{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T06:57:13Z","timestamp":1781161033410,"version":"3.54.1"},"publisher-location":"Singapore","reference-count":42,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819200672","type":"print"},{"value":"9789819200689","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-981-92-0068-9_21","type":"book-chapter","created":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T06:07:11Z","timestamp":1781158031000},"page":"310-323","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Architecting AI for\u00a0Compliance: Integrating EU AI Act Principles with\u00a0MITRE ATLAS Threat Models"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0001-7421-9086","authenticated-orcid":false,"given":"Tomas","family":"Valenta","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-8543-8194","authenticated-orcid":false,"given":"Jiri","family":"Novotny","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3534-026X","authenticated-orcid":false,"given":"Josef","family":"Horalek","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2026,6,1]]},"reference":[{"key":"21_CR1","unstructured":"AI Model Inference API Access $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0040. Accessed 11 Nov 2025"},{"key":"21_CR2","unstructured":"AI Supply Chain Compromise $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0010. Accessed 12 Nov 2025"},{"key":"21_CR3","unstructured":"Cost Harvesting $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0034. Accessed 11 Nov 2025"},{"key":"21_CR4","unstructured":"Denial of AI Service $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0029. Accessed 11 Nov 2025"},{"key":"21_CR5","unstructured":"Erode AI Model Integrity $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0031. Accessed 11 Nov 2025"},{"key":"21_CR6","unstructured":"Erode Dataset Integrity $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0059. Accessed 11 Nov 2025"},{"key":"21_CR7","unstructured":"Evade AI Model $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0015. Accessed 11 Nov 2025"},{"key":"21_CR8","unstructured":"Exfiltration via AI Inference API $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0024. Accessed 11 Nov 2025"},{"key":"21_CR9","unstructured":"Extract LLM System Prompt $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0056. Accessed 11 Nov 2025"},{"key":"21_CR10","unstructured":"LLM Data Leakage $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0057. Accessed 11 Nov 2025"},{"key":"21_CR11","unstructured":"LLM Prompt Injection $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0051. Accessed 11 Nov 2025"},{"key":"21_CR12","unstructured":"MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/. Accessed 22 Oct 2025"},{"key":"21_CR13","unstructured":"Poison Training Data $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0020. Accessed 11 Nov 2025"},{"key":"21_CR14","unstructured":"Spamming AI System with Chaff Data $$|$$ MITRE ATLAS\u2122. https:\/\/atlas.mitre.org\/techniques\/AML.T0046. Accessed 12 Nov 2025"},{"key":"21_CR15","unstructured":"AI Risk Management Framework. NIST (Jul 2021), https:\/\/www.nist.gov\/itl\/ai-risk-management-framework. Accessed 11 Nov 2025"},{"key":"21_CR16","unstructured":"Advancing accountability in AI (2023). https:\/\/www.oecd.org\/en\/publications\/advancing-accountability-in-ai_2448f04b-en.html. Accessed 11 Nov 2025"},{"key":"21_CR17","unstructured":"Regulation (EU) 2024\/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence and amending Regulations (EC) No 300\/2008, (EU) No 167\/2013, (EU) No 168\/2013, (EU) 2018\/858, (EU) 2018\/1139 and (EU) 2019\/2144 and Directives 2014\/90\/EU, (EU) 2016\/797 and (EU) 2020\/1828 (Artificial Intelligence Act) (Text with EEA relevance) (2024). https:\/\/eur-lex.europa.eu\/eli\/reg\/2024\/1689\/oj. Accessed 04 Nov 2025"},{"key":"21_CR18","unstructured":"Anderljung, M., et al.: Frontier AI regulation: managing emerging risks to public safety (2023). arXiv:2307.03718. Accessed 06 Nov 2025"},{"key":"21_CR19","doi-asserted-by":"publisher","unstructured":"Baruwal Chhetri, M., Tariq, S., Singh, R., Jalalvand, F., Paris, C., Nepal, S.: Towards human-AI teaming to mitigate alert fatigue in security operations centres. ACM Trans. Internet Technol. 24(3), 1\u201322 (2024). https:\/\/doi.org\/10.1145\/3670009. Accessed 06 Nov 2025","DOI":"10.1145\/3670009"},{"key":"21_CR20","doi-asserted-by":"crossref","unstructured":"Carroll, J.: Strengthening AI critical infrastructure security with the MIT AI risk repository and MITRE ATLAS frameworks. In: European Conference on Cyber Warfare and Security, pp. 71\u201379. Academic Conferences International Limited (2025). Accessed 10 Nov 2025","DOI":"10.34190\/eccws.24.1.3713"},{"key":"21_CR21","doi-asserted-by":"publisher","unstructured":"Floridi, L., Holweg, M., Taddeo, M., Amaya, J., M\u00f6kander, J., Wen, Y.: CapAI - A procedure for conducting conformity assessment of AI systems in line with the EU artificial intelligence act (2022). https:\/\/doi.org\/10.2139\/ssrn.4064091. Accessed 11 Nov 2025","DOI":"10.2139\/ssrn.4064091"},{"key":"21_CR22","doi-asserted-by":"publisher","unstructured":"Giudici, P., Raffinetti, E.: Explainable AI methods in cyber risk management. Qual. Reliab. Eng. Int. 38(3), 1318\u20131326 (2022). https:\/\/doi.org\/10.1002\/qre.2939. Accessed 06 Nov 2025","DOI":"10.1002\/qre.2939"},{"key":"21_CR23","doi-asserted-by":"publisher","unstructured":"Grigorescu, O., Nica, A., Dascalu, M., Rughinis, R.: CVE2ATT&CK: BERT-based mapping of CVEs to MITRE ATT&CK techniques. Algorithms 15(9), 314 (2022). https:\/\/doi.org\/10.3390\/a15090314. Accessed 11 Nov 2025","DOI":"10.3390\/a15090314"},{"key":"21_CR24","doi-asserted-by":"publisher","unstructured":"Jia, J., et al.: Model sparsity can simplify machine unlearning. In: Advances in Neural Information Processing Systems, vol. 36, pp. 51584\u201351605 (2023). https:\/\/doi.org\/10.48550\/arXiv.2304.04934. Accessed 06 Nov 2025","DOI":"10.48550\/arXiv.2304.04934"},{"key":"21_CR25","unstructured":"Junklewitz, H., Hamon, R., Andr\u00e9, A., Evas, T., Soler\u00a0Garrido, J., Sanchez\u00a0Martin, J.: Cybersecurity of artificial intelligence in the AI act. Luxembourg: Pub. Office European Union 10, 271009 (2023)"},{"key":"21_CR26","doi-asserted-by":"crossref","unstructured":"Kelly, J., Zafar, S.A., Heidemann, L., Zacchi, J.V., Espinoza, D., Mata, N.: Navigating the EU AI act: a methodological approach to compliance for safety-critical products. In: 2024 IEEE Conference on Artificial Intelligence (CAI), pp. 979\u2013984. IEEE (2024)","DOI":"10.1109\/CAI59869.2024.00179"},{"key":"21_CR27","unstructured":"Kressel, J.: SAFE-AI a framework for securing AI-enabled systems (2025). https:\/\/atlas.mitre.org\/pdf-files\/SAFEAI_Full_Report.pdf. Accessed 07 Nov 2025"},{"key":"21_CR28","unstructured":"Kumar, V.: MITRE ATLAS framework 2025 - guide to securing AI systems (2025). https:\/\/www.practical-devsecops.com\/mitre-atlas-framework-guide-securing-ai-systems\/. Accessed 09 Nov 2025"},{"key":"21_CR29","doi-asserted-by":"publisher","unstructured":"Lagerstr\u00f6m, R., Xiong, W., Ekstedt, M.: Threat modeling and attack simulations of smart cities: a literature review and explorative study. In: ICISSP, pp. 369\u2013376 (2020). https:\/\/doi.org\/10.5220\/0008921903690376. Accessed 06 Nov 2025","DOI":"10.5220\/0008921903690376"},{"key":"21_CR30","doi-asserted-by":"publisher","unstructured":"Laux, J., Wachter, S., Mittelstadt, B.: Trustworthy artificial intelligence and the European Union AI act: on the conflation of trustworthiness and acceptability of risk. Regul. Gov. 18(1), 3\u201332 (2024). https:\/\/doi.org\/10.1111\/rego.12512. Accessed 05 Nov 2025","DOI":"10.1111\/rego.12512"},{"key":"21_CR31","doi-asserted-by":"publisher","unstructured":"Lee, I., Choi, C.: Camp2Vec: embedding cyber campaign with ATT&CK framework for attack group analysis. ICT Express 9(6), 1065\u20131070 (2023). https:\/\/doi.org\/10.1016\/j.icte.2023.05.008. Accessed 06 Nov 2025","DOI":"10.1016\/j.icte.2023.05.008"},{"key":"21_CR32","doi-asserted-by":"publisher","unstructured":"Lin, X., Zhang, J., Deng, G., Liu, T., Zhang, T., Guo, Q., Chen, R.: IRCopilot: automated incident response with large language models (2025). https:\/\/doi.org\/10.48550\/arXiv.2505.20945. Accessed 06 Nov 2025","DOI":"10.48550\/arXiv.2505.20945"},{"key":"21_CR33","doi-asserted-by":"publisher","unstructured":"Mauri, L., Damiani, E.: STRIDE-AI: an approach to identifying vulnerabilities of machine learning assets. In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 147\u2013154. IEEE, Rhodes, Greece (2021). https:\/\/doi.org\/10.1109\/CSR51186.2021.9527917. Accessed 11 Nov 2025","DOI":"10.1109\/CSR51186.2021.9527917"},{"issue":"2","key":"21_CR34","doi-asserted-by":"publisher","first-page":"323","DOI":"10.1007\/s11023-021-09557-8","volume":"31","author":"J M\u00f6kander","year":"2021","unstructured":"M\u00f6kander, J., Floridi, L.: Ethics-based auditing to develop trustworthy AI. Mind. Mach. 31(2), 323\u2013327 (2021). https:\/\/doi.org\/10.1007\/s11023-021-09557-8","journal-title":"Mind. Mach."},{"key":"21_CR35","doi-asserted-by":"publisher","unstructured":"M\u00f6kander, J., Schuett, J., Kirk, H.R., Floridi, L.: Auditing large language models: a three-layered approach. AI and Ethics 4(4), 1085\u20131115 (2024). https:\/\/doi.org\/10.1007\/s43681-023-00289-2. Accessed 05 Nov 2025","DOI":"10.1007\/s43681-023-00289-2"},{"key":"21_CR36","doi-asserted-by":"publisher","unstructured":"Nikolinakos, N.T.: EU Policy and Legal Framework for Artificial Intelligence, Robotics and Related Technologies - The AI Act, Law, Governance and Technology Series, vol.\u00a053. Springer International Publishing, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-27953-9. Accessed 10 Nov 2025","DOI":"10.1007\/978-3-031-27953-9"},{"key":"21_CR37","doi-asserted-by":"publisher","unstructured":"Patel, R., et al.: Towards Secure MLOps: Surveying Attacks, Mitigation Strategies, and Research Challenges (2025). https:\/\/doi.org\/10.48550\/arXiv.2506.02032. Accessed 06 Nov 2025","DOI":"10.48550\/arXiv.2506.02032"},{"key":"21_CR38","unstructured":"Simonetto, S., Bosch, P.: Comprehensive threat analysis and systematic mapping of CVEs to MITRE framework (2024). Accessed 10 Nov 2025"},{"key":"21_CR39","doi-asserted-by":"publisher","unstructured":"Smuha, N.A.: From a \u2018race to AI\u2019 to a \u2018race to AI regulation\u2019: regulatory competition for artificial intelligence. Law Innov. Technol. 13(1), 57\u201384 (2021). https:\/\/doi.org\/10.1080\/17579961.2021.1898300. Accessed 05 Nov 2025","DOI":"10.1080\/17579961.2021.1898300"},{"key":"21_CR40","doi-asserted-by":"publisher","unstructured":"Tamburri, D.A.: Sustainable mlops: trends and challenges. In: 2020 22nd International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC), pp. 17\u201323. IEEE (2020). https:\/\/doi.org\/10.1109\/SYNASC51798.2020.00015. Accessed 06 Nov 2025","DOI":"10.1109\/SYNASC51798.2020.00015"},{"key":"21_CR41","unstructured":"Vu, J.: A step-by-step guide to using MITRE ATLAS for LLM applications. https:\/\/james-vu.com\/blog\/f\/a-step-by-step-guide-to-using-mitre-atlas-for-llm-applications. Accessed 10 Nov 2025"},{"key":"21_CR42","doi-asserted-by":"publisher","unstructured":"Xiong, W., Legrand, E., \u00c5berg, O., Lagerstr\u00f6m, R.: Cyber security threat modeling based on the MITRE enterprise ATT&CK matrix. Softw. Syst. Model. 21(1), 157\u2013177 (2022). https:\/\/doi.org\/10.1007\/s10270-021-00898-7. Accessed 06 Nov 2025","DOI":"10.1007\/s10270-021-00898-7"}],"container-title":["Communications in Computer and Information Science","Recent Challenges in Intelligent information and Database Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-92-0068-9_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,6,11]],"date-time":"2026-06-11T06:07:25Z","timestamp":1781158045000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-92-0068-9_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9789819200672","9789819200689"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/978-981-92-0068-9_21","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"1 June 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ACIIDS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Asian Conference on Intelligent Information and Database Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kaohsiung","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2026","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 April 2026","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 April 2026","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"aciids2026","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/aciids.pwr.edu.pl\/2026\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}