참고문헌
- CVE, https://cve.mitre.org/
- FS-ISAC, https://www.fsisac.com/
- IPA J-CSIP, http://www.ipa.go.jp/
- NVD CVSS, https://nvd.nist.gov/
- STIX Project, https://stixproject.github.io/about/
- Barnum, Sean. "Standardizing cyber threat intelligence information with the Structured Threat Information eXpression (STIX)." MITRE Corporation, 2012.
- Cavelty, Myriam Dunn. Cyber-security and threat politics: US efforts to secure the information age. Routledge, 2007.
- Gordon, Lawrence A., Martin P. Loeb, and William Lucyshyn. "sharing information on computer systems security: An economic analysis.", Journal of Accounting and Public Policy 22(6), pp.461-485, 2003. https://doi.org/10.1016/j.jaccpubpol.2003.09.001
- Harker, Patrick T. Analytic hierarchy process. Vol.113. Pergamon, 2003.
- Hausken, Kjell. "Information sharing among firms and cyber attacks." Journal of Accounting and Public Policy 26(6), pp.639-688, 2007. https://doi.org/10.1016/j.jaccpubpol.2007.10.001
- Liu, Charles Zhechao, Humayun Zafar, and Yoris A. Au. "Rethinking fs-isac: An it security information sharing network model for the financial services sector." Communications of the Association for Information Systems 34(1), 2014.
- NIST Special Publication 800-150: Guide to Cyber Threat Information Sharing (Draft), 2014.
- Rob McMillan, Definition: Theat Intelligence, Gartner, May 2013.
- Xie, Peng, et al. "Using Bayesian networks for cyber security analysis." Dependable Systems and Networks (DSN), 2010 IEEE/IFIP International Conference on. IEEE, 2010.
- 김기영, 임선희, 김종현. "사이버 위협 사전인지를 위한 위협 정량화 기술." 정보보호학회지 22(8), pp.15-20, 2012.
- 김성원, et al. "네트워크 기반의 실시간 위험관리 를 위한 위험분석 및 평가 방법연구." 한국정보과학회 한국컴퓨터종합학술대회 연구집 34(1), pp.29-34, 2007.
- 이기혁, 이철규. "사이버 환경에서의 침해사고대응을 위한 위험도 산정 및 실시간 경보생성에 대한 연구." 정보보호학회지 18(5), pp.112-124, 2008.