References:
1. D. Kennedy et al., "Penetration Testing: A Hands-On Introduction to Hacking," 2nd ed., No Starch Press, 2014.
2. R. K. Lippmann et al., "Penetration Testing: Procedures & Methodologies," SANS Institute, 2015.
3. P. Mell et al., "The Common Vulnerability Scoring System (CVSS) and Its Applicability to Federal Agency Systems," National Institute of Standards and Technology, 2016.
4. S. S. Manadhata and J. Wing, "An Attack Surface Metric," IEEE Transactions on Software Engineering, vol. 37, no. 3, pp. 371-386, May-June 2011.
5. M. Bishop, "Common Weakness Enumeration," IEEE Security & Privacy, vol. 7, no. 1, pp. 78-81, Jan.-Feb. 2009.
6. J. A. Halderman et al., "A Measurement Study of the HTTPS Certificate Ecosystem," Proceedings of the 2013 Conference on Internet Measurement Conference, Barcelona, Spain, Oct. 2013, pp. 329-342.
7. N. Nikiforakis et al., "Cookieless Monster: Exploring the Ecosystem of Web-Based Device Fingerprinting," Proceedings of the 2013 IEEE Symposium on Security and Privacy, San Francisco, CA, May 2013, pp. 541-555.