{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T12:54:09Z","timestamp":1765976049227},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2015,1,7]],"date-time":"2015-01-07T00:00:00Z","timestamp":1420588800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Inf Technol Manag"],"published-print":{"date-parts":[[2017,3]]},"DOI":"10.1007\/s10799-014-0213-1","type":"journal-article","created":{"date-parts":[[2015,1,6]],"date-time":"2015-01-06T06:41:32Z","timestamp":1420526492000},"page":"1-25","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Using ontologies to perform threat analysis and develop defensive strategies for mobile security"],"prefix":"10.1007","volume":"18","author":[{"given":"Ping","family":"Wang","sequence":"first","affiliation":[]},{"given":"Kuo-Ming","family":"Chao","sequence":"additional","affiliation":[]},{"given":"Chi-Chun","family":"Lo","sequence":"additional","affiliation":[]},{"given":"Yu-Shih","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,1,7]]},"reference":[{"key":"213_CR1","doi-asserted-by":"crossref","first-page":"251","DOI":"10.1007\/s11416-008-0086-0","volume":"4","author":"G Jacob","year":"2008","unstructured":"Jacob G, Debar H, Filiol E (2008) Behavioral detection of malware: from a survey towards an established taxonomy. J Comput Virol 4:251\u2013266","journal-title":"J Comput Virol"},{"key":"213_CR2","unstructured":"Bayne J (2012) An overview of threat and risk assessment. SANS Institute. http:\/\/www.sans.org\/reading_room\/whitepapers\/auditing\/overview-threat-risk-assessment_76 . Accessed 14 Jan 2010"},{"key":"213_CR3","unstructured":"Mitre Corporation (2011) Common vulnerabilities and exposures. http:\/\/www.cve.mitre.org . Accessed 8 Jan 2012"},{"key":"213_CR4","unstructured":"NIST (2012) NVD (national vulnerability database). http:\/\/nvd.nist.gov\/ . Accessed 21 Sep 2012"},{"key":"213_CR5","unstructured":"Sheyner O (2004) Scenario graphs and attack graphs. PhD thesis, Carnegie Mellon University"},{"key":"213_CR6","unstructured":"Schneier B (1999) Attack trees: modeling security threats. Dr. Dobbs\u2019 Journal. Retrieved from http:\/\/www.counterpane.com\/attacktrees-ddj-ft.html"},{"key":"213_CR7","doi-asserted-by":"crossref","unstructured":"Edge KS, Dalton II GC, Raines RA, Mills RF (2007) Using attack and protection trees to analyze threats and defenses to homeland security (MILCOM), pp 1\u20137","DOI":"10.1109\/MILCOM.2006.302512"},{"key":"213_CR8","doi-asserted-by":"crossref","unstructured":"Roy A, Kim D, Trivedi KS (2010) Cyber security analysis using attack countermeasure trees. In CSIIRW\u201910, April 21\u201323","DOI":"10.1145\/1852666.1852698"},{"key":"213_CR9","unstructured":"Clausing J (2009) Building an automated behavioral malware analysis environment using open source software. SANS Institute Reading Room"},{"key":"213_CR10","unstructured":"Truman Sandbox (2013). http:\/\/www.secureworks.com\/cyber-threat-intelligence\/tools\/truman\/ . Accessed 19 Mar 2012"},{"key":"213_CR11","doi-asserted-by":"crossref","unstructured":"Stewart J (2006) Behavioural malware analysis using Sandnets. Comput Fraud Secur 2006(12):4\u20136","DOI":"10.1016\/S1361-3723(06)70449-3"},{"issue":"2","key":"213_CR12","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1109\/MSP.2007.45","volume":"5","author":"C Willems","year":"2007","unstructured":"Willems C, Holz T, Freiling F (2007) Toward automated dynamic malware analysis using CWSandbox. IEEE Secur Priv 5(2):32\u201339","journal-title":"IEEE Secur Priv"},{"key":"213_CR13","doi-asserted-by":"crossref","unstructured":"Blasing T, Batyuk L, Schmidt AD, Camtepe SA, Albayrak S (2010) An android application sandbox system for suspicious software detection. In 5th international conference of malicious and unwanted software (MALWARE)","DOI":"10.1109\/MALWARE.2010.5665792"},{"key":"213_CR14","unstructured":"Honeynet Project (2012) DroidBox. http:\/\/www.honeynet.org\/gsoc\/slot11"},{"issue":"2","key":"213_CR15","doi-asserted-by":"crossref","first-page":"245","DOI":"10.1016\/S0020-7373(87)80094-9","volume":"26","author":"L Marianne","year":"1987","unstructured":"Marianne L (1987) The knowledge acquisition grid: a method for training knowledge engineers. Int J Man Mach Stud 26(2):245\u2013255","journal-title":"Int J Man Mach Stud"},{"key":"213_CR16","unstructured":"Berners-Lee T (1998) Semantic web roadmap. W3C design issues"},{"issue":"3","key":"213_CR17","first-page":"53","volume":"18","author":"NF Noy","year":"1997","unstructured":"Noy NF, Hafner CD (1997) The state of the art in ontology design: a survey and comparative review. AI Mag 18(3):53\u201374","journal-title":"AI Mag"},{"key":"213_CR18","unstructured":"Noy NF, McGuinness DL (2001) Ontology development 101: a guide to creating your first ontology. Technical report KSL-01-05, Stanford Knowledge Systems Laboratory"},{"issue":"2","key":"213_CR19","doi-asserted-by":"crossref","first-page":"93","DOI":"10.1017\/S0269888900007797","volume":"11","author":"M Uschold","year":"1996","unstructured":"Uschold M, Grueninger M (1996) Ontologies: principles, methods and applications. Knowl Eng Rev 11(2):93\u2013155","journal-title":"Knowl Eng Rev"},{"issue":"3","key":"213_CR20","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/s10489-007-0071-1","volume":"30","author":"CS Lee","year":"2009","unstructured":"Lee CS, Wang MH (2009) Ontology-based computational intelligent multi-agent and its application to CMMI assessment. Appl Intell 30(3):203\u2013219","journal-title":"Appl Intell"},{"key":"213_CR21","unstructured":"Simmonds A, Sandilands P, Ekert LV (2003) An ontology for network security attacks, RAID 2003, LCNS 2820. Springer, Heidelberg"},{"key":"213_CR22","unstructured":"Grit D, Lalana K, Tim F, Massimo P (2003) Security for DAML web services: annotation and matchmaking. In Proceedings of second international semantic web conference, September"},{"key":"213_CR23","doi-asserted-by":"crossref","unstructured":"Weavor N, Paxson V, Staniford S, Cunningham R (2003) A taxonomy of computer worms. UC Berkeley, ICSI, Silicon Defense, MIT Lincoln Laboratory","DOI":"10.1145\/948187.948190"},{"key":"213_CR24","unstructured":"Dagon D, Gu G, Zou C, Grizzard J, Dwivedi S, Lee W, Lipton R (2006) A taxonomy of botnets. Georgia Institute of technology, University of Central Florida, Orlando, FL."},{"issue":"5","key":"213_CR25","doi-asserted-by":"crossref","first-page":"859","DOI":"10.1109\/TSMCB.2005.845032","volume":"35","author":"CS Lee","year":"2005","unstructured":"Lee CS, Jian ZW, Huang LK (2005) A fuzzy ontology and its application to news summarization. IEEE Trans Syst Man Cybern Part B 35(5):859\u2013880","journal-title":"IEEE Trans Syst Man Cybern Part B"},{"key":"213_CR26","doi-asserted-by":"crossref","unstructured":"Huang HD, Chuang TY, Tsai YL, Lee CS (2010) Ontology-based intelligent system for malware behavioral analysis. In: 2010 IEEE international conference on fuzzy systems (FUZZ 2010), 1\u20136, July, 18\u201323, Barcelona, Spain","DOI":"10.1109\/FUZZY.2010.5584325"},{"key":"213_CR27","doi-asserted-by":"crossref","unstructured":"Huang HD, Lee CS, Kao HY, Tsai YL, Chang JG (2011) Malware behavioral analysis system: TWMAN, 2011 IEEE symposium on intelligent agent (IA), Paris, France, pp 1\u20138","DOI":"10.1109\/IA.2011.5953604"},{"issue":"3","key":"213_CR28","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1016\/0951-8320(93)90060-C","volume":"40","author":"A Rauzy","year":"1993","unstructured":"Rauzy A (1993) New algorithms for fault tree analysis. Reliab Eng Syst Saf 40(3):203\u2013211","journal-title":"Reliab Eng Syst Saf"},{"key":"213_CR29","unstructured":"Kordy B, Mauw S, Radomirovic S, Schweitzer P (2010) Foundations of attack\u2013defense trees, LNCS 2010. Springer, Heidelberg. http:\/\/satoss.uni.lu\/members\/barbara\/papers\/adt.pdf . Accessed 11 March 2012"},{"key":"213_CR30","unstructured":"Wikipedia (2013) Mobile security. https:\/\/www.google.com.tw\/#q=mobile+security+WIKI . Accessed 27 Nov 2013"},{"issue":"2\u20133","key":"213_CR31","doi-asserted-by":"crossref","first-page":"203","DOI":"10.1007\/s10799-005-5880-5","volume":"6","author":"F Farahmand","year":"2005","unstructured":"Farahmand F, Navathe BS, Sharp PG, Enslow HP (2005) A management perspective on risk of security threats to information systems. Inf Technol Manag 6(2\u20133):203\u2013225","journal-title":"Inf Technol Manag"},{"issue":"1","key":"213_CR32","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1007\/s10799-010-0066-1","volume":"11","author":"T Bandyopadhyay","year":"2010","unstructured":"Bandyopadhyay T, Jacob V, Raghunathan S (2010) Information security in networked supply chains: impact of network vulnerability and supply chain integration on incentives to invest. Inf Technol Manag 11(1):7\u201323","journal-title":"Inf Technol Manag"},{"key":"213_CR33","doi-asserted-by":"crossref","unstructured":"Wang P, Chao KM, Lo CC (2013) A novel threat and risk assessment mechanism for security controls in service management. In: IEEE international conference on e-business engineering (ICEBE 2013), pp 11\u201313","DOI":"10.1109\/ICEBE.2013.52"},{"key":"213_CR34","unstructured":"Isograph (2010) AttackTree+. http:\/\/www.isograph.com\/software\/attacktree\/ . Accessed 9 Apr 2011"},{"key":"213_CR35","unstructured":"International Organization for Standardization (2008) ISO\/IEC 27005: 2008 information technology\u2014security techniques\u2014information security risk management"},{"key":"213_CR36","unstructured":"Desnos A, Androguard (2013). http:\/\/code.google.com\/p\/androguard\/wiki\/Usage . Accessed 21 May 2013"},{"issue":"3","key":"213_CR37","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1023\/A:1009748302351","volume":"1","author":"H Mannila","year":"1997","unstructured":"Mannila H, Toivonen H, Verkamo IA (1997) Discovery of frequent episodes in event sequences. Data Min Knowl Discov 1(3):259\u2013289","journal-title":"Data Min Knowl Discov"},{"key":"213_CR38","doi-asserted-by":"crossref","unstructured":"Cincotti A, Cutello V, Pappalardo F (2003) An ant algorithm for the weighted minimum hitting set problem. In: 2003 IEEE swarm intelligence symposium (SIS), pp 24\u201326","DOI":"10.1109\/SIS.2003.1202239"},{"issue":"4","key":"213_CR39","doi-asserted-by":"crossref","first-page":"263","DOI":"10.1007\/s10799-012-0136-7","volume":"13","author":"L Bulysheva","year":"2012","unstructured":"Bulysheva L, Bulyshev A (2012) Segmentation modeling algorithm: a novel algorithm in data mining. Inf Technol Manag 13(4):263\u2013271","journal-title":"Inf Technol Manag"},{"key":"213_CR40","doi-asserted-by":"publisher","DOI":"10.1007\/s10799-013-0170-0","author":"T Jacks","year":"2013","unstructured":"Jacks T, Palvia P (2013) SMeasuring value dimensions of IT occupational culture: an exploratory analysis. Inf Technol Manag. doi: 10.1007\/s10799-013-0170-0","journal-title":"Inf Technol Manag"},{"key":"213_CR41","unstructured":"Stanford University (2002) Prot\u00e9g\u00e9. http:\/\/protege.stanford.edu . Accessed 19 Oct 2011"},{"key":"213_CR42","unstructured":"Symantec (2009) Zeus: king of the bots (PDF). https:\/\/www.google.com.tw\/search?hl=zh-TW&rlz=1T4MXGB_zh-TWTW511TW512&q=King+of+the+Bots&oq=King+of+the+Bots . Accessed 27 Jan 2012"},{"key":"213_CR43","unstructured":"Stevens K, Jackson D (2010) Zeus banking Trojan report. http:\/\/www.secureworks.com\/research\/threats\/Zeus\/?threat=Zeus . Accessed 08 Oct 2011"}],"container-title":["Information Technology and Management"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10799-014-0213-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10799-014-0213-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10799-014-0213-1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10799-014-0213-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,19]],"date-time":"2019-08-19T08:10:09Z","timestamp":1566202209000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10799-014-0213-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015,1,7]]},"references-count":43,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2017,3]]}},"alternative-id":["213"],"URL":"https:\/\/doi.org\/10.1007\/s10799-014-0213-1","relation":{},"ISSN":["1385-951X","1573-7667"],"issn-type":[{"value":"1385-951X","type":"print"},{"value":"1573-7667","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015,1,7]]}}}