{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T19:07:33Z","timestamp":1743102453732,"version":"3.40.3"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030622299"},{"type":"electronic","value":"9783030622305"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-62230-5_6","type":"book-chapter","created":{"date-parts":[[2020,11,7]],"date-time":"2020-11-07T10:03:04Z","timestamp":1604743384000},"page":"111-126","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["Breaking the Cyber Kill Chain by Modelling Resource Costs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9688-7029","authenticated-orcid":false,"given":"Kristian","family":"Haga","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5509-0184","authenticated-orcid":false,"given":"Per H\u00e5kon","family":"Meland","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5739-8265","authenticated-orcid":false,"given":"Guttorm","family":"Sindre","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,11,8]]},"reference":[{"key":"6_CR1","unstructured":"Assante, M.J., Lee, R.M.: The industrial control system cyber kill chain. SANSInstitute InfoSec Reading Room 1 (2015)"},{"issue":"2","key":"6_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.4018\/jsse.2012040101","volume":"3","author":"A Bagnato","year":"2012","unstructured":"Bagnato, A., Kordy, B., Meland, P.H., Schweitzer, P.: Attribute decoration of attack-defense trees. Int. J. Secure Softw. Eng. (IJSSE) 3(2), 1\u201335 (2012)","journal-title":"Int. J. Secure Softw. Eng. (IJSSE)"},{"key":"6_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/11962977_19","volume-title":"Critical Information Infrastructures Security","author":"A Buldas","year":"2006","unstructured":"Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235\u2013248. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11962977_19"},{"key":"6_CR4","unstructured":"Casey, T.: Threat agent library helps identify information security risks. Intel White Paper 2 (2007)"},{"issue":"4","key":"6_CR5","doi-asserted-by":"publisher","first-page":"588","DOI":"10.2307\/2094589","volume":"44","author":"LE Cohoen","year":"1979","unstructured":"Cohoen, L.E., Felson, M.: Social change and crime rate trends: a routine activity approach. Am. Sociol. Rev. 44(4), 588\u2013608 (1979)","journal-title":"Am. Sociol. Rev."},{"issue":"3","key":"6_CR6","doi-asserted-by":"publisher","first-page":"376","DOI":"10.1093\/bjc\/40.3.376","volume":"40","author":"P Ekblom","year":"2000","unstructured":"Ekblom, P., Tiley, N.: Going equipped. Br. J. Criminol. 40(3), 376\u2013398 (2000)","journal-title":"Br. J. Criminol."},{"key":"6_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"115","DOI":"10.1007\/978-3-319-74860-3_9","volume-title":"Graphical Models for Security","author":"O Gadyatskaya","year":"2018","unstructured":"Gadyatskaya, O., Trujillo-Rasua, R.: New directions in attack tree research: catching up with industrial needs. In: Liu, P., Mauw, S., St\u00f8len, K. (eds.) GraMSec 2017. LNCS, vol. 10744, pp. 115\u2013126. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-74860-3_9"},{"issue":"2","key":"6_CR8","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1177\/a017405","volume":"10","author":"PN Grabosky","year":"2001","unstructured":"Grabosky, P.N.: Virtual criminality: old wine in new bottles? Soc. Legal Stud. 10(2), 243\u2013249 (2001)","journal-title":"Soc. Legal Stud."},{"key":"6_CR9","doi-asserted-by":"crossref","unstructured":"Haga, K.: Breaking the cyber kill chain by modelling resource costs. Master\u2019s thesis, NTNU, Trondheim, Norway (2020)","DOI":"10.1007\/978-3-030-62230-5_6"},{"key":"6_CR10","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1016\/j.ijcip.2015.08.003","volume":"11","author":"A Hahn","year":"2015","unstructured":"Hahn, A., Thomas, R.K., Lozano, I., Cardenas, A.: A multi-layered and kill-chain based security analysis framework for cyber-physical systems. Int. J. Crit. Infrastruct. Prot. 11, 39\u201350 (2015)","journal-title":"Int. J. Crit. Infrastruct. Prot."},{"key":"6_CR11","doi-asserted-by":"publisher","unstructured":"Hevner, A., Chatterjee, S.: Design science research in information systems. In: Design Research in Information Systems, pp. 9\u201322. Springer, Boston (2010). https:\/\/doi.org\/10.1007\/978-1-4419-5653-8_2","DOI":"10.1007\/978-1-4419-5653-8_2"},{"key":"6_CR12","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1007\/978-3-642-39218-4_25","volume-title":"Security and Privacy Protection in Information Processing Systems","author":"JB Hong","year":"2013","unstructured":"Hong, J.B., Kim, D.S.: Performance analysis of scalable attack representation models. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IAICT, vol. 405, pp. 330\u2013343. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39218-4_25"},{"key":"6_CR13","unstructured":"Hutchins, E.M.: The cyber kill chain. Technical report, Lockheed Martin (2020). https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html. Accessed 12 Apr 2020"},{"issue":"1","key":"6_CR14","first-page":"80","volume":"1","author":"EM Hutchins","year":"2011","unstructured":"Hutchins, E.M., Cloppert, M.J., Amin, R.M.: Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues Inf. Warfare Secur. Res. 1(1), 80 (2011)","journal-title":"Leading Issues Inf. Warfare Secur. Res."},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Jensen, P.G., Larsen, K., Legay, A., Poulsen, D.: Quantitative evaluation of attack defense trees using stochastic timed automata. In: International Workshop on Graphical Models for Security, pp. 75\u201390. HAL Id: hal-01640091 (2017)","DOI":"10.1007\/978-3-319-74860-3_5"},{"key":"6_CR16","unstructured":"Jordan, B., Piazza, R., Wounder, J.: Stix version 2.0. part 1: Stix core concepts. Technical report, OASIS Committee Specifications 01 (2017) http:\/\/docs.oasis-open.org\/cti\/stix\/v2.0\/stix-v2.0-part1-stix-core.html. Accessed 13 Apr 2020"},{"key":"6_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cosrev.2014.07.001","volume":"13","author":"B Kordy","year":"2014","unstructured":"Kordy, B., Pi\u00e8tre-Cambac\u00e9d\u00e8s, L., Schweitzer, P.: Dag-based attack and defense modeling: don\u2019t miss the forest for the attack trees. Comput. Sci. Rev. 13, 1\u201338 (2014)","journal-title":"Comput. Sci. Rev."},{"issue":"1","key":"6_CR18","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1109\/MSP.2006.27","volume":"4","author":"N Kshetri","year":"2006","unstructured":"Kshetri, N.: The simple economics of cybercrimes. IEEE Secur. Privacy 4(1), 33\u201339 (2006)","journal-title":"IEEE Secur. Privacy"},{"key":"6_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-319-22975-1_11","volume-title":"Formal Modeling and Analysis of Timed Systems","author":"R Kumar","year":"2015","unstructured":"Kumar, R., Ruijters, E., Stoelinga, M.: Quantitative attack tree analysis via priced timed automata. In: Sankaranarayanan, S., Vicario, E. (eds.) FORMATS 2015. LNCS, vol. 9268, pp. 156\u2013171. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-22975-1_11"},{"issue":"2","key":"6_CR20","first-page":"149","volume":"3","author":"MS Lund","year":"2018","unstructured":"Lund, M.S., Hareide, O.S., J\u00f8sok, \u00d8.: An attack on an integrated navigation system. NECESSE 3(2), 149\u2013163 (2018)","journal-title":"NECESSE"},{"issue":"6","key":"6_CR21","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1016\/S1361-3723(13)70053-8","volume":"2013","author":"D Manky","year":"2013","unstructured":"Manky, D.: Cybercrime as a service: a very modern business. Comput. Fraud Secur. 2013(6), 9\u201313 (2013)","journal-title":"Comput. Fraud Secur."},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.A.: Quantitative cyber risk reduction estimation methodology for a small scada control system. In: Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS 2006), vol. 9, pp. 226\u2013226. IEEE (2006)","DOI":"10.1109\/HICSS.2006.405"},{"key":"6_CR23","doi-asserted-by":"crossref","unstructured":"Meadows, C.: A representation of protocol attacks for risk assessment. In: Proceedings of the DIMACS Workshop on Network Threats, pp. 1\u201310 (1998)","DOI":"10.1090\/dimacs\/038\/01"},{"key":"6_CR24","doi-asserted-by":"crossref","unstructured":"Nagaraju, V., Fiondella, L., Wandji, T.: A survey of fault and attack tree modeling and analysis for cyber risk management. In: 2017 IEEE International Symposium on Technologies for Homeland Security (HST), pp. 1\u20136. IEEE (2017)","DOI":"10.1109\/THS.2017.7943455"},{"issue":"5","key":"6_CR25","doi-asserted-by":"publisher","first-page":"408","DOI":"10.1016\/j.clsr.2005.07.001","volume":"21","author":"N Nykodym","year":"2005","unstructured":"Nykodym, N., Taylor, R., Vilela, J.: Criminal profiling and insider cyber crime. Comput. Law Secur. Rev. 21(5), 408\u2013414 (2005)","journal-title":"Comput. Law Secur. Rev."},{"issue":"3","key":"6_CR26","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1007\/s10551-011-1037-0","volume":"107","author":"SG Pendse","year":"2012","unstructured":"Pendse, S.G.: Ethical hazards: a motive, means, and opportunity approach to curbing corporate unethical behavior. J. Bus. Ethics 107(3), 265\u2013279 (2012)","journal-title":"J. Bus. Ethics"},{"key":"6_CR27","unstructured":"Pols, P.: The unified kill chain: Designing a unified kill chain for analyzing, comparing and defending against cyber attacks. Cyber Security Academy (2017)"},{"issue":"2","key":"6_CR28","doi-asserted-by":"publisher","first-page":"135","DOI":"10.1007\/s11416-007-0042-4","volume":"3","author":"J Preu\u00df","year":"2007","unstructured":"Preu\u00df, J., Furnell, S.M., Papadaki, M.: Considering the potential of criminal profiling to combat hacking. J. Comput. Virol. 3(2), 135\u2013141 (2007)","journal-title":"J. Comput. Virol."},{"key":"6_CR29","unstructured":"Ries, E.: The lean startup : how constant innovation creates radically successful businesses. Portfolio Penguin (2011)"},{"key":"6_CR30","doi-asserted-by":"publisher","unstructured":"Rogers, M.K.: The psyche of cybercriminals: a psycho-social perspective. In: Ghosh, S., Turrini, E. (eds.) Cybercrimes: A Multidisciplinary Analysis, pp. 217\u2013235. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-13547-7_14","DOI":"10.1007\/978-3-642-13547-7_14"},{"issue":"4","key":"6_CR31","first-page":"124","volume":"23","author":"V Saini","year":"2008","unstructured":"Saini, V., Duan, Q., Paruchuri, V.: Threat modeling using attack trees. J. Comput. Sci. Colleges 23(4), 124\u2013131 (2008)","journal-title":"J. Comput. Sci. Colleges"},{"issue":"12","key":"6_CR32","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees. Dr. Dobb\u2019s J. 24(12), 21\u201329 (1999)","journal-title":"Dr. Dobb\u2019s J."},{"key":"6_CR33","doi-asserted-by":"crossref","unstructured":"Shinder, D.L., Tittel, E.: Chapter 3 - understanding the people on the scene. In: Scene of the Cybercrime, pp. 93\u2013146. Syngress, Burlington (2002)","DOI":"10.1016\/B978-193183665-4\/50008-2"},{"key":"6_CR34","volume-title":"The Sciences of the Artificial","author":"HA Simon","year":"1996","unstructured":"Simon, H.A.: The Sciences of the Artificial, 3rd edn. MIT Press, Cambridge (1996)","edition":"3"},{"key":"6_CR35","unstructured":"Van Ruitenbeek, E., Keefe, K., Sanders, W.H., Muehrcke, C.: Characterizing the behavior of cyber adversaries: the means, motive, and opportunity of cyberattacks. In: 40th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Supplemental (DSN 2010), pp. 17\u201318 (2010)"},{"key":"6_CR36","unstructured":"Walde, A., Hanus, E.G.: The feasibility of AIS- and GNSS-based attacks within the maritime industry. Master\u2019s thesis, NTNU, Trondheim, Norway (2020)"},{"issue":"4\u20136","key":"6_CR37","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1080\/19393555.2014.931491","volume":"23","author":"A Warikoo","year":"2014","unstructured":"Warikoo, A.: Proposed methodology for cyber criminal profiling. Inf. Secur. J. Global Perspect. 23(4\u20136), 172\u2013178 (2014)","journal-title":"Inf. Secur. J. Global Perspect."},{"key":"6_CR38","unstructured":"Wingrove, M.: Security flaws open ECDIS to cyber crime. Technical report, Riviera (2018). https:\/\/www.rivieramm.com\/opinion\/opinion\/security-flaws-open-ecdis-to-cyber-crime-24334. Accessed 20 Apr 2020"}],"container-title":["Lecture Notes in Computer Science","Graphical Models for Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-62230-5_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,24]],"date-time":"2021-04-24T22:28:17Z","timestamp":1619303297000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-62230-5_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030622299","9783030622305"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-62230-5_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"8 November 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"GraMSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Graphical Models for Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Boston, MA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 June 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"7","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"gramsec2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.gramsec.uni.lu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"14","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"7","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"50% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The workshop was held virtually due to the COVID-19 pandemic","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}