{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,15]],"date-time":"2026-03-15T22:58:17Z","timestamp":1773615497873,"version":"3.50.1"},"reference-count":27,"publisher":"Allerton Press","issue":"8","license":[{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2019,12,1]],"date-time":"2019-12-01T00:00:00Z","timestamp":1575158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Aut. Control Comp. Sci."],"published-print":{"date-parts":[[2019,12]]},"DOI":"10.3103\/s014641161908008x","type":"journal-article","created":{"date-parts":[[2020,3,4]],"date-time":"2020-03-04T09:03:07Z","timestamp":1583312587000},"page":"1029-1037","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Detection of Weaknesses in Information Systems for Automatic Selection of Security Actions"],"prefix":"10.3103","volume":"53","author":[{"given":"E. V.","family":"Doynikova","sequence":"first","affiliation":[]},{"given":"A. V.","family":"Fedorchenko","sequence":"additional","affiliation":[]},{"given":"I. V.","family":"Kotenko","sequence":"additional","affiliation":[]}],"member":"1627","published-online":{"date-parts":[[2020,3,4]]},"reference":[{"key":"7215_CR1","first-page":"74","volume":"41","author":"I.V. Kotenko","year":"2009","unstructured":"Kotenko, I.V., Intelligent cybersecurity management mechanisms, Tr. Inst. Sist. Anal. Ross. Akad. Nauk, 2009, vol. 41, pp. 74\u2013103.","journal-title":"Tr. Inst. Sist. Anal. Ross. Akad. Nauk"},{"key":"7215_CR2","doi-asserted-by":"crossref","unstructured":"Kotenko, I.V. and Saenko, I.B., The architecture of the system of intelligent information protection services in critical infrastructures, Tr. S.-Peterb. Inst. Inf. Avtom. Ross. Akad., 2013, no. 1, pp. 21\u201340.","DOI":"10.15622\/sp.24.2"},{"key":"7215_CR3","doi-asserted-by":"crossref","unstructured":"Zegzhda, P., Zegzhda, D., Kalinin, M., Pechenkin, A., Minin, A., and Lavrova, D., Safe integration of SIEM systems with Internet of Things: Data aggregation, integrity control, and bioinspired safe routing, 9th International Conference on Security of Information and Networks, 2016, pp. 81\u201387.","DOI":"10.1145\/2947626.2947639"},{"key":"7215_CR4","doi-asserted-by":"publisher","first-page":"673","DOI":"10.3103\/S0146411616080125","volume":"50","author":"D.S. Lavrova","year":"2016","unstructured":"Lavrova, D.S., An approach to developing the SIEM system for the Internet of Things, Autom. Control Comput. Sci., 2016, vol. 50, no. 8, pp. 673\u2013681.","journal-title":"Autom. Control Comput. Sci."},{"key":"7215_CR5","unstructured":"Lavrova, D.S. and Pechenkin, A.I., Detecting security incidents in the Internet of Things, Probl. Inf. Bezop., Komp\u2019yut. Sist., 2015, no. 2, pp. 69\u201379."},{"key":"7215_CR6","doi-asserted-by":"publisher","first-page":"1090","DOI":"10.3103\/S0146411618080254","volume":"52","author":"Yu.S. Vasil'ev","year":"2018","unstructured":"Vasil'ev, Yu.S., Zegzhda, D.P., and Poltavtseva, M.A., Problems of security in digital production and its resistance to cyber threats, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 1090\u20131100.","journal-title":"Autom. Control Comput. Sci."},{"key":"7215_CR7","doi-asserted-by":"publisher","first-page":"945","DOI":"10.3103\/S0146411618080230","volume":"52","author":"S.I. Shterenberg","year":"2018","unstructured":"Shterenberg, S.I. and Poltavtseva, M.A., A distributed intrusion detection system with protection from an internal intruder, Autom. Control Comput. Sci., 2018, vol. 52, no. 8, pp. 945\u2013953.","journal-title":"Autom. Control Comput. Sci."},{"key":"#cr-split#-7215_CR8.1","doi-asserted-by":"crossref","unstructured":"Doynikova, E. and Kotenko, I., Countermeasure selection based on the attack and service dependency graphs for security incident management, 10th International Conference on Risks and Security of Internet and Systems: CRiSIS 2015, Lambrinoudakis, C. and Gabillon, A., Eds.","DOI":"10.1007\/978-3-319-31811-0_7"},{"key":"#cr-split#-7215_CR8.2","unstructured":"Lect. Notes Comput. Sci., 2016, vol. 9572, pp. 107-124."},{"key":"7215_CR9","unstructured":"Common Vulnerability Scoring System (CVSS) official website. https:\/\/www.first.org\/cvss. Accessed June 8, 2017."},{"key":"7215_CR10","doi-asserted-by":"crossref","unstructured":"Doinikova, E.V. and Kotenko, I.V., Improving attack graphs for monitoring cybersecurity: Handling inaccuracies, processing loops, displaying incidents, and automatically selecting defensive measures, Tr. S.-Peterb. Inst. Inf. Avtom. Ross. Akad., 2018, no. 57, pp. 211\u2013240.","DOI":"10.15622\/sp.57.9"},{"key":"7215_CR11","doi-asserted-by":"crossref","unstructured":"Wu, B. and Wang, A.J.A., EVMAT: An OVAL and NVD based enterprise vulnerability modeling and assessment tool, Proceedings of the 49th Annual Southeast Regional Conference, 2011.","DOI":"10.1145\/2016039.2016074"},{"key":"7215_CR12","unstructured":"Kotenko, I.V., Doinikova, E.V., and Chechulin, A.A., General listing and classification of attack patterns (CAPEC): Description and application examples, Zashch. Inf., Insaid, 2012, no. 4, pp. 54\u201366."},{"key":"7215_CR13","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1109\/MITP.2011.11","volume":"13","author":"S. Radack","year":"2011","unstructured":"Radack, S. and Kuhn, D.R., Managing security: The security content automation protocol, IT Prof., 2011, vol.\u00a013, no. 1, pp. 9\u201311. https:\/\/doi.org\/10.1109\/MITP.2011.11","journal-title":"IT Prof."},{"key":"7215_CR14","unstructured":"FISMA Background. NIST official website. https:\/\/csrc.nist.gov\/projects\/risk-management\/detailed-overview. Accessed June 8, 2017."},{"key":"7215_CR15","unstructured":"Payment Card Industry (PCI) Data Security Standard. Requirements and Security Assessment Procedures Version 3. 2016. PCI Security Standards Council, LLC."},{"key":"7215_CR16","unstructured":"Nessus vulnerability scanner. Tenable. https:\/\/www.tenable.com\/products\/nessus\/nessus-professional. Accessed June 8, 2017."},{"key":"7215_CR17","unstructured":"Digital Bond. https:\/\/www.digitalbond.com\/scadapedia\/standards\/common-attack-pattern-enumerationand-classification-capec\/. Accessed June 8, 2017."},{"key":"7215_CR18","doi-asserted-by":"crossref","unstructured":"Pauli, J.J. and Engebretson, P.H., Towards a specification prototype for hierarchy-driven attack patterns, Fifth International Conference on Information Technology: New Generations, 2008.","DOI":"10.1109\/ITNG.2008.23"},{"key":"7215_CR19","doi-asserted-by":"publisher","first-page":"5","DOI":"10.14257\/astl.2015.93.02","volume":"93","author":"Y. Son","year":"2015","unstructured":"Son, Y., Lee, Y., and Oh, S., A software weakness analysis technique for secure software, Adv. Sci. Technol. Lett., 2015, vol. 93, pp. 5\u20138.","journal-title":"Adv. Sci. Technol. Lett."},{"key":"7215_CR20","first-page":"505","volume":"4","author":"M.M. Gamal","year":"2011","unstructured":"Gamal, M.M., Hasan, D., and Hegazy, A.F., A security analysis framework powered by an expert system, Int. J. Comput. Sci. Secur., 2011, vol. 4, no. 6, pp. 505\u2013526.","journal-title":"Int. J. Comput. Sci. Secur."},{"key":"7215_CR21","doi-asserted-by":"crossref","unstructured":"Zegzhda, D., Zegzhda, P., Pechenkin, A., and Poltavtseva, M., Modeling of information systems to their security evaluation, SIN '17 Proceedings of the 10th International Conference on Security of Information and Networks, Jaipur, 2017, pp. 295\u2013298.","DOI":"10.1145\/3136825.3136857"},{"key":"7215_CR22","first-page":"38","volume":"36","author":"A. Tripathi","year":"2011","unstructured":"Tripathi, A. and Singh, U.K., Analyzing trends in vulnerability classes across CVSS metrics, Int. J. Comput. Appl., 2011, vol. 36, no. 3, pp. 38\u201344.","journal-title":"Int. J. Comput. Appl."},{"key":"7215_CR23","unstructured":"Tripathi, A. and Singh, U.K., Taxonomic analysis of classification schemes in vulnerability databases, 6th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), 2012."},{"key":"7215_CR24","unstructured":"Tripathi, A. and Singh, U.K., On prioritization of vulnerability categories based on CVSS scores, 6th International Conference on Computer Sciences and Convergence Information Technology (ICCIT), 2011."},{"key":"7215_CR25","doi-asserted-by":"crossref","unstructured":"Wang, J.A. and Guo, M., Vulnerability categorization using Bayesian networks, Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research, 2010.","DOI":"10.1145\/1852666.1852699"},{"key":"7215_CR26","doi-asserted-by":"crossref","unstructured":"Gonzalez-Granadillo, G., Doynikova, E., Kotenko, I., and Garcia-Alfaro, J., Attack graph-based countermeasure selection using a stateful return on investment metric, The 10th International Symposium on Foundations & Practice of Security (FPS 2017), 2017.","DOI":"10.1007\/978-3-319-75650-9_19"}],"container-title":["Automatic Control and Computer Sciences"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.3103\/S014641161908008X.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.3103\/S014641161908008X","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.3103\/S014641161908008X.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,3,15]],"date-time":"2026-03-15T22:00:42Z","timestamp":1773612042000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.3103\/S014641161908008X"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,12]]},"references-count":27,"journal-issue":{"issue":"8","published-print":{"date-parts":[[2019,12]]}},"alternative-id":["7215"],"URL":"https:\/\/doi.org\/10.3103\/s014641161908008x","relation":{},"ISSN":["0146-4116","1558-108X"],"issn-type":[{"value":"0146-4116","type":"print"},{"value":"1558-108X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,12]]},"assertion":[{"value":"4 July 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 October 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"12 October 2018","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 March 2020","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"The authors declare that they have no conflicts of interest.","order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"CONFLICT OF INTEREST"}}]}}