Security analysis and security rules | This analysis investigates four in-app payments’ implementation and also summarizes a series of security rules. |
| [112] | Formal framework | In this paper, a formal framework for the strength of software obfuscation evaluation was proposed. It is used for the protection of secret data or control-flow graphs (CFGs) of a program. |
| [113] | Machine learning methods | The contribution of this paper is a methodology for analyzing features from C source code to classify functions as vulnerable or nonvulnerable. |
| | | |
| [114] | UML or SysML language | In this article, the state of the art associated with quantification, verification, and security specification for systems and software that are modeled by means of UML or SysML language is reviewed. |
| [115] | Security diagnosis as a service (SDaaS) | The scalability, performance, and accuracy of the framework were evaluated. The results of the evaluation reveal that SDaaS demonstrates information flow vulnerabilities with not merely scalability, performance, and accuracy, but furthermore lightweight footprint on resource utilization. |
| [116] | Calculus IoT-LySa | This article presents a methodology, based on the process calculus IoT-LySa, to infer quantitative measures on the evolution of systems. |
| [117] | Framework for modeling and assessing the security of the Internet of Things (IoT) | The IoT is facilitating innovative applications in a variety of domains. The key contributions of this article were to assess the framework using three scenarios, including environment monitoring, wearable healthcare monitoring, and smart home. |
| [118] | Broadcasting service | This article describes and records all probable threats to broadcasting services |
| [119] | Security in software evolution | In this chapter, four challenges including relevant knowledge, the impact of available knowledge, reestablishing, and reactions of security were addressed. |
| [120] | Framework for security testing | In this article, the proposed framework is used for security testing subsequent to the system implementation. |
| [121] | Multiperspective security management | The projected modeling approach for managing and designing IT security in institution account used for diverse perceptions is based on multiperspective enterprise modeling. |
| [122] | Embedded device design and verification | This paper focused on the approaches for verification and design of information systems with embedded devices. |
| [123] | Automotive security assurance | In this article, a systematic security assessment to specify undesirable behaviors, enabling the assignment of severity ratings in a (semi-) automated manner was explored. |
| [124] | Pattern-based method | In this paper, for establishing a cloud-specific information security management system (PACTS), a pattern-based method was presented. |
| [125] | Temporal hierarchical attack representation model | In this article, network changes were systematically formalized and categorized on the basis of their causes of the change. |
| [126] | Stochastic modeling | For the security metrics quantitative assessment, a state-based stochastic model was proposed in this paper. |
| [127] | Experimental assessment | In the presence of denial of service (DoS) attacks for the assessment of the security of web service frameworks, an experimental approach was proposed in this article. |
| [128] | Hash power distribution analysis model | In this article, a hash power distribution analysis model for the profitability of miner measurement was proposed based on various incentives toward an evaluation of Bitcoin security. |
| [129] | mHealth apps security framework (MASF) | To secure the execution of mHealth apps and their users’ data, the mHealth apps security framework (MASF) was proposed in this article. |
| [130] | Abstract model | In this article, for the support of single sign-on (SSO) development, an abstract model was provided. |
| [131] | A proactive approach | To quantitatively assess the security of network systems, a proactive approach was addressed in this paper for validating, formulating, and identifying a number of essential features that mostly affect its security. |
| [132] | Trust modeling and evaluation | For a component-based software system, an autonomic trust management solution was introduced in this paper. |
| [133] | Static analysis | For the security static analysis tools, an evaluation framework was introduced in this paper. |
| [134] | SecuWear platform | This paper presents a multicomponent research platform, called SecuWear, for mitigating, analyzing, and testing vulnerabilities in software and hardware. |
| [135] | One-to-many bilateral e-trade negotiation framework | A mobile agent-based secure one-to-many bilateral e-trade negotiation framework was presented in this paper. |
| [136] | Model integrated computing | For rapidly deploying cyberphysical system (CPS) attack experiments, a model-based software development framework integrated with a hardware-in-the-loop (HIL) testbed was presented in this work. |
| [137] | Concise binary object representation (CBOR) | This paper reports instantiated architecture for verification and secure measurement of dynamic runtime information for Linux-based OS. |
| [138] | Multidomain networks | In this article, a framework was proposed for leveraging service function chaining (SFC) and software-defined networking (SDN) to improve collaboration among security service functions (SSFs). |
| [139] | Security-informed safety | This paper talks about security-informed safety. |
| [140] | Trust model | In this article, for cloud-edge-based data-sharing infrastructure, a 5 level trust model was proposed. |
| [141] | Security and risk assessment | This paper gives suggestions about unmasking the uncertainty of risk assessment and facilitating oversight of its practice by public actors, judicial and legislative. |
| [142] | Software security vulnerabilities | In this work, for recurring software vulnerabilities, an empirical study was reported. |
| [143] | Self-destructive tamper response | In this paper, a method for tamper-resistant software was created, so as to be resistant to dynamic analysis as well as static analysis. |
| [144] | Model of virtual machine (VM) | Based on memory introspection, a model of VM security monitoring was proposed in this article. |
| [145] | Software-defined networking (SDN) | This paper reports the NOSArmor, which contains various security mechanisms, such as a security building block (SBB), into a consolidated SDN controller. |
| [146] | Binary-level patch analysis framework | SPAIN which is a patch analysis framework was proposed in this paper for summarizing patch patterns, security patches identification, and their corresponding vulnerability patterns. |
|
