{"id":"https://openalex.org/W2910412439","doi":"https://doi.org/10.1145/3292448.3292456","title":"A Survey of Quantitative Security Risk Analysis Models for Computer Systems","display_name":"A Survey of Quantitative Security Risk Analysis Models for Computer Systems","publication_year":2018,"publication_date":"2018-10-06","ids":{"openalex":"https://openalex.org/W2910412439","doi":"https://doi.org/10.1145/3292448.3292456","mag":"2910412439"},"language":"en","primary_location":{"id":"doi:10.1145/3292448.3292456","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3292448.3292456","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd International Conference on Advances in Artificial Intelligence","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5067869226","display_name":"Ines Meriah","orcid":"https://orcid.org/0000-0002-8713-0216"},"institutions":[{"id":"https://openalex.org/I108714496","display_name":"Tunis University","ror":"https://ror.org/02q1spa57","country_code":"TN","type":"education","lineage":["https://openalex.org/I108714496"]}],"countries":["TN"],"is_corresponding":true,"raw_author_name":"Ines Meriah","raw_affiliation_strings":["Universit\u00e9 de Tunis, ISG, SMART Lab, Bouchoucha Bardo, Tunisia"],"affiliations":[{"raw_affiliation_string":"Universit\u00e9 de Tunis, ISG, SMART Lab, Bouchoucha Bardo, Tunisia","institution_ids":["https://openalex.org/I108714496"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082262732","display_name":"Latifa Ben Arfa Rabai","orcid":"https://orcid.org/0000-0002-5657-4682"},"institutions":[{"id":"https://openalex.org/I108714496","display_name":"Tunis University","ror":"https://ror.org/02q1spa57","country_code":"TN","type":"education","lineage":["https://openalex.org/I108714496"]},{"id":"https://openalex.org/I4210109238","display_name":"University of Buraimi","ror":"https://ror.org/01q0sjp54","country_code":"OM","type":"education","lineage":["https://openalex.org/I4210109238"]}],"countries":["OM","TN"],"is_corresponding":false,"raw_author_name":"Latifa Ben Arfa Rabai","raw_affiliation_strings":["College of business, University of Buraimi, Sultanate of Oman, Universit\u00e9 de Tunis, ISG, SMART Lab Le Bardo, Tunisia"],"affiliations":[{"raw_affiliation_string":"College of business, University of Buraimi, Sultanate of Oman, Universit\u00e9 de Tunis, ISG, SMART Lab Le Bardo, Tunisia","institution_ids":["https://openalex.org/I4210109238","https://openalex.org/I108714496"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5067869226"],"corresponding_institution_ids":["https://openalex.org/I108714496"],"apc_list":null,"apc_paid":null,"fwci":1.5707,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.8878357,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"36","last_page":"40"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9968000054359436,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.6844238638877869},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6804519891738892},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.6750988960266113},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.6331513524055481},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.5440799593925476},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.5389772653579712},{"id":"https://openalex.org/keywords/threat","display_name":"Threat","score":0.5368502736091614},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.5080011487007141},{"id":"https://openalex.org/keywords/information-security-management","display_name":"Information security management","score":0.4954766035079956},{"id":"https://openalex.org/keywords/it-risk-management","display_name":"IT risk management","score":0.4677291810512543},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4653986394405365},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45566055178642273},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.43200206756591797},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.39954620599746704},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.3754322826862335},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3585304915904999},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.2119928002357483},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.16089168190956116}],"concepts":[{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.6844238638877869},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6804519891738892},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.6750988960266113},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.6331513524055481},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.5440799593925476},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.5389772653579712},{"id":"https://openalex.org/C17520342","wikidata":"https://www.wikidata.org/wiki/Q7797190","display_name":"Threat","level":5,"score":0.5368502736091614},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.5080011487007141},{"id":"https://openalex.org/C148976360","wikidata":"https://www.wikidata.org/wiki/Q1662500","display_name":"Information security management","level":5,"score":0.4954766035079956},{"id":"https://openalex.org/C95609273","wikidata":"https://www.wikidata.org/wiki/Q5975208","display_name":"IT risk management","level":3,"score":0.4677291810512543},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4653986394405365},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45566055178642273},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.43200206756591797},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.39954620599746704},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.3754322826862335},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3585304915904999},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.2119928002357483},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.16089168190956116},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3292448.3292456","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3292448.3292456","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2nd International Conference on Advances in Artificial Intelligence","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7799999713897705,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W32063464","https://openalex.org/W110993677","https://openalex.org/W624337328","https://openalex.org/W1558089875","https://openalex.org/W1962667153","https://openalex.org/W1993082159","https://openalex.org/W1997761579","https://openalex.org/W2005530480","https://openalex.org/W2031189121","https://openalex.org/W2068241209","https://openalex.org/W2092214024","https://openalex.org/W2125083487","https://openalex.org/W2158397246","https://openalex.org/W2161793670","https://openalex.org/W2208596391","https://openalex.org/W2573915818","https://openalex.org/W2604107977","https://openalex.org/W2626631366","https://openalex.org/W2757156430","https://openalex.org/W2778865020","https://openalex.org/W2793808850"],"related_works":["https://openalex.org/W1557523735","https://openalex.org/W3199571163","https://openalex.org/W2202160327","https://openalex.org/W2369588203","https://openalex.org/W2364016434","https://openalex.org/W201042542","https://openalex.org/W2132746796","https://openalex.org/W2358390340","https://openalex.org/W2363630253","https://openalex.org/W2377272910"],"abstract_inverted_index":{"Security":[0],"risk":[1,16,48,82,103],"analysis":[2,17,83],"is":[3,88,111],"an":[4],"essential":[5],"part":[6],"of":[7,10,14,40,55,79,102,116],"the":[8,19,52,56,62,67,92,99,120],"management":[9,104],"information":[11,27],"systems.":[12],"Models":[13],"security":[15,37,53,72,81,107,126],"have":[18],"same":[20],"target":[21],"to":[22,36,46,65,112,125],"prevent":[23],"risks":[24],"caused":[25],"by":[26,129],"assets,":[28],"their":[29,94,96],"potential":[30],"threats,":[31],"and":[32,98,106],"vulnerabilities,":[33],"in":[34],"addition":[35],"controls.":[38],"Most":[39],"these":[41],"models":[42,84],"are":[43],"used":[44],"nowadays":[45],"quantify":[47],"value":[49],"without":[50],"identifying":[51],"problems":[54,127],"organization.":[57],"Thus,":[58],"decisions-makers":[59],"cannot":[60],"make":[61],"correct":[63],"decision":[64],"select":[66],"appropriate":[68,121],"methodology":[69],"for":[70,85,118],"resolving":[71],"risks.":[73],"In":[74],"this":[75],"context,":[76],"a":[77,114],"survey":[78],"quantitative":[80,122],"computer":[86],"systems":[87],"presented.":[89],"We":[90],"describe":[91],"models,":[93],"aims,":[95],"phases":[97],"different":[100],"stages":[101],"addressed":[105],"metrics.":[108],"The":[109],"goal":[110],"give":[113],"set":[115],"recommendations":[117],"choosing":[119],"model":[123],"related":[124],"faced":[128],"organizations":[130],"today.":[131]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}