{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,12]],"date-time":"2025-09-12T18:44:59Z","timestamp":1757702699569},"publisher-location":"Cham","reference-count":47,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030209506"},{"type":"electronic","value":"9783030209513"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-20951-3_23","type":"book-chapter","created":{"date-parts":[[2019,6,16]],"date-time":"2019-06-16T23:02:48Z","timestamp":1560726168000},"page":"260-278","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["New Goal Recognition Algorithms Using Attack Graphs"],"prefix":"10.1007","author":[{"given":"Reuth","family":"Mirsky","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ya\u2019ar","family":"Shalom","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ahmad","family":"Majadly","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kobi","family":"Gal","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rami","family":"Puzis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ariel","family":"Felner","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,5,19]]},"reference":[{"key":"23_CR1","unstructured":"Al-Mamory, S., Zhang, H.: A survey on IDS alerts processing techniques. In: The 6th WSEAS International Conference on Information Security and Privacy (2007)"},{"key":"23_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"256","DOI":"10.1007\/978-3-319-68711-7_14","volume-title":"Decision and Game Theory for Security","author":"S Ang","year":"2017","unstructured":"Ang, S., Chan, H., Jiang, A.X., Yeoh, W.: Game-theoretic goal recognition models with applications to security domains. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds.) Decision and Game Theory for Security. LNCS, vol. 10575, pp. 256\u2013272. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68711-7_14"},{"key":"23_CR3","unstructured":"Avrahami-Zilberbrand, D., Kaminka, G.: Fast and complete symbolic plan recognition. In: International Joint Conference on Artificial Intelligence (2005)"},{"key":"23_CR4","doi-asserted-by":"crossref","unstructured":"Azer, M.A., El-Kassas, S.M., El-Soudani, M.S.: Security in ad hoc networks: from vulnerability to risk management. In: 2009 Third International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2009, pp. 203\u2013209. IEEE (2009)","DOI":"10.1109\/SECURWARE.2009.38"},{"key":"23_CR5","unstructured":"Backes, M., Hoffmann, J., K\u00fcnnemann, R., Speicher, P., Steinmetz, M.: Simulated penetration testing and mitigation analysis. arXiv preprint arXiv:1705.05088 (2017)"},{"key":"23_CR6","doi-asserted-by":"crossref","unstructured":"Bisson, F., Kabanza, F., Benaskeur, A.R., Irandoust, H.: Provoking opponents to facilitate the recognition of their intentions. In: AAAI (2011)","DOI":"10.1609\/aaai.v25i1.8032"},{"key":"23_CR7","unstructured":"Bui, H.: A general model for online probabilistic plan recognition. In: International Joint Conference on Artificial Intelligence, vol. 3, pp. 1309\u20131315 (2003)"},{"key":"23_CR8","unstructured":"Chyssler, T., Burschka, S., Semling, M., Lingvall, T., Burbeck, K.: Alarm reduction and correlation in intrusion detection systems. In: DIMVA, pp. 9\u201324 (2004)"},{"key":"23_CR9","unstructured":"Durkota, K., Lis\u1ef3, V., Bosansk\u1ef3, B., Kiekintveld, C.: Optimal network security hardening using attack graph games. In: International Joint Conference on Artificial Intelligence, pp. 526\u2013532 (2015)"},{"key":"23_CR10","unstructured":"E-Martin, Y., R-Moreno, M., Smith, D.: A fast goal recognition technique based on interaction estimates. In: Twenty-Fourth International Joint Conference on Artificial Intelligence (2015)"},{"key":"23_CR11","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/s10458-006-9006-1","volume":"14","author":"A Felner","year":"2007","unstructured":"Felner, A., Stern, R., Rosenschein, J., Pomeransky, A.: Searching for close alternative plans. AAMAS 14, 211\u2013237 (2007). https:\/\/doi.org\/10.1007\/s10458-006-9006-1","journal-title":"AAMAS"},{"key":"23_CR12","doi-asserted-by":"crossref","unstructured":"Freedman, R., Zilberstein, S.: Integration of planning with recognition for responsive interaction using classical planners. In: AAAI, pp. 4581\u20134588 (2017)","DOI":"10.1609\/aaai.v31i1.11188"},{"key":"23_CR13","unstructured":"Geib, C., Goldman, R.: Plan recognition in intrusion detection systems. In: 2001 Proceedings of the DARPA Information Survivability Conference and Exposition II, DISCEX 2001, vol. 1, pp. 46\u201355. IEEE (2001)"},{"key":"23_CR14","unstructured":"Geib, C., Maraist, J., Goldman, R.: A new probabilistic plan recognition algorithm based on string rewriting. In: ICAPS, pp. 91\u201398 (2008)"},{"key":"23_CR15","unstructured":"Goldman, R., Friedman, S., Rye, J.: Plan recognition for network analysis: preliminary report. In: AAAI Workshops on PAIR (2018)"},{"key":"23_CR16","unstructured":"Gonda, T., Shani, G., Puzis, R., Shapira, B.: Ranking vulnerability fixes using planning graph analysis. In: IWAISe: First International Workshop on Artificial Intelligence in Security, p. 41 (2017)"},{"issue":"3","key":"23_CR17","first-page":"57","volume":"22","author":"J Hoffmann","year":"2001","unstructured":"Hoffmann, J.: FF: the fast-forward planning system. AI Mag. 22(3), 57 (2001)","journal-title":"AI Mag."},{"key":"23_CR18","doi-asserted-by":"crossref","unstructured":"Hoffmann, J.: Simulated penetration testing: from \u201cDijkstra\u201d to \u201cTuring Test++\u201d. In: ICAPS, pp. 364\u2013372 (2015)","DOI":"10.1609\/icaps.v25i1.13684"},{"key":"23_CR19","doi-asserted-by":"publisher","first-page":"215","DOI":"10.1613\/jair.1492","volume":"22","author":"J Hoffmann","year":"2004","unstructured":"Hoffmann, J., Porteous, J., Sebastia, L.: Ordered landmarks in planning. J. Artif. Intell. Res. 22, 215\u2013278 (2004)","journal-title":"J. Artif. Intell. Res."},{"key":"23_CR20","unstructured":"Kabanza, F., Filion, J., Benaskeur, A.R., Irandoust, H.: Controlling the hypothesis space in probabilistic plan recognition. In: International Joint Conference on Artificial Intelligence, pp. 2306\u20132312 (2013)"},{"key":"23_CR21","doi-asserted-by":"crossref","unstructured":"Le Guillarme, N., Mouaddib, A., Gatepaille, S., Bellenger, A.: Adversarial intention recognition as inverse game-theoretic planning for threat assessment. In: ICTAI, pp. 698\u2013705. IEEE (2016)","DOI":"10.1109\/ICTAI.2016.0111"},{"key":"23_CR22","unstructured":"Lis\u1ef3, V., P\u00edbil, R., Stiborek, J., Bo\u0161ansk\u1ef3, B., P\u011bchou\u010dek, M.: Game-theoretic approach to adversarial plan recognition. In: ECAI, pp. 546\u2013551. IOS Press (2012)"},{"key":"23_CR23","doi-asserted-by":"crossref","unstructured":"Masters, P., Sardina, S.: Cost-based goal recognition for path-planning. In: AAMAS, pp. 750\u2013758 (2017)","DOI":"10.24963\/ijcai.2018\/747"},{"key":"23_CR24","doi-asserted-by":"crossref","unstructured":"Masters, P., Sardina, S.: Deceptive path-planning. In: International Joint Conference on Artificial Intelligence 2017, pp. 4368\u20134375. AAAI Press (2017)","DOI":"10.24963\/ijcai.2017\/610"},{"key":"23_CR25","unstructured":"Mirsky, R., Gal, Y., Tolpin, D.: Session analysis using plan recognition. In: Workshop on User Interfaces and Scheduling and Planning (UISP) (2017)"},{"key":"23_CR26","doi-asserted-by":"crossref","unstructured":"Mirsky, R., Stern, R., Gal, Y., Kalech, M.: Plan recognition design. In: AAAI, pp. 4971\u20134972 (2017)","DOI":"10.1609\/aaai.v31i1.11092"},{"key":"23_CR27","doi-asserted-by":"crossref","unstructured":"Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Workshop on Visualization and Data Mining for Computer Security, pp. 109\u2013118. ACM (2004)","DOI":"10.1145\/1029208.1029225"},{"key":"23_CR28","unstructured":"Noel, S., Robertson, E., Jajodia, S.: Correlating intrusion events and building attack scenarios through attack graph distances. In: Computer Security Applications Conference (2004)"},{"issue":"3","key":"23_CR29","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/s10922-008-9109-x","volume":"16","author":"S Noel","year":"2008","unstructured":"Noel, S., Jajodia, S.: Optimal IDS sensor placement and alert prioritization using attack graphs. J. Netw. Syst. Manag. 16(3), 259\u2013275 (2008)","journal-title":"J. Netw. Syst. Manag."},{"key":"23_CR30","unstructured":"Ou, X., Govindavajhala, S.: MulVAL: a logic-based network security analyzer. In: 14th USENIX Security Symposium. Citeseer (2005)"},{"key":"23_CR31","doi-asserted-by":"crossref","unstructured":"Pereira, R., Oren, N., Meneguzzi, F.: Landmark-based heuristics for goal recognition. In: AAAI (2017)","DOI":"10.1609\/aaai.v31i1.11021"},{"key":"23_CR32","unstructured":"Pereira, R., Oren, N., Meneguzzi, F.: Plan optimality monitoring using landmarks and planning heuristics. In: PAIR Workshop in AAAI (2017)"},{"key":"23_CR33","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secur. Comput. 9, 61\u201374 (2012)","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"23_CR34","unstructured":"Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: 2004 20th Annual Computer Security Applications Conference, pp. 370\u2013379. IEEE (2004)"},{"key":"23_CR35","unstructured":"Ram\u00edrez, M., Geffner, H.: Plan recognition as planning. In: AAAI (2009)"},{"key":"23_CR36","doi-asserted-by":"crossref","unstructured":"Ram\u00edrez, M., Geffner, H.: Probabilistic plan recognition using off-the-shelf classical planners. In: AAAI (2010)","DOI":"10.1609\/aaai.v24i1.7745"},{"key":"23_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1007\/978-3-642-21323-6_8","volume-title":"Computational Intelligence in Security for Information Systems","author":"S Roschke","year":"2011","unstructured":"Roschke, S., Cheng, F., Meinel, C.: A new alert correlation algorithm based on attack graph. In: Herrero, \u00c1., Corchado, E. (eds.) CISIS 2011. LNCS, vol. 6694, pp. 58\u201367. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21323-6_8"},{"key":"23_CR38","unstructured":"Shmaryahu, D.: Constructing plan trees for simulated penetration testing. In: ICAPS (2016)"},{"key":"23_CR39","unstructured":"Shmaryahu, D., Shani, G., Hoffmann, J., Steinmetz, M.: Partially observable contingent planning for penetration testing. In: IWAISe: First International Workshop on Artificial Intelligence in Security, p. 33 (2017)"},{"key":"23_CR40","doi-asserted-by":"crossref","unstructured":"Shmaryahu, D., Shani, G., Hoffmann, J., Steinmetz, M.: Simulated penetration testing as contingent planning. In: ICAPS (2018)","DOI":"10.1609\/icaps.v28i1.13902"},{"key":"23_CR41","doi-asserted-by":"crossref","unstructured":"Shvo, M., Sohrabi, S., Mcllraith, S.: An AI planning-based approach to the multi-agent plan recognition problem. In: PAIR Workshop in AAAI (2017)","DOI":"10.1007\/978-3-319-89656-4_23"},{"key":"23_CR42","unstructured":"Sohrabi, S., Riabov, A., Udrea, O.: Plan recognition as planning revisited. In: International Joint Conference on Artificial Intelligence, pp. 3258\u20133264 (2016)"},{"key":"23_CR43","unstructured":"Swiler, L., Phillips, C., Ellis, D., Chakerian, S.: Computer-attack graph generation tool. In: DISCEX, p. 1307. IEEE (2001)"},{"key":"23_CR44","doi-asserted-by":"crossref","unstructured":"Vered, M., Kaminka, G.: Heuristic online goal recognition in continuous domains. In: International Joint Conference on Artificial Intelligence, pp. 4447\u20134454 (2017)","DOI":"10.24963\/ijcai.2017\/621"},{"key":"23_CR45","unstructured":"Vered, M., Pereira, R., Magnaguagno, M., Kaminka, G., Meneguzzi, F.: Towards online goal recognition combining goal mirroring and landmarks. In: AAMAS (2018)"},{"issue":"15","key":"23_CR46","doi-asserted-by":"publisher","first-page":"2917","DOI":"10.1016\/j.comcom.2006.04.001","volume":"29","author":"L Wang","year":"2006","unstructured":"Wang, L., Liu, A., Jajodia, S.: Using attack graphs for correlating, hypothesizing, and predicting intrusion alerts. Comput. Commun. 29(15), 2917\u20132933 (2006)","journal-title":"Comput. Commun."},{"issue":"5\u20136","key":"23_CR47","doi-asserted-by":"publisher","first-page":"188","DOI":"10.1016\/j.cose.2008.05.005","volume":"27","author":"S Zhang","year":"2008","unstructured":"Zhang, S., Li, J., Chen, X., Fan, L.: Building network attack graph for alert causal correlation. Comput. Secur. 27(5\u20136), 188\u2013196 (2008)","journal-title":"Comput. Secur."}],"container-title":["Lecture Notes in Computer Science","Cyber Security Cryptography and Machine Learning"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-20951-3_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,9,17]],"date-time":"2023-09-17T13:40:27Z","timestamp":1694958027000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-20951-3_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030209506","9783030209513"],"references-count":47,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-20951-3_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"19 May 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CSCML","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Cyber Security Cryptography and Machine Learning","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Beer-Sheva","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Israel","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 June 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 June 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cscml2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.cs.bgu.ac.il\/~fradmin\/cscml19\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Open","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"36","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"18","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"10","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"50% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"n\/a","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}