{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,19]],"date-time":"2026-05-19T15:08:56Z","timestamp":1779203336472,"version":"3.51.4"},"reference-count":50,"publisher":"Springer Science and Business Media LLC","issue":"18","license":[{"start":{"date-parts":[[2022,2,2]],"date-time":"2022-02-02T00:00:00Z","timestamp":1643760000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,2,2]],"date-time":"2022-02-02T00:00:00Z","timestamp":1643760000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Neural Comput &amp; Applic"],"published-print":{"date-parts":[[2022,9]]},"DOI":"10.1007\/s00521-022-06959-2","type":"journal-article","created":{"date-parts":[[2022,2,2]],"date-time":"2022-02-02T13:02:46Z","timestamp":1643806966000},"page":"15241-15271","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":89,"title":["An integrated cyber security risk management framework and risk predication for the critical infrastructure protection"],"prefix":"10.1007","volume":"34","author":[{"given":"Halima Ibrahim","family":"Kure","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shareeful","family":"Islam","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Haralambos","family":"Mouratidis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,2,2]]},"reference":[{"issue":"1","key":"6959_CR1","first-page":"371","volume":"10","author":"MS Abu","year":"2018","unstructured":"Abu MS et al (2018) Cyber threat intelligence\u2013issue and challenges. Indones J Electr Eng Comput Sci 10(1):371\u2013379","journal-title":"Indones J Electr Eng Comput Sci"},{"key":"6959_CR2","unstructured":"Baldoni R (2014) Critical infrastructure protection: threats, attacks, and counter-measures. Technical Report. Available online: http:\/\/www.dis.uniroma1.it\/~tenace"},{"key":"6959_CR3","unstructured":"Barnum S (2008) \u2018Common attack pattern enumeration and classification (capec) schema description\u2019, Cigital Inc, http:\/\/capec.mitre.org\/documents\/documentation\/CAPEC_Schema_Description_v1.3."},{"key":"6959_CR4","doi-asserted-by":"publisher","DOI":"10.3390\/su8030240","author":"A Bialas","year":"2016","unstructured":"Bialas A (2016) Risk management in critical infrastructure\u2014foundation for its sustainable work. Sustainability. https:\/\/doi.org\/10.3390\/su8030240","journal-title":"Sustainability"},{"key":"6959_CR5","doi-asserted-by":"crossref","unstructured":"Boudreau M-C, Gefen D, Straub DW (2001) \u2018Validation in information systems research: A state-of-the-art assessment\u2019, MIS quarterly, pp 1\u201316","DOI":"10.2307\/3250956"},{"issue":"6","key":"6959_CR6","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1016\/S0306-4379(02)00012-1","volume":"27","author":"J Castro","year":"2002","unstructured":"Castro J, Kolp M, Mylopoulos J (2002) Towards requirements-driven information systems engineering: the Tropos project. Inf Syst 27(6):365\u2013389","journal-title":"Inf Syst"},{"issue":"1","key":"6959_CR7","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1145\/320434.320440","volume":"1","author":"PP-S Chen","year":"1976","unstructured":"Chen PP-S (1976) The entity-relationship model\u2014toward a unified view of data. ACM Trans Datab Syst (TODS) 1(1):9\u201336","journal-title":"ACM Trans Datab Syst (TODS)"},{"key":"6959_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2015.09.009","volume":"56","author":"Y Cherdantseva","year":"2016","unstructured":"Cherdantseva Y et al (2016) A review of cyber security risk assessment methods for SCADA systems. Comput Secur 56:1\u201327","journal-title":"Comput Secur"},{"key":"6959_CR9","unstructured":"Consortium WAS (2009) \u2018Web application security consortium threat classification\u2019"},{"key":"6959_CR10","first-page":"1","volume-title":"Cyber threat intelligence","author":"M Conti","year":"2018","unstructured":"Conti M, Dargahi T, Dehghantanha A (2018) Cyber threat intelligence: challenges and opportunities. Cyber threat intelligence. Springer, Berlin, pp 1\u20136"},{"key":"6959_CR11","doi-asserted-by":"publisher","DOI":"10.1142\/4177","volume-title":"Genetic fuzzy systems: evolutionary tuning and learning of fuzzy knowledge bases","author":"O Cord","year":"2001","unstructured":"Cord O (2001) Genetic fuzzy systems: evolutionary tuning and learning of fuzzy knowledge bases. World Scientific"},{"issue":"6","key":"6959_CR12","doi-asserted-by":"publisher","first-page":"894","DOI":"10.1016\/j.ijar.2011.03.004","volume":"52","author":"O Cord\u00f3n","year":"2011","unstructured":"Cord\u00f3n O (2011) A historical review of evolutionary learning methods for Mamdani-type fuzzy rule-based systems: designing interpretable genetic fuzzy systems. Int J Approx Reason 52(6):894\u2013913","journal-title":"Int J Approx Reason"},{"key":"6959_CR13","unstructured":"Enache MC (2015) Web application frameworks. Annals of the University Dunarea de Jos of Galati: Fascicle: XVII, Medicine, 21(3)"},{"key":"6959_CR14","unstructured":"Evans E (2004) Domain-driven design: tackling complexity in the heart of software. Addison-Wesley Professional"},{"issue":"1","key":"6959_CR15","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/MTS.2011.940293","volume":"30","author":"R Gandhi","year":"2011","unstructured":"Gandhi R et al (2011) Dimensions of cyber-attacks: Cultural, social, economic, and political. IEEE Technol Soc Mag 30(1):28\u201338","journal-title":"IEEE Technol Soc Mag"},{"key":"6959_CR16","doi-asserted-by":"crossref","unstructured":"Goodpaster KE (1991) \u2018Business ethics and stakeholder analysis\u2019, Business ethics quarterly, pp 53\u201373","DOI":"10.1017\/S1052150X00008782"},{"key":"6959_CR17","unstructured":"GOST R (2009) \u2018ISO\/IEC 31010-2011 Risk management. Risk assessment methods"},{"key":"6959_CR18","doi-asserted-by":"publisher","first-page":"406","DOI":"10.1016\/j.comcom.2020.02.008","volume":"153","author":"R Gupta","year":"2020","unstructured":"Gupta R et al (2020) Machine learning models for secure data analytics: A taxonomy and threat model. Comput Commun 153:406\u2013440","journal-title":"Comput Commun"},{"issue":"1","key":"6959_CR19","doi-asserted-by":"publisher","first-page":"640","DOI":"10.1109\/COMST.2018.2871866","volume":"21","author":"M Hus\u00e1k","year":"2018","unstructured":"Hus\u00e1k M et al (2018) Survey of attack projection, prediction, and forecasting in cyber security. IEEE Commun Surv Tutor 21(1):640\u2013660","journal-title":"IEEE Commun Surv Tutor"},{"issue":"2","key":"6959_CR20","doi-asserted-by":"publisher","first-page":"10","DOI":"10.3390\/jrfm10020010","volume":"10","author":"S Islam","year":"2017","unstructured":"Islam S et al (2017) A risk management framework for cloud migration decision support. J Risk Financ Manage 10(2):10","journal-title":"J Risk Financ Manage"},{"key":"6959_CR21","doi-asserted-by":"crossref","unstructured":"Izuakor C, White R (2016) Critical infrastructure asset identification: policy, methodology and gap analysis. In: Critical infrastructure protection X: 10th IFIP WG 11.10 international conference, ICCIP 2016, Arlington, VA, USA, March 14\u201316, 2016, Revised Selected Papers 10. pp 27\u201341. Springer, Berlin","DOI":"10.1007\/978-3-319-48737-3_2"},{"key":"6959_CR22","doi-asserted-by":"crossref","unstructured":"Kemabonta T, Kabalan M (2018) Using what you have, to get what you want\u2013a different approach to electricity market design for local distribution companies (DISCOs) in Nigeria. In: 2018 IEEE global humanitarian technology conference (GHTC). IEEE, pp 1\u20132","DOI":"10.1109\/GHTC.2018.8601910"},{"key":"6959_CR23","doi-asserted-by":"crossref","unstructured":"Knight S, Burn J (2005) Developing a framework for assessing information quality on the World Wide Web. Inf Sci 8","DOI":"10.28945\/2854"},{"issue":"11","key":"6959_CR24","first-page":"1478","volume":"25","author":"H Kure","year":"2019","unstructured":"Kure H, Islam S (2019) Cyber threat intelligence for improving cybersecurity and risk management in critical infrastructure. J Univ Comput Sci 25(11):1478\u20131502","journal-title":"J Univ Comput Sci"},{"key":"6959_CR25","unstructured":"Leroux N, de Kaper S (2014) Play for Java: Covers Play 2. Manning Publications Co"},{"key":"6959_CR26","doi-asserted-by":"crossref","unstructured":"Lilly B et al (2019) Applying indications and warning frameworks to cyber incidents. In: 2019 11th international conference on cyber conflict (CyCon). IEEE, pp 1\u201321","DOI":"10.23919\/CYCON.2019.8756949"},{"issue":"4","key":"6959_CR27","first-page":"601","volume":"6","author":"L Machado","year":"2009","unstructured":"Machado L, Filho O, Ribeiro J (2009) UWE-R: an extension to a web engineering methodology for rich internet applications. WSEAS Trans Inf Sci Appl 6(4):601\u2013610","journal-title":"WSEAS Trans Inf Sci Appl"},{"issue":"6","key":"6959_CR28","doi-asserted-by":"publisher","first-page":"921","DOI":"10.1016\/j.jlp.2009.06.011","volume":"22","author":"AS Markowski","year":"2009","unstructured":"Markowski AS, Mannan MS (2009) Fuzzy logic for piping risk assessment (pfLOPA). J Loss Prev Process Ind 22(6):921\u2013927","journal-title":"J Loss Prev Process Ind"},{"key":"6959_CR29","doi-asserted-by":"crossref","unstructured":"Martin RA (2007) Common weakness enumeration. Mitre Corporation","DOI":"10.1145\/1387830.1387835"},{"key":"6959_CR30","first-page":"1","volume":"23","author":"UM Mbanaso","year":"2019","unstructured":"Mbanaso UM, Abrahams L, Apene OZ (2019) Conceptual design of a cybersecurity resilience maturity measurement (CRMM) framework. Afr J Inf Commun 23:1\u201326","journal-title":"Afr J Inf Commun"},{"issue":"4","key":"6959_CR31","first-page":"494","volume":"2","author":"UP Onochie","year":"2015","unstructured":"Onochie UP, Egware HO, Eyakwanor TO (2015) The Nigeria electric power sector (opportunities and challenges). J Multidiscip Eng Sci Technol 2(4):494\u2013502","journal-title":"J Multidiscip Eng Sci Technol"},{"issue":"4","key":"6959_CR32","doi-asserted-by":"publisher","first-page":"4020039","DOI":"10.1061\/(ASCE)ME.1943-5479.0000795","volume":"36","author":"B R\u00f8d","year":"2020","unstructured":"R\u00f8d B et al (2020) From risk management to resilience management in critical infrastructure. J Manag Eng 36(4):4020039","journal-title":"J Manag Eng"},{"issue":"3","key":"6959_CR33","doi-asserted-by":"publisher","first-page":"740","DOI":"10.1016\/j.trpro.2014.10.053","volume":"3","author":"E Sapori","year":"2014","unstructured":"Sapori E, Sciutto M, Sciutto G (2014) ScienceDirect a quantitative approach to risk management in critical infrastructures. Transp Res Proc 3(3):740\u2013749. https:\/\/doi.org\/10.1016\/j.trpro.2014.10.053","journal-title":"Transp Res Proc"},{"issue":"15","key":"6959_CR34","doi-asserted-by":"publisher","first-page":"6250","DOI":"10.3390\/su12156250","volume":"12","author":"SK Singh","year":"2020","unstructured":"Singh SK et al (2020) Machine learning-based network sub-slicing framework in a sustainable 5G environment. Sustainability 12(15):6250","journal-title":"Sustainability"},{"issue":"1","key":"6959_CR35","first-page":"24","volume":"13","author":"D Straub","year":"2004","unstructured":"Straub D, Boudreau M-C, Gefen D (2004) Validation guidelines for IS positivist research. Commun Assoc Inf Syst 13(1):24","journal-title":"Commun Assoc Inf Syst"},{"key":"6959_CR36","unstructured":"Strom BE et al (2017) Finding cyber threats with ATT&CK-based analytics. The MITRE Corporation, Bedford, MA, Technical Report No. MTR170202"},{"key":"6959_CR37","unstructured":"Tactic A (2017) Techniques and Common Knowledge (ATT&CK)"},{"key":"6959_CR38","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1109\/ACCESS.2019.2961372","volume":"8","author":"S Tanwar","year":"2019","unstructured":"Tanwar S et al (2019) Machine learning adoption in blockchain-based smart applications: The challenges, and a way forward. IEEE Access 8:474\u2013488","journal-title":"IEEE Access"},{"key":"6959_CR39","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1016\/j.cose.2017.09.001","volume":"72","author":"W Tounsi","year":"2018","unstructured":"Tounsi W, Rais H (2018) A survey on technical threat intelligence in the age of sophisticated cyber attacks. Comput Secur 72:212\u2013233","journal-title":"Comput Secur"},{"issue":"6","key":"6959_CR40","doi-asserted-by":"publisher","first-page":"2799","DOI":"10.1016\/j.chb.2008.04.005","volume":"24","author":"M Workman","year":"2008","unstructured":"Workman M, Bommer WH, Straub D (2008) Security lapses and the omission of information security measures: A threat control model and empirical test. Comput Hum Behav 24(6):2799\u20132816","journal-title":"Comput Hum Behav"},{"issue":"4","key":"6959_CR41","doi-asserted-by":"publisher","first-page":"83","DOI":"10.1109\/2.53","volume":"21","author":"LA Zadeh","year":"1988","unstructured":"Zadeh LA (1988) Fuzzy logic. Computer 21(4):83\u201393","journal-title":"Computer"},{"key":"6959_CR42","unstructured":"Abouzakhar N (2013) Critical infrastructure cybersecurity: a review of recent threats and violations. In: European conference on information warfare and security, ECCWS, pp 1\u201310"},{"key":"6959_CR43","doi-asserted-by":"publisher","first-page":"23","DOI":"10.1007\/978-1-4471-4661-2_3","volume":"64","author":"P Hokstad","year":"2012","unstructured":"Hokstad P, Utne IB, Vatn J (2012) Risk and vulnerability analysis of critical infrastructures. Springer Ser Reliab Eng 64:23\u201333. https:\/\/doi.org\/10.1007\/978-1-4471-4661-2_3","journal-title":"Springer Ser Reliab Eng"},{"key":"6959_CR44","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1016\/j.jnca.2015.05.016","volume":"59","author":"K Gai","year":"2016","unstructured":"Gai K et al (2016) Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing. J Netw Comput Appl 59:46\u201354","journal-title":"J Netw Comput Appl"},{"key":"6959_CR45","unstructured":"ISO 27005:2018 (ISO 27005) Information technology\u2014Security techniques\u2014Information security risk management, https:\/\/www.iso.org\/standard\/75281.html"},{"key":"6959_CR46","unstructured":"ISO 31000: 2018 (ISO 31000) Risk management\u2014Guidelines, https:\/\/www.iso.org\/standard\/65694.html"},{"key":"6959_CR47","unstructured":"ISO\/IEC 27001 (ISO 27001) Information technology - Security techniques - Information security management systems - Requirements, https:\/\/www.iso.org\/isoiec-27001-information-security.html"},{"key":"6959_CR48","unstructured":"NIST Special Publication 800-39 , (NIST 800-39)Managing Information Security Risk, Organization, Mission, and Information System View, https:\/\/nvlpubs.nist.gov\/nistpubs\/Legacy\/SP\/nistspecialpublication800-39.pdf"},{"key":"6959_CR49","unstructured":"NIST(NIST CSF), Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 , 2018, https:\/\/www.nist.gov\/cyberframework"},{"key":"6959_CR50","unstructured":"Centre of Internet Security (CIS) (2020) https:\/\/www.cisecurity.org\/"}],"container-title":["Neural Computing and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00521-022-06959-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00521-022-06959-2\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00521-022-06959-2.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,1]],"date-time":"2022-09-01T18:16:02Z","timestamp":1662056162000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00521-022-06959-2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,2,2]]},"references-count":50,"journal-issue":{"issue":"18","published-print":{"date-parts":[[2022,9]]}},"alternative-id":["6959"],"URL":"https:\/\/doi.org\/10.1007\/s00521-022-06959-2","relation":{},"ISSN":["0941-0643","1433-3058"],"issn-type":[{"value":"0941-0643","type":"print"},{"value":"1433-3058","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,2,2]]},"assertion":[{"value":"21 July 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 January 2022","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 February 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}