{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T20:28:00Z","timestamp":1757622480203,"version":"3.44.0"},"publisher-location":"Cham","reference-count":23,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783032006325"},{"type":"electronic","value":"9783032006332"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-032-00633-2_8","type":"book-chapter","created":{"date-parts":[[2025,8,8]],"date-time":"2025-08-08T10:15:26Z","timestamp":1754648126000},"page":"122-138","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Risk-Aware Adaptive Cyber Deception Guided by\u00a0Large Language Models"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0000-5274-1570","authenticated-orcid":false,"given":"David Lopes","family":"Antunes","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-4253-1232","authenticated-orcid":false,"given":"Pavlos","family":"Cheimonidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5411-2716","authenticated-orcid":false,"given":"Eleftherios","family":"Batzolis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2454-5630","authenticated-orcid":false,"given":"Kyriakos","family":"Ovaliadis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3828-4136","authenticated-orcid":false,"given":"Salvador Llopis","family":"Sanchez","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2453-3904","authenticated-orcid":false,"given":"Konstantinos","family":"Rantos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,8,9]]},"reference":[{"key":"8_CR1","unstructured":"Exploit Prediction Scoring System (EPSS). www.first.org\/epss\/. Accessed 13 Aug 2024"},{"key":"8_CR2","unstructured":"National Vulnerability Database (NVD). www.nvd.nist.gov\/. Accessed 10 Aug 2024"},{"key":"8_CR3","unstructured":"Batzolis, E.: Github - lefteris-b\/system_prompts_for_deception_agents: System prompts for AI cyber deception agents. https:\/\/github.com\/Lefteris-B\/System_prompts_for_Deception_Agents (2025). Accessed 12 May 2025"},{"key":"8_CR4","doi-asserted-by":"publisher","unstructured":"Beltr\u00e1n\u00a0L\u00f3pez, P., Gil\u00a0P\u00e9rez, M., Nespoli, P.: Cyber Deception: State of the art, Trends and Open challenges (2024). https:\/\/doi.org\/10.48550\/arXiv.2409.07194, arXiv:2409.07194 [cs]","DOI":"10.48550\/arXiv.2409.07194"},{"issue":"10","key":"8_CR5","doi-asserted-by":"publisher","first-page":"324","DOI":"10.3390\/fi15100324","volume":"15","author":"P Cheimonidis","year":"2023","unstructured":"Cheimonidis, P., Rantos, K.: Dynamic risk assessment in cybersecurity: a systematic literature review. Future Internet 15(10), 324 (2023)","journal-title":"Future Internet"},{"issue":"4","key":"8_CR6","doi-asserted-by":"publisher","first-page":"2171","DOI":"10.3390\/app15042171","volume":"15","author":"P Cheimonidis","year":"2025","unstructured":"Cheimonidis, P., Rantos, K.: A dynamic risk assessment and mitigation model. Appl. Sci. 15(4), 2171 (2025)","journal-title":"Appl. Sci."},{"key":"8_CR7","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2025.104439","volume":"154","author":"P Cheimonidis","year":"2025","unstructured":"Cheimonidis, P., Rantos, K.: A novel proactive and dynamic cyber risk assessment methodology. Comput. Secur. 154, 104439 (2025)","journal-title":"Comput. Secur."},{"key":"8_CR8","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1016\/j.jss.2018.03.031","volume":"141","author":"C De Faveri","year":"2018","unstructured":"De Faveri, C., Moreira, A., Amaral, V.: Multi-paradigm deception modeling for cyber defense. J. Syst. Softw. 141, 32\u201351 (2018). https:\/\/doi.org\/10.1016\/j.jss.2018.03.031","journal-title":"J. Syst. Softw."},{"key":"8_CR9","doi-asserted-by":"publisher","unstructured":"Grimaila, M.R., Mills, R.F., Fortson, L.W.: Improving the cyber incident mission impact assessment (CIMIA) process. In: Proceedings of the 4th Annual Workshop on Cyber Security and Information Intelligence Research: Developing Strategies to Meet the Cyber Security and Information Intelligence Challenges Ahead. CSIIRW \u201908, Association for Computing Machinery, New York, NY, USA (2008). https:\/\/doi.org\/10.1145\/1413140.1413177","DOI":"10.1145\/1413140.1413177"},{"key":"8_CR10","doi-asserted-by":"publisher","unstructured":"Huang, L., Zhu, Q.: A dynamic games approach to proactive defense strategies against advanced persistent threats in cyber-physical systems. Comput. Secur. 89 (2020). https:\/\/doi.org\/10.1016\/j.cose.2019.101660","DOI":"10.1016\/j.cose.2019.101660"},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Islam, M.M., Al-Shaer, E.: Active deception framework: an extensible development environment for adaptive cyber deception. In: 2020 IEEE Secure Development (SecDev), pp. 41\u201348. IEEE (2020)","DOI":"10.1109\/SecDev45635.2020.00023"},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Javadpour, A., Ja\u2019fari, F., Taleb, T., Shojafar, M., Benza\u00efd, C.: A comprehensive survey on cyber deception techniques to improve honeypot performance. Comput. Secur. 103792 (2024)","DOI":"10.1016\/j.cose.2024.103792"},{"key":"8_CR13","doi-asserted-by":"crossref","unstructured":"Jensen, F., Nielsen, T.: Bayesian Networks and Decision Graphs. Springer, 2nd edn. (2007)","DOI":"10.1007\/978-0-387-68282-2"},{"issue":"6","key":"8_CR14","doi-asserted-by":"publisher","first-page":"1002","DOI":"10.1109\/TDSC.2016.2644614","volume":"15","author":"P Johnson","year":"2018","unstructured":"Johnson, P., Lagerstr\u00f6m, R., Ekstedt, M., Franke, U.: Can the common vulnerability scoring system be trusted? A bayesian analysis. IEEE Trans. Dependable Secure Comput. 15(6), 1002\u20131015 (2018)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"1","key":"8_CR15","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1111\/j.1539-6924.1981.tb01350.x","volume":"1","author":"S Kaplan","year":"1981","unstructured":"Kaplan, S., Garrick, B.J.: On the quantitative definition of risk. Risk Anal. 1(1), 11\u201327 (1981)","journal-title":"Risk Anal."},{"issue":"3","key":"8_CR16","doi-asserted-by":"publisher","first-page":"178","DOI":"10.1049\/ise2.12050","volume":"16","author":"H Li","year":"2022","unstructured":"Li, H., Guo, Y., Sun, P., Wang, Y., Huo, S.: An optimal defensive deception framework for the container-based cloud with deep reinforcement learning. IET Inf. Secur. 16(3), 178\u2013192 (2022). https:\/\/doi.org\/10.1049\/ise2.12050","journal-title":"IET Inf. Secur."},{"key":"8_CR17","doi-asserted-by":"publisher","unstructured":"Llopis\u00a0Sanchez, S., Lopes\u00a0Antunes, D.: Operation assessment in cyberspace: Understanding the effects of cyber deception. In: Proceedings of the 19th International Conference on Availability, Reliability and Security. ARES \u201924, Association for Computing Machinery, New York, NY, USA (2024). https:\/\/doi.org\/10.1145\/3664476.3672355","DOI":"10.1145\/3664476.3672355"},{"key":"8_CR18","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1016\/j.ress.2016.01.004","volume":"151","author":"L Mkrtchyan","year":"2016","unstructured":"Mkrtchyan, L., Podofillini, L., Dang, V.: Methods for building conditional probability tables of Bayesian belief networks from limited judgment: an evaluation for human reliability application. Reliab. Eng. Syst. Saf. 151, 93\u2013112 (2016). https:\/\/doi.org\/10.1016\/j.ress.2016.01.004","journal-title":"Reliab. Eng. Syst. Saf."},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Peng, Y., Huang, K., Tu, W., Zhou, C.: A model-data integrated cyber security risk assessment method for industrial control systems. In: 2018 IEEE 7th Data Driven Control and Learning Systems Conference (DDCLS), pp. 344\u2013349. IEEE (2018)","DOI":"10.1109\/DDCLS.2018.8516022"},{"issue":"1","key":"8_CR20","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using Bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9(1), 61\u201374 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"8_CR21","doi-asserted-by":"publisher","unstructured":"Sajid, M.S.I., et al.: SODA: a system for cyber deception orchestration and automation. In: Proceedings of the 37th Annual Computer Security Applications Conference, pp. 675\u2013689. ACSAC \u201921, Association for Computing Machinery, New York, NY, USA (2021). https:\/\/doi.org\/10.1145\/3485832.3485918","DOI":"10.1145\/3485832.3485918"},{"issue":"3","key":"8_CR22","doi-asserted-by":"publisher","first-page":"1909","DOI":"10.1109\/COMST.2020.2982955","volume":"22","author":"S Sengupta","year":"2020","unstructured":"Sengupta, S., Chowdhary, A., Sabur, A., Alshamrani, A., Huang, D., Kambhampati, S.: A survey of moving target defenses for network security. TutorialsIEEE Commun. Surv. Tutorials 22(3), 1909\u20131941 (2020). https:\/\/doi.org\/10.1109\/COMST.2020.2982955","journal-title":"TutorialsIEEE Commun. Surv. Tutorials"},{"key":"8_CR23","doi-asserted-by":"publisher","unstructured":"Wang, R., Yang, C., Deng, X., Zhou, Y., Liu, Y., Tian, Z.: Turn the tables: proactive deception defense decision-making based on Bayesian attack graphs and Stackelberg games. Neurocomputing 638 (2025). https:\/\/doi.org\/10.1016\/j.neucom.2025.130139","DOI":"10.1016\/j.neucom.2025.130139"}],"container-title":["Lecture Notes in Computer Science","Availability, Reliability and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-00633-2_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T19:42:20Z","timestamp":1757360540000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-00633-2_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783032006325","9783032006332"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-00633-2_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"9 August 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"The authors have no competing interests to declare that are relevant to the content of this article.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Disclosure of Interests"}},{"value":"ARES","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Availability, Reliability and Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Ghent","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Belgium","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ares-12025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2025.ares-conference.eu","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}