{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T18:01:48Z","timestamp":1743012108062,"version":"3.40.3"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030587024"},{"type":"electronic","value":"9783030587031"}],"license":[{"start":{"date-parts":[[2020,9,9]],"date-time":"2020-09-09T00:00:00Z","timestamp":1599609600000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,9,9]],"date-time":"2020-09-09T00:00:00Z","timestamp":1599609600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-58703-1_7","type":"book-chapter","created":{"date-parts":[[2020,9,8]],"date-time":"2020-09-08T06:02:47Z","timestamp":1599544967000},"page":"100-115","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Network System\u2019s Vulnerability Quantification Using Multi-layered Fuzzy Logic Based on GQM"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2471-9760","authenticated-orcid":false,"given":"Mohammad","family":"Shojaeshafiei","sequence":"first","affiliation":[]},{"given":"Letha","family":"Etzkorn","sequence":"additional","affiliation":[]},{"given":"Michael","family":"Anderson","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,9,9]]},"reference":[{"key":"7_CR1","volume-title":"IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data","author":"L Hayden","year":"2010","unstructured":"Hayden, L.: IT Security Metrics: A Practical Framework for Measuring Security & Protecting Data. McGraw Hill, New York (2010)"},{"issue":"2","key":"7_CR2","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1016\/j.cose.2004.07.004","volume":"24","author":"B Karabacak","year":"2005","unstructured":"Karabacak, B., Sogukpinar, I.: ISRAM: information security risk analysis method. Comput. Secur. 24(2), 147\u2013159 (2005)","journal-title":"Comput. Secur."},{"key":"7_CR3","doi-asserted-by":"crossref","unstructured":"Basili, V.R., Green, S.: Software process evolution at the SEL. Foundations of Empirical Software Engineering, pp. 142\u2013154","DOI":"10.1007\/3-540-27662-9_11"},{"key":"7_CR4","doi-asserted-by":"publisher","DOI":"10.1007\/978-94-009-3249-4","volume-title":"Fuzzy Sets, Decision Making, and Expert Systems","author":"H-J Zimmermann","year":"1987","unstructured":"Zimmermann, H.-J.: Fuzzy Sets, Decision Making, and Expert Systems. Springer, Dordrecht (1987)"},{"issue":"3","key":"7_CR5","doi-asserted-by":"publisher","first-page":"338","DOI":"10.1016\/S0019-9958(65)90241-X","volume":"8","author":"L Zadeh","year":"1965","unstructured":"Zadeh, L.: Fuzzy sets. Inf. Control 8(3), 338\u2013353 (1965)","journal-title":"Inf. Control"},{"key":"7_CR6","doi-asserted-by":"crossref","unstructured":"Bibliography on fuzzy sets and their applications. In: Fuzzy Sets and Their Applications to Cognitive and Decision Processes, pp. 477\u2013496 (1975)","DOI":"10.1016\/B978-0-12-775260-0.50025-6"},{"issue":"1","key":"7_CR7","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1016\/0165-0114(94)90003-5","volume":"64","author":"W Pedrycz","year":"1994","unstructured":"Pedrycz, W.: Why triangular membership functions? Fuzzy Sets Syst. 64(1), 21\u201330 (1994)","journal-title":"Fuzzy Sets Syst."},{"issue":"2","key":"7_CR8","doi-asserted-by":"publisher","first-page":"105","DOI":"10.1016\/0165-0114(86)90014-X","volume":"18","author":"J Kacprzyk","year":"1986","unstructured":"Kacprzyk, J.: Group decision making with a fuzzy linguistic majority. Fuzzy Sets Syst. 18(2), 105\u2013118 (1986)","journal-title":"Fuzzy Sets Syst."},{"issue":"6","key":"7_CR9","doi-asserted-by":"publisher","first-page":"643","DOI":"10.1109\/91.811231","volume":"7","author":"N Karnik","year":"1999","unstructured":"Karnik, N., Mendel, J., Liang, Q.: Type-2 fuzzy logic systems. IEEE Trans. Fuzzy Syst. 7(6), 643\u2013658 (1999)","journal-title":"IEEE Trans. Fuzzy Syst."},{"issue":"2","key":"7_CR10","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1016\/S0165-0114(97)00337-0","volume":"108","author":"WV Leekwijck","year":"1999","unstructured":"Leekwijck, W.V., Kerre, E.E.: Defuzzification: criteria and classification. Fuzzy Sets Syst. 108(2), 159\u2013178 (1999)","journal-title":"Fuzzy Sets Syst."},{"issue":"6","key":"7_CR11","doi-asserted-by":"publisher","first-page":"669","DOI":"10.1016\/S0020-7373(76)80028-4","volume":"8","author":"E Mamdani","year":"1976","unstructured":"Mamdani, E.: Advances in the linguistic synthesis of fuzzy controllers. Int. J. Man Mach. Stud. 8(6), 669\u2013678 (1976)","journal-title":"Int. J. Man Mach. Stud."},{"issue":"1","key":"7_CR12","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1504\/IJDATS.2016.075971","volume":"8","author":"E Erturk","year":"2016","unstructured":"Erturk, E., Sezer, E.A.: Software fault prediction using Mamdani type fuzzy inference system. Int. J. Data Anal. Tech. Strat. 8(1), 14 (2016)","journal-title":"Int. J. Data Anal. Tech. Strat."},{"issue":"1\u20132","key":"7_CR13","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1016\/0020-0255(85)90026-X","volume":"36","author":"M Sugeno","year":"1985","unstructured":"Sugeno, M.: An introductory survey of fuzzy control. Inf. Sci. 36(1\u20132), 59\u201383 (1985)","journal-title":"Inf. Sci."},{"key":"7_CR14","volume-title":"Security in computing","author":"CP Pfleeger","year":"2018","unstructured":"Pfleeger, C.P., Pfleeger, S.L., Margulies, J.: Security in computing. Pearson India Education Services, India (2018)"},{"key":"7_CR15","volume-title":"Finding and Fixing Vulnerabilities in Information Systems: The Vulnerability Assessment and Mitigation Methodology","author":"PS Anton","year":"2004","unstructured":"Anton, P.S., Anderson, R.H., Mesic, R.: Finding and Fixing Vulnerabilities in Information Systems: The Vulnerability Assessment and Mitigation Methodology. RAND Corporation, Santa Monica (2004)"},{"key":"7_CR16","unstructured":"Measuring Operational Risk Using Fuzzy Logic Modeling. Measuring Operational Risk Using Fuzzy Logic Modeling\u00a0|\u00a0Expert Commentary\u00a0|\u00a0IRMI.com. \nhttps:\/\/www.irmi.com\/articles\/expert-commentary\/measuring-operational-risk-using-fuzzy-logic-modeling\n\n. Accessed 24 Jan 2020"},{"key":"7_CR17","doi-asserted-by":"crossref","unstructured":"Zhao, D.-M., Wang, J.-H., Ma, J.-F.: Fuzzy risk assessment of the network security. In: 2006 International Conference on Machine Learning and Cybernetics (2006)","DOI":"10.1109\/ICMLC.2006.259092"},{"issue":"1","key":"7_CR18","first-page":"29","volume":"6","author":"M-C Lee","year":"2014","unstructured":"Lee, M.-C.: Information security risk analysis methods and research trends: AHP and fuzzy comprehensive method. Int. J. Comput. Sci. Inf. Technol. 6(1), 29\u201345 (2014)","journal-title":"Int. J. Comput. Sci. Inf. Technol."},{"key":"7_CR19","unstructured":"Watkins, L., Hurley, J.S.: Cyber maturity as measured by scientific-based risk metrics. J. Inf. Warf., 60\u201369"},{"key":"7_CR20","doi-asserted-by":"crossref","unstructured":"The ISO 27001 Risk Assessment: Information Security Risk Management for ISO 27001\/ISO 27002, 3rd edn., pp. 87\u201393 (2019)","DOI":"10.2307\/j.ctvndv9kx.11"},{"key":"7_CR21","unstructured":"J. T. Force: Security and Privacy Controls for Information Systems and Organizations, CSRC, 15 August 2017. \nhttps:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53\/rev-5\/draft"},{"issue":"11\u201312","key":"7_CR22","doi-asserted-by":"publisher","first-page":"701","DOI":"10.1016\/0950-5849(93)90091-G","volume":"35","author":"M Shepperd","year":"1993","unstructured":"Shepperd, M.: Practical software metrics for project management and process improvement. Inf. Softw. Technol. 35(11\u201312), 701 (1993)","journal-title":"Inf. Softw. Technol."},{"key":"7_CR23","doi-asserted-by":"crossref","unstructured":"Shojaeshafiei, M., Etzkorn, L., Anderson, M.: Cybersecurity framework requirements to quantify vulnerabilities based on GQM. Springer, 04 June 2019. \nhttps:\/\/link.springer.com\/chapter\/10.1007\/978-3-030-31239-8_20","DOI":"10.1007\/978-3-030-31239-8_20"},{"issue":"2","key":"7_CR24","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1016\/j.dss.2003.12.002","volume":"40","author":"E Ngai","year":"2005","unstructured":"Ngai, E., Wat, F.: Fuzzy decision support system for risk analysis in e-commerce development. Decis. Support Syst. 40(2), 235\u2013255 (2005)","journal-title":"Decis. Support Syst."}],"container-title":["Advances in Intelligent Systems and Computing","National Cyber Summit (NCS) Research Track 2020"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-58703-1_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,9,8]],"date-time":"2020-09-08T06:07:15Z","timestamp":1599545235000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-58703-1_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,9,9]]},"ISBN":["9783030587024","9783030587031"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-58703-1_7","relation":{},"ISSN":["2194-5357","2194-5365"],"issn-type":[{"type":"print","value":"2194-5357"},{"type":"electronic","value":"2194-5365"}],"subject":[],"published":{"date-parts":[[2020,9,9]]},"assertion":[{"value":"9 September 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"NCS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"National Cyber Summit","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Huntsville, AL","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2 June 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 June 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ncs2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.nationalcybersummit.com\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}