{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T02:57:30Z","timestamp":1742957850328,"version":"3.40.3"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031351891"},{"type":"electronic","value":"9783031351907"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-35190-7_8","type":"book-chapter","created":{"date-parts":[[2023,6,7]],"date-time":"2023-06-07T19:02:26Z","timestamp":1686164546000},"page":"93-118","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["An Assessment Model for\u00a0Prioritizing CVEs in\u00a0Critical Infrastructures in\u00a0the\u00a0Context of\u00a0Time and\u00a0Fault Criticality"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-9900-9528","authenticated-orcid":false,"given":"Erfan","family":"Koza","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,6,8]]},"reference":[{"key":"8_CR1","doi-asserted-by":"crossref","unstructured":"Jeong, J., Mihelcic, J., Oliver, G., Rudolph, C.: Towards an improved understanding of human factors in cybersecurity. In: IEEE 2019: Proceedings of the 1st International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, pp. 338\u2013345. IEEE, Piscataway (2019)","DOI":"10.1109\/CIC48465.2019.00047"},{"key":"8_CR2","doi-asserted-by":"crossref","unstructured":"Hurst, W., Shone, N., Monnet, Q.: Predicting the effects of DDoS attacks on a network of critical infrastructures. In: IEEE 2015: Proceedings of the International Conference on Computer and Information Technology, UK (2015)","DOI":"10.1109\/CIT\/IUCC\/DASC\/PICOM.2015.256"},{"key":"8_CR3","doi-asserted-by":"crossref","unstructured":"Wang, H., Chen, Z., Zhao, J., Di, X., Liu, D.: A vulnerability assessment method in industrial internet of things based on attack graph and maximum flow, pp. 8599\u20138609. IEEE (2018)","DOI":"10.1109\/ACCESS.2018.2805690"},{"key":"8_CR4","doi-asserted-by":"crossref","unstructured":"Alperin, K.B., Wollaber, A.B., Gomez, S.R.: Improving interpretability for cyber vulnerability assessment using focus and context visualizations. In: Proceedings of ViZSec, 2020, USA, pp. 30\u201330. IEEE (2020)","DOI":"10.1109\/VizSec51108.2020.00011"},{"key":"8_CR5","unstructured":"ISO\/IEC 27002:2017-06, 2017: Information technology-Security techniques- Code of practice for information security controls, Beuth Verlag, Berlin, Germany (2017)"},{"key":"8_CR6","unstructured":"ISO\/IEC 27035\u20131:2016\u201311: Information technology-security techniques-Information security incident management- Part 1: Principles of incident management, Beuth Verlag, Berlin, Germany (2016)"},{"key":"8_CR7","unstructured":"National Institute of Standards and Technology, Computer Security Incident Handling Guide, U.S. Department of Commerce, Washington, D.C., SP 800\u201361, Revision 1 Mar 2008"},{"key":"8_CR8","unstructured":"FIRST, The EPSS Model. Accessed 21 Jan 2022"},{"key":"8_CR9","doi-asserted-by":"crossref","unstructured":"Bol\u00edvar, H., Parada, H.D.J., Roa, O., Velandia, J.: Multi-criteria decision making model for vulnerabilities assessment in cloud computing regarding common vulnerability scoring system. In: Proceedings of CONIITI, Bogota, Colombia, 2019, pp. 1-6. IEEE (2019)","DOI":"10.1109\/CONIITI48476.2019.8960909"},{"key":"8_CR10","first-page":"1","volume-title":"icABCD 2020: IEEE","author":"M Vanamala","year":"2020","unstructured":"Vanamala, M., Yuan, X., Roy, K.: Modeling and classification of common vulnerabilities and exposures database. In: icABCD 2020: IEEE, pp. 1\u20135. Durban, South Africa (2020)"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Kebande, V.R., Kigwana, I., Venter, H.S., Karie, N.M., Wario, R.D.: CVSS metric-based analysis, classification and assessment of computer network threats and vulnerabilities. In: icABCD 2018: IEEE, South Africa, pp. 1\u201310 (2018)","DOI":"10.1109\/ICABCD.2018.8465420"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Almukaynizi, M., Nunes, E., Dharaiya, K., Sennguttuvan, M., Shakarian, J., Shakarian, P.: Proactive identification of exploits in the wild through vulnerability mentions online. In: IEEE 2017: Proceedings of CyCon U.S., United States, pp. 82-88 (2017)","DOI":"10.1109\/CYCONUS.2017.8167501"},{"issue":"1","key":"8_CR13","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1016\/j.jsis.2018.09.003","volume":"28","author":"MS Jalali","year":"2019","unstructured":"Jalali, M.S., Siegel, M., Madnick, S.: Decision-making and biases in cybersecurity capability development: evidence from a simulation game experiment. J. Strateg. Inf. Syst. 28(1), 66\u201382 (2019)","journal-title":"J. Strateg. Inf. Syst."},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Gianini, G., Cremonini, M., Rainini, A., Cota, G.L., Fossi, L.G.: A game theoretic approach to vulnerability patching. In: ICTRC 2015: Proceedings of the Information and Communication Technology Research, pp. 88-91 (2015)","DOI":"10.1109\/ICTRC.2015.7156428"},{"key":"8_CR15","doi-asserted-by":"crossref","unstructured":"Islam, C., Babar, M.A., Nepal, S.: An ontology-driven approach to automating the process of integrating security software systems. In: ICSSP 2019: Proceedings of the IEEE\/ACM ICSSP, Canada, pp. 54\u201363 (2019)","DOI":"10.1109\/ICSSP.2019.00017"},{"key":"8_CR16","doi-asserted-by":"crossref","unstructured":"DiMasse, D., et al.: A holistic approach to cyber physical systems security and resilience. In: IEEE 2020: Proceedings of SSS, Crystal City, VA, USA, pp. 1-8 (2020)","DOI":"10.1109\/SSS47320.2020.9197723"},{"key":"8_CR17","doi-asserted-by":"crossref","unstructured":"Wang, J.A., Guo, M., Wang, H., Xia, M., Zhou, L.: Environmental metrics for software security based on a vulnerability ontology. In: IEEE 2009: Proceedings of the International Conference on Secure Software Integration and Reliability Improvement, China, pp. 159\u2013168 (2009)","DOI":"10.1109\/SSIRI.2009.60"},{"key":"8_CR18","unstructured":"NIST. National Vulnerability Database. Accessed 21 Mar 2022"},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Pham, V., Dang, T.: CVExplorer: multi-dimensional visualization for common vulnerabilities and exposures. In: IEEE 2018, Seattle, WA, USA, pp. 1296-1301 (2018)","DOI":"10.1109\/BigData.2018.8622092"},{"key":"8_CR20","unstructured":"Boyd, J.R.: A Discourse on Winning and Losing, pp. 1\u2013400. Maxwell, AFB, Alabama, Edited and Compiled by Dr. Grant T. Hammond (2018)"},{"key":"8_CR21","series-title":"Progress in IS","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/978-3-030-88063-7_4","volume-title":"Advances and New Trends in Environmental Informatics","author":"E Koza","year":"2022","unstructured":"Koza, E., \u00d6zt\u00fcrk, A.: A literature review to analyze the state of the art of virtual power plants in context of information security. In: Wohlgemuth, V., Naumann, S., Behrens, G., Arndt, H.-K. (eds.) ENVIROINFO 2021. PI, pp. 49\u201369. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-88063-7_4"},{"key":"8_CR22","doi-asserted-by":"crossref","unstructured":"Koza, E.: Information security awareness and training as a holistic key factor - how can a human firewall take on a complementary role in information security? In: Ahram, T., Karwowski, W., (eds) Human Factors in Cybersecurity. AHFE (2022) International Conference. AHFE Open Access, vol 53. AHFE International","DOI":"10.54941\/ahfe1002201"},{"key":"8_CR23","unstructured":"Koza, E., \u00d6zt\u00fcrk, A.: Entwicklung eines adaptiven Anforderungsanalyse-Tools zur bedarfsgerechten Ermittlung von CERT und IDS Dienstleistungen f\u00fcr die Akteure in der Energiewirtschaft. In: Book: Cyber-Sicherheit ist Chefinnen und Chefsache! - Tagungsband zum 18. Deutschen IT-Sicherheitskongress, Bundesamt f\u00fcr Sicherheit in der Informationstechnik (Hg.), SecuMedia-Verlag Gau-Algesheim (2022)"}],"container-title":["Lecture Notes in Computer Science","Critical Information Infrastructures Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-35190-7_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,7]],"date-time":"2023-06-07T19:03:20Z","timestamp":1686164600000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-35190-7_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031351891","9783031351907"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-35190-7_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"8 June 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRITIS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Critical Information Infrastructures Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Munich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 September 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 September 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"critis2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/critis2022.comtessa.org\/welcome","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"16","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"62% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2-3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1-2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}