{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T00:04:26Z","timestamp":1769213066385,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":15,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540690832","type":"print"},{"value":"9783540690849","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2006]]},"DOI":"10.1007\/11962977_19","type":"book-chapter","created":{"date-parts":[[2007,1,19]],"date-time":"2007-01-19T05:55:24Z","timestamp":1169186124000},"page":"235-248","source":"Crossref","is-referenced-by-count":61,"title":["Rational Choice of Security Measures Via Multi-parameter Attack Trees"],"prefix":"10.1007","author":[{"given":"Ahto","family":"Buldas","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peeter","family":"Laud","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jaan","family":"Priisalu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"M\u00e4rt","family":"Saarepera","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jan","family":"Willemson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"issue":"4","key":"19_CR1","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSECP.2003.1219053","volume":"1","author":"D. Geer","year":"2003","unstructured":"Geer, D., Hoo, K.S., Jaquith, A.: Information security: Why the future belongs to the quants. IEEE Security and Privacy\u00a01(4), 24\u201332 (2003)","journal-title":"IEEE Security and Privacy"},{"issue":"1","key":"19_CR2","first-page":"55","volume":"38","author":"W. Sonnenreich","year":"2006","unstructured":"Sonnenreich, W., Albanese, J., Stout, B.: Return On Security Investment (ROSI) \u2013 A practical quantitative model. Journal of Research and Practice in Information Technology\u00a038(1), 55\u201366 (2006)","journal-title":"Journal of Research and Practice in Information Technology"},{"key":"19_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"532","DOI":"10.1007\/11506157_44","volume-title":"Information Security and Privacy","author":"Y. Desmedt","year":"2005","unstructured":"Desmedt, Y.: Potential impacts of a growing gap between theory and practice in information security. In: Boyd, C., Gonz\u00e1lez Nieto, J.M. (eds.) ACISP 2005. LNCS, vol.\u00a03574, pp. 532\u2013536. Springer, Heidelberg (2005)"},{"key":"19_CR4","unstructured":"Meritt, J.W.: A method for quantitative risk analysis. In: Proceedings of the 22nd National Information Systems Security Conference (1999)"},{"key":"19_CR5","unstructured":"Vesely, W.E., Goldberg, F.F., Roberts, N.H., Haasl, D.F.: Fault Tree Handbook. US Government Printing Office. Systems and Reliability Research, Office of Nuclear Regulatory Research, U.S. Nuclear Regulatory Commission (January 1981)"},{"key":"19_CR6","volume-title":"Building Secure Software: How to Avoid Security Problems the Right Way","author":"J. Viega","year":"2001","unstructured":"Viega, J., McGraw, G.: Building Secure Software: How to Avoid Security Problems the Right Way. Addison Wesley Professional, Reading (2001)"},{"key":"19_CR7","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical Report CMU\/SEI-2001-TN-001, Software Engineering Institute (2001)","DOI":"10.21236\/ADA387544"},{"issue":"12","key":"19_CR8","first-page":"21","volume":"24","author":"B. Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb\u2019s Journal\u00a024(12), 21\u201329 (1999)","journal-title":"Dr. Dobb\u2019s Journal"},{"key":"19_CR9","volume-title":"Secrets & Lies. Digital Security in a Networked World","author":"B. Schneier","year":"2000","unstructured":"Schneier, B.: Secrets & Lies. Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)"},{"key":"19_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/11734727_17","volume-title":"Information Security and Cryptology - ICISC 2005","author":"S. Mauw","year":"2006","unstructured":"Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol.\u00a03935, pp. 186\u2013198. Springer, Heidelberg (2006)"},{"key":"19_CR11","unstructured":"Opel, A.: Design and implementation of a support tool for attack trees. Technical report, Otto-von-Guericke University. Internship Thesis (March 2005)"},{"issue":"1","key":"19_CR12","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1145\/1053283.1053288","volume":"8","author":"P. Liu","year":"2005","unstructured":"Liu, P., Zang, W., Yu, M.: Incentive-Based Modeling and Inference of Attacker Intent, Objectives and Strategies. ACM Transactions on Information and Systems Security\u00a08(1), 78\u2013118 (2005)","journal-title":"ACM Transactions on Information and Systems Security"},{"key":"19_CR13","unstructured":"Schechter, S.E.: Computer Security Strength & Risk: A Quantitative Approach. PhD thesis, Harvard University (2004)"},{"key":"19_CR14","unstructured":"2004 E-CrimeWatch Survey. Summary of Findings. Conducted by CSO magazine in cooperation with the U.S. Secret Service & CERT Coordination Center (2004), Available at: http:\/\/www.cert.org\/archive\/pdf\/2004eCrimeWatchSummary.pdf"},{"key":"19_CR15","first-page":"51","volume":"1","author":"G. Cohen","year":"2005","unstructured":"Cohen, G.: The role of attack simulation in automating security risk management. Information Systems Control Journal\u00a01, 51\u201354 (2005)","journal-title":"Information Systems Control Journal"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11962977_19.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:22:31Z","timestamp":1619508151000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11962977_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2006]]},"ISBN":["9783540690832","9783540690849"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/11962977_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2006]]}}}