{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,1]],"date-time":"2025-06-01T04:08:33Z","timestamp":1748750913714,"version":"3.41.0"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319258966"},{"type":"electronic","value":"9783319258973"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-25897-3_6","type":"book-chapter","created":{"date-parts":[[2015,10,27]],"date-time":"2015-10-27T19:20:38Z","timestamp":1445973638000},"page":"75-90","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Analyzing Attack Strategies Through Anti-goal Refinement"],"prefix":"10.1007","author":[{"given":"Tong","family":"Li","sequence":"first","affiliation":[]},{"given":"Jennifer","family":"Horkoff","sequence":"additional","affiliation":[]},{"given":"Elda","family":"Paja","sequence":"additional","affiliation":[]},{"given":"Kristian","family":"Beckers","sequence":"additional","affiliation":[]},{"given":"John","family":"Mylopoulos","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,11,26]]},"reference":[{"issue":"12","key":"6_CR1","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees. Dr. Dobb\u2019s J. 24(12), 21\u201329 (1999)","journal-title":"Dr. Dobb\u2019s J."},{"issue":"1","key":"6_CR2","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/s00766-004-0194-4","volume":"10","author":"G Sindre","year":"2005","unstructured":"Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requirements Eng. 10(1), 34\u201344 (2005)","journal-title":"Requirements Eng."},{"issue":"3\u20134","key":"6_CR3","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/s13119-012-0012-0","volume":"2","author":"A Morais","year":"2013","unstructured":"Morais, A., Hwang, I., Cavalli, A., Martins, E.: Generating attack scenarios for the system security validation. Networking Sci. 2(3\u20134), 69\u201380 (2013)","journal-title":"Networking Sci."},{"key":"6_CR4","volume-title":"Threat Modeling: Designing for Security","author":"A Shostack","year":"2014","unstructured":"Shostack, A.: Threat Modeling: Designing for Security. Wiley, Hoboken (2014)"},{"key":"6_CR5","doi-asserted-by":"crossref","unstructured":"Lamsweerde, A.V.: Elaborating security requirements by construction of intentional anti-models. In: ICSE, pp. 148\u2013157 (2004)","DOI":"10.1109\/ICSE.2004.1317437"},{"key":"6_CR6","unstructured":"Li, T., Paja, E., Mylopoulos, J., Horkoff, J., Beckers, K.: Holistic security requirements analysis: an attacker\u2019s perspective. In: Requirements Engineering Conference (RE), 2015 IEEE 23rd International (2015, to be published)"},{"key":"6_CR7","unstructured":"Li, T., Horkoff, J., Beckers, K., Paja, E., Mylopoulos, J.: A holistic approach to security attack modeling and analysis. In: Proceedings of the Eighth International i* Workshop (2015, to be published)"},{"key":"6_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1007\/978-3-319-07881-6_20","volume-title":"Advanced Information Systems Engineering","author":"T Li","year":"2014","unstructured":"Li, T., Horkoff, J.: Dealing with security requirements for socio-technical systems: a holistic approach. In: Jarke, M., Mylopoulos, J., Quix, C., Rolland, C., Manolopoulos, Y., Mouratidis, H., Horkoff, J. (eds.) CAiSE 2014. LNCS, vol. 8484, pp. 285\u2013300. Springer, Heidelberg (2014)"},{"key":"6_CR9","volume-title":"The Art of Deception: Controlling the Human Element of Security","author":"KD Mitnick","year":"2011","unstructured":"Mitnick, K.D., Simon, W.L.: The Art of Deception: Controlling the Human Element of Security. Wiley, New York (2011)"},{"key":"6_CR10","volume-title":"Counter Hack Reloaded: A Step-by-step Guide to Computer Attacks and Effective Defenses","author":"E Skoudis","year":"2005","unstructured":"Skoudis, E., Liston, T.: Counter Hack Reloaded: A Step-by-step Guide to Computer Attacks and Effective Defenses. Prentice Hall Press, Upper Saddle River (2005)"},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Jureta, I., Borgida, A., Ernst, N., Mylopoulos, J.: Techne: towards a new generation of requirements modeling languages with goals, preferences, and inconsistency handling. In: Proceedings of RE 2010, pp. 115\u2013124 (2010)","DOI":"10.1109\/RE.2010.24"},{"issue":"2","key":"6_CR12","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/s00766-013-0195-2","volume":"20","author":"R Scandariato","year":"2015","unstructured":"Scandariato, R., Wuyts, K., Joosen, W.: A descriptive study of microsofts threat modeling technique. Requirements Eng. 20(2), 163\u2013180 (2015)","journal-title":"Requirements Eng."},{"key":"6_CR13","unstructured":"ISO, I., Std, I.: Iso 27005: 2011. Information technology-Security techniques-Information security risk management. ISO (2011)"},{"key":"6_CR14","volume-title":"Model-driven Risk Analysis: The CORAS Approach","author":"MS Lund","year":"2010","unstructured":"Lund, M.S., Solhaug, B., St\u00f8len, K.: Model-driven Risk Analysis: The CORAS Approach. Springer Science & Business Media, Heidelberg (2010)"},{"key":"6_CR15","unstructured":"Li, T., Horkoff, J., Mylopoulos, J.: A prototype tool for modeling and analyzing security requirements from a holistic viewpoint. In: The CAiSE 2014 Forum at the 26th International Conference on Advanced Information Systems Engineering (2014)"},{"key":"6_CR16","doi-asserted-by":"crossref","unstructured":"Moore, A.P., Ellison, R.J., Linger, R.C.: Attack modeling for information security and survivability. Technical report, CMU-SEI-2001-TN-001. CARNEGIE-MELLON UNIV PITTSBURGH PA SOFTWARE ENGINEERING INST (2001)","DOI":"10.21236\/ADA387544"},{"key":"6_CR17","unstructured":"Barnum, S., Sethi, A.: Attack patterns as a knowledge resource for building secure software. In: OMG Software Assurance Workshop: Cigital (2007)"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Letier, E., Van Lamsweerde, A.: Agent-based tactics for goal-oriented requirements elaboration. In: Proceedings of the 24th International Conference on Software Engineering, pp. 83\u201393. ACM (2002)","DOI":"10.1145\/581352.581353"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Paul, S.: Towards automating the construction & maintenance of attack trees: a feasibility study. arXiv preprint arXiv:1404.1986 (2014)","DOI":"10.4204\/EPTCS.148.3"},{"key":"6_CR20","doi-asserted-by":"crossref","unstructured":"Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 Workshop on New security paradigms, pp. 71\u201379. ACM (1998)","DOI":"10.1145\/310889.310919"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: 2002 IEEE Symposium on Security and Privacy, Proceedings, pp. 273\u2013284. IEEE (2002)","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"6_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"216","DOI":"10.1007\/978-3-319-17016-9_14","volume-title":"Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance","author":"K Beckers","year":"2015","unstructured":"Beckers, K., Krautsevich, L., Yautsiukhin, A.: Analysis of social engineering threats with attack graphs. In: Garcia-Alfaro, J., Herrera-Joancomart\u00ed, J., Lupu, E., Posegga, J., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM\/SETOP\/QASA 2014. LNCS, vol. 8872, pp. 216\u2013232. Springer, Heidelberg (2015)"}],"container-title":["Lecture Notes in Business Information Processing","The Practice of Enterprise Modeling"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-25897-3_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,31]],"date-time":"2025-05-31T05:18:40Z","timestamp":1748668720000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-25897-3_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319258966","9783319258973"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-25897-3_6","relation":{},"ISSN":["1865-1348","1865-1356"],"issn-type":[{"type":"print","value":"1865-1348"},{"type":"electronic","value":"1865-1356"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"26 November 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}