{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T01:18:41Z","timestamp":1772759921945,"version":"3.50.1"},"publisher-location":"Cham","reference-count":24,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319457406","type":"print"},{"value":"9783319457413","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-319-45741-3_10","type":"book-chapter","created":{"date-parts":[[2016,9,14]],"date-time":"2016-09-14T04:50:25Z","timestamp":1473828625000},"page":"179-197","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":5,"title":["Efficient Numerical Frameworks for Multi-objective Cyber Security Planning"],"prefix":"10.1007","author":[{"given":"MHR.","family":"Khouzani","sequence":"first","affiliation":[]},{"given":"P.","family":"Malacaria","sequence":"additional","affiliation":[]},{"given":"C.","family":"Hankin","sequence":"additional","affiliation":[]},{"given":"A.","family":"Fielder","sequence":"additional","affiliation":[]},{"given":"F.","family":"Smeraldi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,9,15]]},"reference":[{"issue":"5799","key":"10_CR1","doi-asserted-by":"publisher","first-page":"610","DOI":"10.1126\/science.1130992","volume":"314","author":"R Anderson","year":"2006","unstructured":"Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610\u2013613 (2006)","journal-title":"Science"},{"key":"10_CR2","doi-asserted-by":"crossref","unstructured":"Butler, S.A.: Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the 24th International Conference on Software Engineering. ACM (2002)","DOI":"10.1145\/581339.581370"},{"issue":"2","key":"10_CR3","doi-asserted-by":"publisher","first-page":"281","DOI":"10.2753\/MIS0742-1222250211","volume":"25","author":"H Cavusoglu","year":"2008","unstructured":"Cavusoglu, H., Raghunathan, S., Yue, W.T.: Decision-theoretic and game-theoretic approaches to it security investment. J. Manag. Inf. Syst. 25(2), 281\u2013304 (2008)","journal-title":"J. Manag. Inf. Syst."},{"key":"10_CR4","unstructured":"CESG: Common cyber attacks: Reducing the impact. https:\/\/www.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/400106\/Common_Cyber_Attacks-Reducing_The_Impact.pdf. Accessed on 13 April 2016"},{"key":"10_CR5","unstructured":"CESG (UK\u2019s Nat. Tech. Authority for Inf. Assurance): 10 Steps to Cyber Security. https:\/\/www.cesg.gov.uk\/10-steps-cyber-security. Accessed on 13 April 2016"},{"issue":"1","key":"10_CR6","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/s10479-007-0186-0","volume":"154","author":"A Chinchuluun","year":"2007","unstructured":"Chinchuluun, A., Pardalos, P.M.: A survey of recent developments in multiobjective optimization. Ann. Oper. Res. 154(1), 29\u201350 (2007)","journal-title":"Ann. Oper. Res."},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Dewri, R., Poolsappasit, N., Ray, I., Whitley, D.: Optimal security hardening using multi-objective optimization on attack tree models of networks. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM (2007)","DOI":"10.1145\/1315245.1315272"},{"issue":"3","key":"10_CR8","doi-asserted-by":"publisher","first-page":"592","DOI":"10.1016\/j.dss.2004.06.004","volume":"41","author":"M Gupta","year":"2006","unstructured":"Gupta, M., Rees, J., Chaturvedi, A., Chi, J.: Matching information security vulnerabilities to organizational security profiles: a genetic algorithm approach. Decis. Support Syst. 41(3), 592\u2013603 (2006)","journal-title":"Decis. Support Syst."},{"key":"10_CR9","unstructured":"Khouzani, M., Malacaria, P., Hankin, C., Fielder, A., Smeraldi, F.: Efficient numerical frameworks for multi-objective cyber security planning: Technical report. http:\/\/www.eecs.qmul.ac.uk\/~khouzani\/Papers\/ESORICS16Techrep.pdf"},{"issue":"6","key":"10_CR10","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1007\/s00158-003-0368-6","volume":"26","author":"RT Marler","year":"2004","unstructured":"Marler, R.T., Arora, J.S.: Survey of multi-objective optimization methods for engineering. Struct. Multi. Optim. 26(6), 369\u2013395 (2004)","journal-title":"Struct. Multi. Optim."},{"key":"10_CR11","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1007\/978-3-319-18275-9_16","volume-title":"Computation, Cryptography, and Network Security","author":"A Nagurney","year":"2015","unstructured":"Nagurney, A., Nagurney, L.S., Shukla, S.: A supply chain game theory frame-work for cybersecurity investments under network vulnerability. In: Daras, N.J., Rassias, M.T. (eds.) Computation, Cryptography, and Network Security, pp. 381\u2013398. Springer, Switzerland (2015)"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Ojamaa, A., Tyugu, E., Kivimaa, J.: Pareto-optimal situaton analysis for selection of security measures. In: Military Communications Conference. IEEE (2008)","DOI":"10.1109\/MILCOM.2008.4753520"},{"key":"10_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"266","DOI":"10.1007\/978-3-319-12601-2_15","volume-title":"Decision and Game Theory for Security","author":"E Panaousis","year":"2014","unstructured":"Panaousis, E., Fielder, A., Malacaria, P., Hankin, C., Smeraldi, F.: Cybersecurity games and investments: a decision support approach. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 266\u2013286. Springer, Heidelberg (2014)"},{"key":"10_CR14","unstructured":"Passeri, P.: HACKMAGEDDON, information security timelines and statistics. http:\/\/www.hackmageddon.com. Accessed on 19 April 2016"},{"issue":"1","key":"10_CR15","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1109\/TDSC.2011.34","volume":"9","author":"N Poolsappasit","year":"2012","unstructured":"Poolsappasit, N., Dewri, R., Ray, I.: Dynamic security risk management using bayesian attack graphs. IEEE Trans. Dependable Secure Comput. 9(1), 61\u201374 (2012)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"3","key":"10_CR16","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1016\/j.dss.2011.02.013","volume":"51","author":"LP Rees","year":"2011","unstructured":"Rees, L.P., Deane, J.K., Rakes, T.R., Baker, W.H.: Decision support for cybersecurity risk planning. Decis. Support Syst. 51(3), 493\u2013505 (2011)","journal-title":"Decis. Support Syst."},{"key":"10_CR17","unstructured":"SANS: The critical security controls for effective cyber defense. https:\/\/www.sans.org\/media\/critical-security-controls\/CSC-5.pdf. Accessed on 13 April 2016"},{"key":"10_CR18","series-title":"Advances in Intelligent Systems and Computing","first-page":"345","volume-title":"Proceedings of the International Conference on Soft Computing Systems, ICSCS 2015","author":"R Sarala","year":"2015","unstructured":"Sarala, R., Zayaraz, G., Vijayalakshmi, V.: Optimal selection of security countermeasures for effective information security. In: Padma Suresh, L., Panigrahi, B.K. (eds.) ICSCS 2015. AISC, vol. 398, pp. 345\u2013353. Springer, Heidelberg (2015)"},{"issue":"1","key":"10_CR19","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1016\/j.dss.2013.01.001","volume":"55","author":"T Sawik","year":"2013","unstructured":"Sawik, T.: Selection of optimal countermeasure portfolio in IT security planning. Decis. Support Syst. 55(1), 156\u2013164 (2013)","journal-title":"Decis. Support Syst."},{"key":"10_CR20","unstructured":"Schechter, S.E.: Computer security strength & risk: a quantitative approach. Ph.d. thesis, Harvard University Cambridge, Massachusetts (2004)"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Syalim, A., Hori, Y., Sakurai, K.: Comparison of risk analysis methods: Mehari, magerit, nist800-30 and microsoft\u2019s security management guide. In: International Conference on Availability, Reliability and Security. IEEE (2009)","DOI":"10.1109\/ARES.2009.75"},{"key":"10_CR22","unstructured":"UK\u2019s Department for Business, Innovation & Skills: Cyber Essentials Scheme. https:\/\/www.gov.uk\/government\/publications\/cyber-essentials-scheme-overview. Accessed on 7 January 2016"},{"issue":"2","key":"10_CR23","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1002\/mcda.4020030204","volume":"3","author":"EL Ulungu","year":"1994","unstructured":"Ulungu, E.L., Teghem, J.: Multi-objective combinatorial optimization problems: a survey. J. Multi Criteria Decis. Anal. 3(2), 83\u2013104 (1994)","journal-title":"J. Multi Criteria Decis. Anal."},{"issue":"3","key":"10_CR24","doi-asserted-by":"publisher","first-page":"599","DOI":"10.1016\/j.dss.2012.04.001","volume":"53","author":"V Viduto","year":"2012","unstructured":"Viduto, V., Maple, C., Huang, W., L\u00f3pez-Per\u00e9z, D.: A novel risk assessment and optimisation model for a multi-objective network security countermeasure selection problem. Decis. Support Syst. 53(3), 599\u2013610 (2012)","journal-title":"Decis. Support Syst."}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2016"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-45741-3_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,9,15]],"date-time":"2021-09-15T02:47:03Z","timestamp":1631674023000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-45741-3_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783319457406","9783319457413"],"references-count":24,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-45741-3_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"15 September 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Heraklion","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Greece","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 September 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 September 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}