User profiles for Xinming Ou
 | Xinming (Simon) OuProfessor of Computer Science and Engineering, University of South Florida Verified email at usf.edu Cited by 8230 |
Cyber-physical-social interdependencies and organizational resilience: A review of water, transportation, and cyber infrastructure systems and processes
Building resilience in critical infrastructures for smart and connected cities requires consideration
of different types of interdependencies. Previous research has mainly conceptualized …
of different types of interdependencies. Previous research has mainly conceptualized …
MulVAL: A logic-based network security analyzer.
To determine the security impact software vulnerabilities have on a particular network, one
must consider interactions among multiple network elements. For a vulnerability analysis tool …
must consider interactions among multiple network elements. For a vulnerability analysis tool …
A scalable approach to attack graph generation
X Ou, WF Boyer, MA McQueen - … of the 13th ACM conference on …, 2006 - dl.acm.org
Attack graphs are important tools for analyzing security vulnerabilities in enterprise networks.
Previous work on attack graphs has not provided an account of the scalability of the graph …
Previous work on attack graphs has not provided an account of the scalability of the graph …
Amandroid: A precise and general inter-component data flow analysis framework for security vetting of android apps
We present a new approach to static analysis for security vetting of Android apps and a general
framework called Amandroid. Amandroid determines points-to information for all objects …
framework called Amandroid. Amandroid determines points-to information for all objects …
Deep ground truth analysis of current android malware
To build effective malware analysis techniques and to evaluate new detection tools, up-to-date
datasets reflecting the current Android malware landscape are essential. For such …
datasets reflecting the current Android malware landscape are essential. For such …
Using Bayesian networks for cyber security analysis
Capturing the uncertain aspects in cyber security is important for security analysis in
enterprise networks. However, there has been insufficient effort in studying what modeling …
enterprise networks. However, there has been insufficient effort in studying what modeling …
Towards a theory of moving target defense
The static nature of cyber systems gives attackers the advantage of time. Fortunately, a new
approach, called the Moving Target Defense (MTD) has emerged as a potential solution to …
approach, called the Moving Target Defense (MTD) has emerged as a potential solution to …
Identifying critical attack assets in dependency attack graphs
RE Sawilla, X Ou - Computer Security-ESORICS 2008: 13th European …, 2008 - Springer
Attack graphs have been proposed as useful tools for analyzing security vulnerabilities in
network systems. Even when they are produced efficiently, the size and complexity of attack …
network systems. Even when they are produced efficiently, the size and complexity of attack …
An empirical study on using the national vulnerability database to predict software vulnerabilities
Software vulnerabilities represent a major cause of cyber-security problems. The National
Vulnerability Database (NVD) is a public data source that maintains standardized information …
Vulnerability Database (NVD) is a public data source that maintains standardized information …
[BOOK][B] Security risk analysis of enterprise networks using probabilistic attack graphs
Today’s information systems face sophisticated attackers who combine multiple vulnerabilities
to penetrate networks with devastating impact. The overall security of an enterprise …
to penetrate networks with devastating impact. The overall security of an enterprise …