{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,5]],"date-time":"2025-12-05T12:15:13Z","timestamp":1764936913822,"version":"3.41.0"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319584591"},{"type":"electronic","value":"9783319584607"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-58460-7_35","type":"book-chapter","created":{"date-parts":[[2017,5,12]],"date-time":"2017-05-12T11:08:42Z","timestamp":1494587322000},"page":"507-517","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Behavioural Profiling in Cyber-Social Systems"],"prefix":"10.1007","author":[{"given":"Jason","family":"Perno","sequence":"first","affiliation":[]},{"given":"Christian W.","family":"Probst","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,5,13]]},"reference":[{"key":"35_CR1","doi-asserted-by":"crossref","unstructured":"Aslanyan, Z., Nielson, F., Parker, D.: Quantitative verification and synthesis of attack-defence scenarios. In: Proceedings of the 29th Computer Security Foundations Symposium (CSF) (2016)","DOI":"10.1109\/CSF.2016.15"},{"key":"35_CR2","volume-title":"The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes","author":"DM Cappelli","year":"2012","unstructured":"Cappelli, D.M., Moore, A.P., Trzeciak, R.F.: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes. Addison-Wesley Professional, Boston (2012)"},{"key":"35_CR3","doi-asserted-by":"publisher","DOI":"10.3990\/1.9789036533317","volume-title":"Alignment of Organizational Security Policies - Theory and Practice","author":"T Dimkov","year":"2012","unstructured":"Dimkov, T.: Alignment of Organizational Security Policies - Theory and Practice. University of Twente, Enschede (2012). http:\/\/eprints.eemcs.utwente.nl\/21578\/"},{"key":"35_CR4","unstructured":"Esser, H.: Soziologie Allgemeine Grundlagen, Campus (1993)"},{"key":"35_CR5","unstructured":"Gonzalez, J.J., Sawicka, A.: A framework for human factors in information security. In: Proceedings of the WSEAS International Conference on Information Security (2002)"},{"key":"35_CR6","unstructured":"Ivanova, M.G., Probst, C.W., Hansen, R.R., Kamm\u00fcller, F.: Externalizing behaviour for analysing system models. In: 5th International Workshop on Managing Insider Security Threats (MIST 2013) (2013)"},{"key":"35_CR7","doi-asserted-by":"crossref","unstructured":"Kamm\u00fcller, F., Probst, C.W.: Invalidating policies using structural information. In: 2nd International IEEE Workshop on Research on Insider Threats (WRIT 2013). IEEE, co-located with IEEE CS Security and Privacy 2013 (2013)","DOI":"10.1109\/SPW.2013.36"},{"key":"35_CR8","doi-asserted-by":"crossref","unstructured":"Kamm\u00fcller, F., Probst, C.W.: Combining generated data models with formal invalidation for insider threat analysis. In: 3rd International IEEE Workshop on Research on Insider Threats (WRIT 2014). IEEE, co-located with IEEE CS Security and Privacy 2014 (2014)","DOI":"10.1109\/SPW.2014.45"},{"issue":"1","key":"35_CR9","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1093\/logcom\/exs029","volume":"24","author":"B Kordy","year":"2014","unstructured":"Kordy, B., Mauw, S., Radomirovi\u0107, S., Schweitzer, P.: Attack-defense trees. J. Log. Comput. 24(1), 55\u201387 (2014)","journal-title":"J. Log. Comput."},{"key":"35_CR10","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cosrev.2014.07.001","volume":"13\u201314","author":"B Kordy","year":"2014","unstructured":"Kordy, B., Pi\u00e8tre-Cambac\u00e9d\u00e8s, L., Schweitzer, P.: DAG-based attack and defense modeling: don\u2019t miss the forest for the attack trees. Comput. Sci. Rev. 13\u201314, 1\u201338 (2014). http:\/\/www.sciencedirect.com\/science\/article\/pii\/S1574013714000100","journal-title":"Comput. Sci. Rev."},{"key":"35_CR11","doi-asserted-by":"crossref","unstructured":"Legay, A., Delahaye, B., Bensalem, S.: Statistical model checking: an overview. In: Proceedings of the First International Conference on Runtime Verification (2010)","DOI":"10.1007\/978-3-642-16612-9_11"},{"issue":"4","key":"35_CR12","first-page":"20","volume":"4","author":"P Legg","year":"2013","unstructured":"Legg, P., Moffat, N., Nurse, J.R., Happa, J., Agrafiotis, I., Goldsmith, M., Creese, S.: Towards a conceptual model and reasoning structure for insider threat detection. J. Wirel. Mob. Netw., Ubiquitous Comput., Depend. Appl. 4(4), 20\u201337 (2013)","journal-title":"J. Wirel. Mob. Netw., Ubiquitous Comput., Depend. Appl."},{"issue":"5","key":"35_CR13","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1109\/32.685256","volume":"24","author":"R de Nicola","year":"1998","unstructured":"de Nicola, R., Ferrari, G.L., Pugliese, R.: KLAIM: a kernel language for agents interaction and mobility. IEEE Trans. Softw. Eng. 24(5), 315\u2013330 (1998). http:\/\/dx.doi.org\/10.1109\/32.685256","journal-title":"IEEE Trans. Softw. Eng."},{"key":"35_CR14","doi-asserted-by":"crossref","unstructured":"Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on New security paradigms NSpPW 1998, pp. 71\u201379 (1998)","DOI":"10.1145\/310889.310919"},{"issue":"1","key":"35_CR15","first-page":"75","volume":"2","author":"W Pieters","year":"2011","unstructured":"Pieters, W.: Representing humans in system security models: an actor-network approach. J. Wirel. Mob. Netw., Ubiquitous Comput., Depend. Appl. 2(1), 75\u201392 (2011)","journal-title":"J. Wirel. Mob. Netw., Ubiquitous Comput., Depend. Appl."},{"issue":"2","key":"35_CR16","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1109\/JSYST.2012.2221933","volume":"7","author":"W Pieters","year":"2013","unstructured":"Pieters, W., Dimkov, T., Pavlovic, D.: Security policy alignment: a formal approach. IEEE Syst. J. 7(2), 275\u2013287 (2013)","journal-title":"IEEE Syst. J."},{"issue":"4","key":"35_CR17","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1016\/j.istr.2008.10.012","volume":"13","author":"CW Probst","year":"2008","unstructured":"Probst, C.W., Hansen, R.R.: An extensible analysable system model. Inform. Sec. Tech. Rep. 13(4), 235\u2013246 (2008)","journal-title":"Inform. Sec. Tech. Rep."},{"key":"35_CR18","doi-asserted-by":"crossref","unstructured":"Probst, C.W., Hansen, R.R.: Analysing access control specifications. In: 2009 Fourth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 22\u201333 (2009)","DOI":"10.1109\/SADFE.2009.13"},{"key":"35_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"127","DOI":"10.1007\/978-3-540-75227-1_9","volume-title":"Formal Aspects in Security and Trust","author":"CW Probst","year":"2007","unstructured":"Probst, C.W., Hansen, R.R., Nielson, F.: Where can an insider attack? In: Dimitrakos, T., Martinelli, F., Ryan, P.Y.A., Schneider, S. (eds.) FAST 2006. LNCS, vol. 4691, pp. 127\u2013142. Springer, Heidelberg (2007). doi:10.1007\/978-3-540-75227-1_9"},{"key":"35_CR20","unstructured":"Qin, X., Lee, W.: Attack plan recognition and prediction using causal networks. In: 20th Annual Computer Security Applications Conference, pp. 370\u2013379, December 2004"},{"key":"35_CR21","doi-asserted-by":"crossref","unstructured":"Salter, C., Saydjari, O.S., Schneier, B., Wallner, J.: Toward a secure system engineering methodology. In: Proceedings of the 1998 Workshop on New Security Paradigms (NSPW 1998), pp. 2\u201310. Charlottesville, Virginia, United States, September 1998","DOI":"10.1145\/310889.310900"},{"issue":"12","key":"35_CR22","first-page":"21","volume":"24","author":"B Schneier","year":"1999","unstructured":"Schneier, B.: Attack trees: modeling security threats. Dr. Dobb\u2019s J. Softw. Tools 24(12), 21\u201329 (1999). http:\/\/www.ddj.com\/security\/184414879","journal-title":"Dr. Dobb\u2019s J. Softw. Tools"},{"key":"35_CR23","doi-asserted-by":"crossref","unstructured":"Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (S&P 2002), vol. 129, pp. 273\u2013284 (2002)","DOI":"10.1109\/SECPRI.2002.1004377"},{"key":"35_CR24","unstructured":"Stanford Cyber Intiative: Understanding \u201ccyber-social systems\u201d. https:\/\/cyber.stanford.edu\/sites\/default\/files\/stanford_cyber_initiative_.pdf. Accessed 10 Mar 2017"},{"key":"35_CR25","unstructured":"The TRE$$_{\\rm S}$$PASS Project: Deliverable D1.2.2: The Final TRE$$_{\\rm S}$$PASS Policy-Specification Language (2015). https:\/\/www.trespass-project.eu\/node\/222. Accessed 10 Mar 2017"},{"key":"35_CR26","unstructured":"The TRE$$_{\\rm S}$$PASS Project: Deliverable D1.3.4: The TRE$$_{\\rm S}$$PASS Socio-technical Security Model and Specification Languages (2016). https:\/\/www.trespass-project.eu\/node\/302. Accessed 10 Mar 2017"},{"key":"35_CR27","unstructured":"The TRE$$_{\\rm S}$$PASS Project: Deliverable D5.4.2: The Integrated TRE$$_{\\rm S}$$PASS Process (2016). https:\/\/www.trespass-project.eu\/node\/315. Accessed 10 Mar 2017"}],"container-title":["Lecture Notes in Computer Science","Human Aspects of Information Security, Privacy and Trust"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-58460-7_35","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:49:03Z","timestamp":1750254543000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-58460-7_35"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319584591","9783319584607"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-58460-7_35","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"13 May 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"HAS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Human Aspects of Information Security, Privacy, and Trust","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Vancouver, BC","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 July 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 July 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"has2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}