과제정보
This paper is supported of funding of Project of Baekseok University
참고문헌
- R. Khondoker. (2018). SDN and NFV Security: Security Analysis of Software-Defined Networking and Network Function Virtualization (Vol. 30). Springer LNCS Publishing.
- Abdullah Jameel Rowaished, Mohammed Mubarak Ghefaily (2021). An Overview into Applications and Risks in 5G NR Technology. Journal of IJECE, 8(3), 1-2. DOI : 10.14445/23488549/IJECE-V8I3P103
- B. Young & E. B. ChoiMatthew. (2021). The Security Risks and Challenges of 5G Communications. International Journal of Cyber Research and Education, 3(2), 36-53. DOI : 10.4018/IJCRE.2021070104
- Y. Wu, L. Wang, D. Cheng & T. Dai (2021). Information security decisions of firms considering security risk interdependency. Journal of Expert Systems with Applications, 178, 1-15. DOI : 10.1016/j.eswa.2021.114990
- M. Siavvas, D. Tsoukalas, M. Jankovic & D. Kehagias & D. Tzovaras. (2020). Technical debt as an indicator of software security risk: a machine learning approach for software development enterprises. Enterprise Information Systems, 1-43. DOI : 10.1080/17517575.2020.1824017
- M. Kataev, L. Bulysheva, L. Xu, Y. Ekhlakov, N. Permyakova & V. Jovanovic. (2020). Fuzzy model estimation of the risk factors impact on the target of promotion of the software product. Enterprise Information Systems, 14(6), 797-81. DOI : 10.1080/17517575.2020.1713407
- J. Singh, A. Refaey & A. Shami. (2020). Multilevel Security Framework for NFV Based on Software Defined Perimeter. Journal of IEEE Network, 34(5), 114-119. DOI : 10.1109/MNET.011.1900563
- T. UcedaVelez. (2012). Real World Threat Modeling Using the PASTA Methodology. OWASP. Technical report. https://www.owasp.org/images/a/aa/AppSecEU2 012_PASTA.pdf.
- P. Saitta, B. Larcom & M. Eddington. (2005) Trike v1 methodology document. Draft, work in progress. http://dymaxion.org/trike/Trike_v1_Methodology_Documentdraft.pdf.
- B. Schneier. (1999). Attack trees. Dr. Dobb's J. Technical report(Online). https://www.schneier.com/academic/archives/1999/12/attack_trees.html.
- J. Jurjens. (2002). UMLsec: Extending UML for secure systems development. In International Conference on The Unified Modeling Language (pp. 412-425). Springer, Berlin, Heidelberg. DOI : 10.1007/3-540-45800-X_32
- C. Alberts et al. (2003). Introduction to the OCTAVE approach. Carnegie Mellon University, Pittsburgh, PA
- I. Alexander. (2003). Misuse cases: use cases with hostile intent. IEEE Software, 20(1), 58-66. DOI : 10.1109/MS.2003.1159030
- H. Lohr et al. (2009). Modeling trusted computing support in a protection profile for high assurance security kernels. In International conference on trusted computing (pp. 45-62). Springer, Berlin, Heidelberg.
- D. Czagan. (2014). Qualitative Risk Analysis with the DREAD Model. Technical report(Online). http://resources.infosecinstitute.com/qualitative-risk-analysis-dread-model.
- M. S. Lund, B. Solhaug & K. Stolen. (2010). Model-driven risk analysis: the CORAS approach. Springer Science & Business Media.
- Cyral. (n.d.). Threat Modeling With STRIDE(Online). https://cyral.com/glossary/threat-modeling-with-stride/
- H. J. Mun & G. H. Choi & Y. C. Hwang. (2016). Countermeasure to underlying security threats in IoT communication. Journal of Convergence for Information, 6(2), 37-43. DOI : 10.22156/CS4SMB.2016.6.2.037
- J. H. Won, J. W. Hong & Y. Y. You. (2018). A study on the improvement of security threat analysis and response technology by IoT layer. Journal of Convergence for information, 8(6), 149-157. DOI : 10.22156/CS4SMB.2018.8.6.149
- J. K. Cho. (2019). Study on improvement of vulnerability diagnosis items for PC security enhancement. Journal of Covergence for Information, 9(3), 1-7. DOI : 10.22156/CS4SMB.2019.9.3.001