{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,11]],"date-time":"2026-02-11T00:03:39Z","timestamp":1770768219887,"version":"3.50.0"},"publisher-location":"Cham","reference-count":32,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031737084","type":"print"},{"value":"9783031737091","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,10,9]],"date-time":"2024-10-09T00:00:00Z","timestamp":1728432000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,10,9]],"date-time":"2024-10-09T00:00:00Z","timestamp":1728432000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-73709-1_22","type":"book-chapter","created":{"date-parts":[[2024,10,8]],"date-time":"2024-10-08T10:12:01Z","timestamp":1728382321000},"page":"356-372","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Attack Tree Generation via\u00a0Process Mining"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0206-5217","authenticated-orcid":false,"given":"Alyzia-Maria","family":"Konsta","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2487-1164","authenticated-orcid":false,"given":"Gemma","family":"Di Federico","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7405-0818","authenticated-orcid":false,"given":"Alberto","family":"Lluch Lafuente","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0837-0183","authenticated-orcid":false,"given":"Andrea","family":"Burattin","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,10,9]]},"reference":[{"issue":"1","key":"22_CR1","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/MCI.2009.935307","volume":"5","author":"WM van der Aalst","year":"2010","unstructured":"van der Aalst, W.M.: Process discovery: capturing the invisible. IEEE Comput. Intell. Mag. 5(1), 28\u201341 (2010)","journal-title":"IEEE Comput. Intell. Mag."},{"key":"22_CR2","doi-asserted-by":"crossref","unstructured":"van\u00a0der Aalst, W.M., Weijters, A.: Process mining (2005)","DOI":"10.1002\/0471741442.ch10"},{"key":"22_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1007\/978-3-319-46263-9_2","volume-title":"Graphical Models for Security","author":"M Audinot","year":"2016","unstructured":"Audinot, M., Pinchinat, S.: On the soundness of attack trees. In: Kordy, B., Ekstedt, M., Kim, D.S. (eds.) GraMSec 2016. LNCS, vol. 9987, pp. 25\u201338. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-46263-9_2"},{"key":"22_CR4","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102381","volume":"109","author":"MH ter Beek","year":"2021","unstructured":"ter Beek, M.H., Legay, A., Lafuente, A.L., Vandin, A.: Quantitative security risk modeling and analysis with RisQFLan. Comput. Secur. 109, 102381 (2021)","journal-title":"Comput. Secur."},{"key":"22_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-030-41702-4_10","volume-title":"Information Security Theory and Practice","author":"J Bryans","year":"2020","unstructured":"Bryans, J., Liew, L.S., Nguyen, H.N., Sabaliauskaite, G., Shaikh, S., Zhou, F.: A template-based method for the generation of attack trees. In: Laurent, M., Giannetsos, T. (eds.) WISTP 2019. LNCS, vol. 12024, pp. 155\u2013165. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-41702-4_10"},{"key":"22_CR6","doi-asserted-by":"publisher","unstructured":"\u00c7amtepe, S.A., Yener, B.: Modeling and detection of complex attacks. In: Third International Conference on Security and Privacy in Communication Networks and the Workshops, SecureComm 2007, Nice, France, 17\u201321 September 2007, pp. 234\u2013243. IEEE (2007). https:\/\/doi.org\/10.1109\/SECCOM.2007.4550338","DOI":"10.1109\/SECCOM.2007.4550338"},{"key":"22_CR7","unstructured":"Casaluce, R.: Process mining meets statistical model checking to explain threat models: novel approach to model validation and enhancement (extended abstract). In: Hassani, M., Koschmider, A., Comuzzi, M., Maggi, F.M., Pufahl, L. (eds.) Proceedings of the ICPM Doctoral Consortium and Demo Track 2022 co-located with 4th International Conference on Process Mining (ICPM 2022), Bolzano, Italy, October, 2022. CEUR Workshop Proceedings, vol.\u00a03299, pp. 13\u201317. CEUR-WS.org (2022). https:\/\/ceur-ws.org\/Vol-3299\/Paper03.pdf"},{"key":"22_CR8","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2024.111983","volume":"210","author":"R Casaluce","year":"2024","unstructured":"Casaluce, R., Burattin, A., Chiaromonte, F., Lafuente, A.L., Vandin, A.: White-box validation of quantitative product lines by statistical model checking and process mining. J. Syst. Softw. 210, 111983 (2024). https:\/\/doi.org\/10.1016\/j.jss.2024.111983","journal-title":"J. Syst. Softw."},{"key":"22_CR9","series-title":"LNBIP","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/978-3-031-25383-6_18","volume-title":"BPM 2022","author":"R Casaluce","year":"2022","unstructured":"Casaluce, R., Burattin, A., Chiaromonte, F., Vandin, A.: Process mining meets statistical model checking: towards a novel approach to model validation and enhancement. In: Cabanillas, C., Garmann-Johnsen, N.F., Koschmider, A. (eds.) BPM 2022. LNBIP, vol. 460, pp. 243\u2013256. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-25383-6_18"},{"key":"22_CR10","unstructured":"Casaluce, R., Burratin, A., Chiaromonte, F., Lluch-Lafuente, A., Vandin, A.: Enhancing threat model validation: a white-box approach based on statistical model checking and process mining. In: Breve, B., Desolda, G., Deufemia, V., Spano, L.D. (eds.) Proceedings of the First International Workshop on Detection And Mitigation Of Cyber attacks that exploit human vuLnerabilitiES (DAMOCLES 2024) co-located with 17th International Conference on Advanced Visual Interfaces (AVI 2024), Arenzano (Genoa), Italy, Arenzano, Italy, 4 June 2024. CEUR Workshop Proceedings, vol.\u00a03713, pp. 9\u201320. CEUR-WS.org (2024). https:\/\/ceur-ws.org\/Vol-3713\/paper_2.pdf"},{"key":"22_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"164","DOI":"10.1007\/978-3-319-68063-7_11","volume-title":"Security and Trust Management","author":"O Gadyatskaya","year":"2017","unstructured":"Gadyatskaya, O., Jhawar, R., Mauw, S., Trujillo-Rasua, R., Willemse, T.A.C.: Refinement-aware generation of attack trees. In: Livraga, G., Mitchell, C. (eds.) STM 2017. LNCS, vol. 10547, pp. 164\u2013179. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-68063-7_11"},{"key":"22_CR12","doi-asserted-by":"crossref","unstructured":"Hong, J.B., Kim, D.S., Takaoka, T.: Scalable attack representation model using logic reduction techniques. In: IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 404\u2013411 (2013)","DOI":"10.1109\/TrustCom.2013.51"},{"key":"22_CR13","series-title":"IFIP Advances in Information and Communication Technology","doi-asserted-by":"publisher","first-page":"339","DOI":"10.1007\/978-3-319-18467-8_23","volume-title":"ICT Systems Security and Privacy Protection","author":"R Jhawar","year":"2015","unstructured":"Jhawar, R., Kordy, B., Mauw, S., Radomirovi\u0107, S., Trujillo-Rasua, R.: Attack trees with sequential conjunction. In: Federrath, H., Gollmann, D. (eds.) SEC 2015. IAICT, vol. 455, pp. 339\u2013353. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-18467-8_23"},{"key":"22_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/978-3-030-01141-3_6","volume-title":"Security and Trust Management","author":"R Jhawar","year":"2018","unstructured":"Jhawar, R., Lounis, K., Mauw, S., Ram\u00edrez-Cruz, Y.: Semi-automatically augmenting attack trees using an annotated attack tree library. In: Katsikas, S.K., Alcaraz, C. (eds.) STM 2018. LNCS, vol. 11091, pp. 85\u2013101. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-01141-3_6"},{"key":"22_CR15","doi-asserted-by":"crossref","unstructured":"Konsta, A.M., Di\u00a0Federico, G., Lafuente, A.L., Burattin, A.: Attack tree generation via process mining. arXiv preprint arXiv:2402.12040 (2024)","DOI":"10.1007\/978-3-031-73709-1_22"},{"key":"22_CR16","doi-asserted-by":"publisher","DOI":"10.1016\/J.COSE.2023.103602","volume":"137","author":"AM Konsta","year":"2024","unstructured":"Konsta, A.M., Lluch-Lafuente, A., Spiga, B., Dragoni, N.: Survey: aautomatic generation of attack trees and attack graphs. Comput. Secur. 137, 103602 (2024). https:\/\/doi.org\/10.1016\/J.COSE.2023.103602","journal-title":"Comput. Secur."},{"key":"22_CR17","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cosrev.2014.07.001","volume":"13\u201314","author":"B Kordy","year":"2014","unstructured":"Kordy, B., Pi\u00e8tre-Cambac\u00e9d\u00e8s, L., Schweitzer, P.: DAG-based attack and defense modeling: don\u2019t miss the forest for the attack trees. Comput. Sci. Rev. 13\u201314, 1\u201338 (2014)","journal-title":"Comput. Sci. Rev."},{"key":"22_CR18","doi-asserted-by":"crossref","unstructured":"Kumar, R.: An attack tree template based on feature diagram hierarchy. In: International Conference on Dependability in Sensor, Cloud and Big Data Systems and Application, pp. 92\u201397 (2020)","DOI":"10.1109\/DependSys51298.2020.00022"},{"key":"22_CR19","unstructured":"Leemans, S.J.: Robust process mining with guarantees. In: BPM (Dissertation\/Demos\/Industry), pp. 46\u201350. Springer, Cham (2018)"},{"issue":"2","key":"22_CR20","doi-asserted-by":"publisher","first-page":"599","DOI":"10.1007\/s10270-016-0545-x","volume":"17","author":"SJ Leemans","year":"2018","unstructured":"Leemans, S.J., Fahland, D., Van der Aalst, W.M.: Scalable process discovery and conformance checking. Softw. Syst. Model. 17(2), 599\u2013631 (2018)","journal-title":"Softw. Syst. Model."},{"key":"22_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-642-38697-8_17","volume-title":"Application and Theory of Petri Nets and Concurrency","author":"SJJ Leemans","year":"2013","unstructured":"Leemans, S.J.J., Fahland, D., van der Aalst, W.M.P.: Discovering block-structured process models from event logs - a constructive approach. In: Colom, J.-M., Desel, J. (eds.) PETRI NETS 2013. LNCS, vol. 7927, pp. 311\u2013329. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38697-8_17"},{"key":"22_CR22","doi-asserted-by":"crossref","unstructured":"Mantel, H., Probst, C.W.: On the meaning and purpose of attack trees. In: IEEE Computer Security Foundations Symposium, pp. 184\u2013199. IEEE (2019)","DOI":"10.1109\/CSF.2019.00020"},{"key":"22_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/11734727_17","volume-title":"Information Security and Cryptology - ICISC 2005","author":"S Mauw","year":"2006","unstructured":"Mauw, S., Oostdijk, M.: Foundations of attack trees. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 186\u2013198. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11734727_17"},{"key":"22_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-319-29968-6_7","volume-title":"Graphical Models for Security","author":"S Pinchinat","year":"2016","unstructured":"Pinchinat, S., Acher, M., Vojtisek, D.: ATSyRa: an integrated environment for synthesizing attack trees. In: Mauw, S., Kordy, B., Jajodia, S. (eds.) GraMSec 2015. LNCS, vol. 9390, pp. 97\u2013101. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-29968-6_7"},{"key":"22_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1007\/978-3-030-62230-5_2","volume-title":"Graphical Models for Security","author":"S Pinchinat","year":"2020","unstructured":"Pinchinat, S., Schwarzentruber, F., L\u00ea Cong, S.: Library-based attack tree synthesis. In: Eades III, H., Gadyatskaya, O. (eds.) GraMSec 2020. LNCS, vol. 12419, pp. 24\u201344. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-62230-5_2"},{"issue":"12","key":"22_CR26","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees. Dr. Dobb\u2019s J. 24(12), 21\u201329 (1999)","journal-title":"Dr. Dobb\u2019s J."},{"key":"22_CR27","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102381","volume":"109","author":"MH ter Beek","year":"2021","unstructured":"ter Beek, M.H., Legay, A., Lluch Lafuente, A., Vandin, A.: Quantitative security risk modeling and analysis with RisQFLan. Comput. Secur. 109, 102381 (2021). https:\/\/doi.org\/10.1016\/j.cose.2021.102381","journal-title":"Comput. Secur."},{"key":"22_CR28","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-49851-4","volume-title":"Process Mining: Data Science in Action","author":"W Van Der Aalst","year":"2016","unstructured":"Van Der Aalst, W.: Process Mining: Data Science in Action, vol. 2. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49851-4"},{"key":"22_CR29","doi-asserted-by":"crossref","unstructured":"Vigo, R., Nielson, F., Nielson, H.R.: Automated generation of attack trees. In: 2014 IEEE 27th Computer Security Foundations Symposium, pp. 337\u2013350 (2014)","DOI":"10.1109\/CSF.2014.31"},{"key":"22_CR30","unstructured":"Weijters, A., van Der\u00a0Aalst, W.M., De\u00a0Medeiros, A.A.: Process mining with the heuristics miner-algorithm. TU\/e, Technical report. WP 166, 1\u201334 (2006)"},{"issue":"4","key":"22_CR31","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3331524","volume":"52","author":"W Wide\u0142","year":"2019","unstructured":"Wide\u0142, W., Audinot, M., Fila, B., Pinchinat, S.: Beyond 2014: formal methods for attack tree-based security modeling. ACM Comput. Surv. 52(4), 1\u201336 (2019)","journal-title":"ACM Comput. Surv."},{"issue":"11","key":"22_CR32","doi-asserted-by":"publisher","first-page":"279","DOI":"10.3390\/a13110279","volume":"13","author":"SJ van Zelst","year":"2020","unstructured":"van Zelst, S.J., Leemans, S.J.: Translating workflow nets to process trees: an algorithmic approach. Algorithms 13(11), 279 (2020)","journal-title":"Algorithms"}],"container-title":["Lecture Notes in Computer Science","Leveraging Applications of Formal Methods, Verification and Validation. REoCAS Colloquium in Honor of Rocco De Nicola"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-73709-1_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T09:07:03Z","timestamp":1729674423000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-73709-1_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,9]]},"ISBN":["9783031737084","9783031737091"],"references-count":32,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-73709-1_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,10,9]]},"assertion":[{"value":"9 October 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ISoLA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Leveraging Applications of Formal Methods","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Crete","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"31 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"isola2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/isola-conference.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}