{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T18:37:21Z","timestamp":1766428641348,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319393803"},{"type":"electronic","value":"9783319393810"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-39381-0_21","type":"book-chapter","created":{"date-parts":[[2016,6,20]],"date-time":"2016-06-20T19:33:05Z","timestamp":1466451185000},"page":"234-246","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":19,"title":["Attack Tree Analysis for Insider Threats on the IoT Using Isabelle"],"prefix":"10.1007","author":[{"given":"Florian","family":"Kamm\u00fcller","sequence":"first","affiliation":[]},{"given":"Jason R. C.","family":"Nurse","sequence":"additional","affiliation":[]},{"given":"Christian W.","family":"Probst","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,6,21]]},"reference":[{"key":"21_CR1","doi-asserted-by":"publisher","first-page":"436","DOI":"10.1016\/j.procs.2015.03.175","volume":"45","author":"A Ambre","year":"2015","unstructured":"Ambre, A., Shekokar, N.: Insider threat detection using log analysis and event correlation. Procedia Comput. Sci. 45, 436\u2013445 (2015)","journal-title":"Procedia Comput. Sci."},{"key":"21_CR2","unstructured":"Bitdefender. Bitdefender research exposes security risks of android wearable devices (2014). \n                      http:\/\/www.darkreading.com\/partner-perspectives\/bitdefender\/bitdefender-research-exposes-security-risks-of-android-wearable-devices-\/a\/d-id\/1318005"},{"key":"21_CR3","volume-title":"The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud)","author":"DM Cappelli","year":"2012","unstructured":"Cappelli, D.M., Moore, A.P., Trzeciak, R.F.: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes (Theft, Sabotage, Fraud). Addison-Wesley Professional, Boston (2012)"},{"key":"21_CR4","doi-asserted-by":"crossref","unstructured":"Gavai, G., Sricharan, K., Gunning, D., Rolleston, R., Hanley, J., Singhal, M.: Detecting insider threat from enterprise social and online activity data. In: ACM CCS International Workshop on Managing Insider Security Threats. ACM (2015)","DOI":"10.1145\/2808783.2808784"},{"key":"21_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-642-04167-9_9","volume-title":"Formal Methods for Components and Objects","author":"L Henrio","year":"2009","unstructured":"Henrio, L., Kamm\u00fcller, F., Rivera, M.: An asynchronous distributed component model and its semantics. In: de Boer, F.S., Bonsangue, M.M., Madelaine, E. (eds.) FMCO 2008. LNCS, vol. 5751, pp. 159\u2013179. Springer, Heidelberg (2009)"},{"key":"21_CR6","doi-asserted-by":"crossref","unstructured":"Hoyer, S., Zakhariya, H., Sandner, T., Breitner, M.H.: Fraud prediction and the human factor: an approach to include human behavior in an automated fraud audit. In: 45th Hawaii International Conference on System Science (HICSS). IEEE (2012)","DOI":"10.1109\/HICSS.2012.289"},{"key":"21_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"631","DOI":"10.1007\/978-3-319-20376-8_56","volume-title":"Human Aspects of Information Security, Privacy, and Trust","author":"U Hugl","year":"2015","unstructured":"Hugl, U.: Putting a hat on a Hen? Learnings for malicious insider threat prevention from the background of German white-collar crime research. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2015. LNCS, vol. 9190, pp. 631\u2013641. Springer, Heidelberg (2015)"},{"issue":"1","key":"21_CR8","first-page":"4","volume":"2","author":"J Hunker","year":"2011","unstructured":"Hunker, J., Probst, C.W.: Insiders and insider threatsan overview of definitions and mitigation techniques. J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl. 2(1), 4\u201327 (2011)","journal-title":"J. Wirel. Mob. Netw. Ubiquit. Comput. Dependable Appl."},{"key":"21_CR9","unstructured":"Kamm\u00fcller, F.: Isabelle Insider framework with examples (2015). \n                      https:\/\/www.dropbox.com\/sh\/rx8d09pf31cv8bd\/AAALKtaP8HMX642fi04Og4NLa?dl=0"},{"issue":"3","key":"21_CR10","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1023\/A:1006269330992","volume":"23","author":"F Kamm\u00fcller","year":"1999","unstructured":"Kamm\u00fcller, F., Paulson, L.C.: A formal proof of Sylow\u2019s theorem. J. Autom. Reasoning 23(3), 235\u2013264 (1999)","journal-title":"J. Autom. Reasoning"},{"key":"21_CR11","doi-asserted-by":"crossref","unstructured":"Kamm\u00fcller, F., Probst, C.W.: Invalidating policies using structural information. In: WRIT 2013. IEEE (2013)","DOI":"10.1109\/SPW.2013.36"},{"key":"21_CR12","doi-asserted-by":"crossref","unstructured":"Kamm\u00fcller, F., Probst, C.W.: Combining generated data models with formal invalidation for insider threat analysis. In: IEEE Security and Privacy Workshops (SPW), WRIT 2014. IEEE (2014)","DOI":"10.1109\/SPW.2014.45"},{"key":"21_CR13","first-page":"1","volume":"PP","author":"F Kamm\u00fcller","year":"2016","unstructured":"Kamm\u00fcller, F., Probst, C.W.: Modeling and verification of insider threats using logical analysis. IEEE Syst. J. PP, 1 (2016)","journal-title":"IEEE Syst. J."},{"key":"21_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/3-540-48256-3_11","volume-title":"Theorem Proving in Higher Order Logics","author":"F Kamm\u00fcller","year":"1999","unstructured":"Kamm\u00fcller, F., Wenzel, M., Paulson, L.C.: Locales - a sectioning concept for Isabelle. In: Bertot, Y., Dowek, G., Th\u00e9ry, L., Hirschowitz, A., Paulin, C. (eds.) Theorem Proving in Higher Order Logics. LNCS, vol. 1690, pp. 149\u2013165. Springer, Heidelberg (1999)"},{"key":"21_CR15","doi-asserted-by":"crossref","unstructured":"Nurse, J.R.C., Buckley, O., Legg, P.A., Goldsmith, M., Creese, S., Wright, G.R.T., Whitty, M.: Understanding insider threat: a framework for characterising attacks. In: IEEE Security and Privacy Workshops (SPW), WRIT 2014. IEEE (2014)","DOI":"10.1109\/SPW.2014.38"},{"key":"21_CR16","doi-asserted-by":"crossref","unstructured":"Nurse, J.R.C., Erola, A., Agrafiotis, I., Goldsmith, M., Creese, S.: Smart insiders: exploring the threat from insiders using the internet-of-things. In: 4th International Workshop on Secure Internet of Things (SIoT 2015), pp. 5\u201314. IEEE (2015). \n                      http:\/\/dx.doi.org\/10.1109\/SIOT.2015.10","DOI":"10.1109\/SIOT.2015.10"},{"key":"21_CR17","doi-asserted-by":"crossref","unstructured":"Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Workshop on New security paradigms, NSPW 1998 (1998)","DOI":"10.1145\/310889.310919"},{"key":"21_CR18","doi-asserted-by":"crossref","unstructured":"Salter, C., Saydjari, O.S., Schneier, B., Wallner, J.: Toward a secure systemengineering methodology. In: Workshop on New Security Paradigms, NSPW 1998 (1998)","DOI":"10.1145\/310889.310900"},{"key":"21_CR19","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE Symposium on Security and Privacy (S & P 2002). IEEE (2002)"},{"key":"21_CR20","unstructured":"Symantec. How safe is your quantified self? Technical report (2014)"},{"key":"21_CR21","unstructured":"Veris, V.: The vocabulary for event recording and incident sharing (2015). \n                      http:\/\/veriscommunity.net"},{"key":"21_CR22","unstructured":"Vormetric. 2015 vormetric insider threat report (2015). \n                      http:\/\/www.vormetric.com\/campaigns\/insiderthreat\/2015\/"}],"container-title":["Lecture Notes in Computer Science","Human Aspects of Information Security, Privacy, and Trust"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-39381-0_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,7,30]],"date-time":"2020-07-30T14:46:15Z","timestamp":1596120375000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-39381-0_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319393803","9783319393810"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-39381-0_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"21 June 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}