Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Eric Hatleback
December 2018 - White Paper Towards Improving CVSS

Topics: Vulnerability Analysis

This paper outlines challenges with the Common Vulnerability Scoring System (CVSS).

April 2018 - White Paper Blacklist Ecosystem Analysis: July - December 2017

Topics: Network Situational Awareness

This short report provides a summary of the various analyses of the blacklist ecosystem performed from July 1, 2017, through December 31, 2017.

August 2017 - White Paper Blacklist Ecosystem Analysis: January - June, 2017

Topics: Network Situational Awareness

This short report provides a summary of the various analyses of the blacklist ecosystem performed to date. It also appends the latest additional data to those analyses; the added data in this report covers the time period from January through June 2017.

June 2017 - White Paper Blacklist Ecosystem Analysis: July – December 2016

This report provides a summary of various analyses of the blacklist ecosystem performed to date. It also appends the latest additional data to those analyses; the added data in this report covers the time period from July 1 through December 31, 2016.

May 2017 - Presentation Thinking about Intrusion Kill Chains as Mechanisms

Topics: Cybersecurity Engineering

We integrate two established modeling methods from disparate fields: mechanisms from the philosophy of science literature and intrusion kill chain modeling from the computer security literature.

December 2016 - White Paper Blacklist Ecosystem Analysis: January – June, 2016

Topics: Network Situational Awareness

This short report provides a summary of the various analyses of the blacklist ecosystem performed to date. It also appends the latest additional data to those analyses; the added data in this report covers the time period from January through June 2016.

August 2016 - White Paper Blacklist Ecosystem Analysis: 2016 Update

Topics: Network Situational Awareness

This white paper, which is the latest in a series of regular updates, builds upon the analysis of blacklists presented in our 2013 and 2014 reports.

July 2014 - Article Exploring a Mechanistic Approach to Experimentation in Computing

Topics: Science of Cybersecurity, Measurement and Analysis

Authors: Jonathan Spring,

In this article, the authors describe the benefits of applying the mechanistic approach in philosophy of science to experimentation in computing.