{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T21:35:05Z","timestamp":1757626505237,"version":"3.44.0"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031944574"},{"type":"electronic","value":"9783031944581"}],"license":[{"start":{"date-parts":[[2025,8,31]],"date-time":"2025-08-31T00:00:00Z","timestamp":1756598400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,8,31]],"date-time":"2025-08-31T00:00:00Z","timestamp":1756598400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-031-94458-1_17","type":"book-chapter","created":{"date-parts":[[2025,8,30]],"date-time":"2025-08-30T15:54:48Z","timestamp":1756569288000},"page":"351-369","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Assessing and\u00a0Prioritizing Ransomware Risk Based on\u00a0Historical Victim Data"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-3483-1697","authenticated-orcid":false,"given":"Spencer","family":"Massengale","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0869-2147","authenticated-orcid":false,"given":"Philip","family":"Huff","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,8,31]]},"reference":[{"key":"17_CR1","unstructured":"Sophos, \u201cSophos state of ransomware 2023,\u201d Sophos, Tech. Rep., (2023). https:\/\/assets.sophos.com\/X24WTUEQ\/at\/c949g7693gsnjh9rb9gr8\/sophos-state-of-ransomware-2023-wp.pdf. Accessed 11 Feb 2023"},{"key":"17_CR2","doi-asserted-by":"crossref","unstructured":"Beaman, C., Barkworth, A., Akande, T. D., Hakak, S., Khan, M. K.:\u201cRansomware: recent advances, analysis, challenges and future research directions,\u201d en, Comput. Secur., vol. 111, pp. 102 490 (2021)","DOI":"10.1016\/j.cose.2021.102490"},{"key":"17_CR3","first-page":"1","volume":"13","author":"R Richardson","year":"2017","unstructured":"Richardson, R.: Ransomware: evolution, mitigation and prevention. Int. Manag. Rev. 13, 1 (2017)","journal-title":"Int. Manag. Rev."},{"key":"17_CR4","doi-asserted-by":"crossref","unstructured":"Sophos.: \u201cThe state of ransomware 2022.\u201d (2022). https:\/\/assets.sophos.com\/ X24WTUEQ\/at\/c5234fvn45pvmk5w6nhh4vkh\/sophos-state-of-ransomware-2022-infographic.pdf","DOI":"10.12968\/S1361-3723(22)70573-8"},{"key":"17_CR5","doi-asserted-by":"publisher","unstructured":"Sherborne, B., Trowbridge, T., Permana,G.: \u201cRansomware mitigation:an analytical investigation into the effects and trends of ransomware attacks on global business.\u201d(2022). https:\/\/doi.org\/10.31234\/osf.io\/ayc2d","DOI":"10.31234\/osf.io\/ayc2d"},{"key":"17_CR6","doi-asserted-by":"crossref","unstructured":"Wagner, T.D., Mahbub, K., Palomar, E., Abdallah, A.E.: \u201cCyber threat intelligence sharing: survey and research directions,\u201d Comput. Secur.,vol. 87, pp. 101-589 (2019)","DOI":"10.1016\/j.cose.2019.101589"},{"key":"17_CR7","unstructured":"J. Ettinger.: \u201cThe state of cyber intelligence practices in the united states:cyber intelligence tradecraft report,\u201d Carnegie Mellon University, Software Engineering Institute, Pittsburgh, PA, Tech. Rep. DM19-0447, 2019,Funded by the Department of Defense under Contract No. FA8702-15-D-0002. Approved for public release; distribution unlimited"},{"key":"17_CR8","unstructured":"Brown, R., Stirparo, P.: \u201cSans 2022 cyber threat intelligence survey,\u201dSANS Institute (2022), <pic-circle size=\"2\" \/>022 SANS\u2122Institute"},{"issue":"3","key":"17_CR9","first-page":"168","volume":"37","author":"J McHugh","year":"2021","unstructured":"McHugh, J., Childs, D., Jenkins, J.: An observational assessment of CTI standards for blue teams: student paper abstract. J. Comput. Sci. Coll. 37(3), 168 (2021)","journal-title":"J. Comput. Sci. Coll."},{"key":"17_CR10","unstructured":"G. Siracusano, D. Sanvito, R. Gonzalez, et al.: Time for action: automated analysis of cyber threat intelligence in the wild, (2023). arXiv: 2307.10214, https:\/\/arxiv.org\/abs\/2307.10214"},{"key":"17_CR11","doi-asserted-by":"publisher","unstructured":"Husari, G., Al-Shaer, E., Ahmed, M., Chu, B., Niu, X.: \u201cTtpdrill: automatic and accurate extraction of threat actions from unstructured text of cti sources,\u201d In: Proceedings of the 33rd Annual Computer Security Applications Conference, ser. ACSAC \u201917, Orlando, FL, USA: Association for Computing Machinery, 2017, pp. 103\u2013115, isbn: 9781450353458. https:\/\/doi.org\/10.1145\/3134600.3134646.","DOI":"10.1145\/3134600.3134646."},{"key":"17_CR12","unstructured":"Gao, P., et al.: Threatkg: a threat knowledge graph for automated open-source cyber threat intelligence gathering and management, (2022). arXiv: 2212.10388, https:\/\/arxiv.org\/abs\/2212.10388"},{"key":"17_CR13","doi-asserted-by":"publisher","unstructured":"Alam, M.T., Bhusal, D., Park, Y., Rastogi, N.: \u201cLooking beyond iocs:automatically extracting attack patterns from external CTI,\u201d In: Proceedings of the 26th International Symposium on Research in Attacks, Intrusions and Defenses, ser. RAID \u201923, Hong Kong, China: Association for Computing Machinery, 2023, pp. 92\u2013108, isbn: 9798400707650. https:\/\/doi.org\/10.1145\/3607199.3607208.","DOI":"10.1145\/3607199.3607208."},{"key":"17_CR14","unstructured":"MITRE Corporation. \u201cAtt and ck.\u201d Accessed 10 Oct 2023. (2023). https:\/\/attack.mitre.org\/"},{"key":"17_CR15","doi-asserted-by":"crossref","unstructured":"Zhou, Y., Tang, Y., Yi, M., Xi, C., Lu, H.: \u201cCTI view: APT threat intelligence analysis system,\u201d en, Security and Communication Networks (2022)","DOI":"10.1155\/2022\/9875199"},{"key":"17_CR16","doi-asserted-by":"crossref","unstructured":"Irshad, E., Basit Siddiqui, A.: \u201cCyber threat attribution using unstructured reports in cyber threat intelligence,\u201d Egypt. Inf. J. vol. 24, no. 1, pp. 43\u201359 (2023)","DOI":"10.1016\/j.eij.2022.11.001"},{"key":"17_CR17","doi-asserted-by":"crossref","unstructured":"McIntosh, T., Kayes, A.S.M., Chen, Y.P.P., Ng, A., Watters, P.: \u201cApplying staged event-driven access control to combat ransomware,\u201d Comput. Secur., vol. 128, pp. 103 160 (2023)","DOI":"10.1016\/j.cose.2023.103160"},{"key":"17_CR18","doi-asserted-by":"crossref","unstructured":"Oujezsky, V., Novak, P., Horvath, T., Holik, M., Jurcik, M.: \u201cData backup system with integrated active protection against ransomware,\u201d In: 2023 46th International Conference on Telecommunications and Signal Processing (TSP), IEEE, 2023, pp. 65\u201369","DOI":"10.1109\/TSP59544.2023.10197687"},{"key":"17_CR19","doi-asserted-by":"crossref","unstructured":"Thomas, J.: \u201cIndividual cyber security: empowering employees to resist spear phishing to prevent identity theft and ransomware attacks,\u201d en. Int. J. Indian Cult. Bus. Manage. 13(6), 1 (2018)","DOI":"10.5539\/ijbm.v13n6p1"},{"key":"17_CR20","doi-asserted-by":"crossref","unstructured":"Chayal, N.M., Saxena, A., Khan, R.: \u201cA review on spreading and forensics analysis of Windows-Based ransomware,\u201d Ann. Data Sci. (2022)","DOI":"10.1007\/s40745-022-00417-5"},{"issue":"2","key":"17_CR21","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/s11390-021-0263-x","volume":"37","author":"GY Kim","year":"2022","unstructured":"Kim, G.Y., Paik, J.-Y., Kim, Y., Cho, E.-S.: Byte frequency based indicators for crypto-ransomware detection from empirical analysis. J. Comput. Sci. Technol. 37(2), 423\u2013442 (2022)","journal-title":"J. Comput. Sci. Technol."},{"key":"17_CR22","doi-asserted-by":"publisher","unstructured":"Aldaraani, N., Begum, Z.: \u201cUnderstanding the impact of ransomware:a survey on its evolution, mitigation and prevention techniques,\u201d In: 2018 21st Saudi Computer Society National Computer Conference (NCC), 2018,pp. 1\u20135. https:\/\/doi.org\/10.1109\/NCG.2018.8593029.","DOI":"10.1109\/NCG.2018.8593029."},{"key":"17_CR23","doi-asserted-by":"crossref","unstructured":"evesque, F. L.L., Fernandez, J. M., Somayaji, A.: \u201cRisk prediction of malware victimization based on user behavior,\u201d In: 2014 9th International Conference on Malicious and Unwanted Software: The Americas (MALWARE),IEEE, 2014, pp. 128\u2013134","DOI":"10.1109\/MALWARE.2014.6999412"},{"issue":"4","key":"17_CR24","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3568994","volume":"4","author":"Y Yilmaz","year":"2023","unstructured":"Yilmaz, Y., Cetin, O., Grigore, C., Arief, B., Hernandez-Castro, J.: Personality types and ransomware victimisation. Digit. Threats 4(4), 1\u201325 (2023)","journal-title":"Digit. Threats"},{"key":"17_CR25","unstructured":"Mousquenton, J.: \u201cRansomware live.\u201d Licensed under CC BY-NC 4.0. (2023). https:\/\/ransomware.live\/#\/"},{"key":"17_CR26","unstructured":"Wei, J., et al.: \u201cChain-of-thought prompting elicits reasoning in large language models,\u201d Adv. Neural Inf. Process. Syst. vol. 35, pp. 24 824\u201324 837 (2022)"},{"key":"17_CR27","unstructured":"OASIS. \u201cStructured threat information expression (stix\u2122 2.1) - introduction.\u201d (2023). https:\/\/oasis-open.github.io\/cti-documentation\/stix\/intro.html.Accessed 12 Oct 2023"},{"key":"17_CR28","unstructured":"Kojima, T., Gu, S. S., Reid, M., Matsuo, Y., Iwasawa, Y.: Large language models are zero-shot reasoners, 2023. arXiv: 2205.11916"},{"key":"17_CR29","unstructured":"\u201cNist national vulnerability database.\u201d www.nvd.nist.gov"},{"issue":"1","key":"17_CR30","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/s10207-020-00490-y","volume":"20","author":"D Schlette","year":"2021","unstructured":"Schlette, D., B\u00f6hm, F., Caselli, M., Pernul, G.: Measuring and visualizing cyber threat intelligence quality. Int. J. Inf. Secur. 20(1), 21\u201338 (2021)","journal-title":"Int. J. Inf. Secur."},{"key":"17_CR31","unstructured":"Google. \u201cWelcome to the gemini era.\u201d (2023). https:\/\/deepmind.google\/technologies\/gemini\/#introduction.Accessed 14 Dec 2023"},{"key":"17_CR32","doi-asserted-by":"crossref","unstructured":"X. \u201cAnnouncing grok.\u201d (2023). https:\/\/x.ai\/.Accessed 14 Dec 2023","DOI":"10.5962\/p.381601"},{"key":"17_CR33","unstructured":"Anthrooic LLM, Anthropc (2024). https:\/\/www.anthropic.com\/"},{"key":"17_CR34","unstructured":"Meta. \u201cIntroducin llama 2.\u201d (2023). https:\/\/ai.meta.com\/llama\/.Accessed 14 Dec 2023"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-94458-1_17","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,9]],"date-time":"2025-09-09T22:44:48Z","timestamp":1757457888000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-94458-1_17"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,31]]},"ISBN":["9783031944574","9783031944581"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-94458-1_17","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2025,8,31]]},"assertion":[{"value":"31 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Dubai","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Arab Emirates","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/securecomm.eai-conferences.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}