{"id":"https://openalex.org/W4413849401","doi":"https://doi.org/10.1007/978-3-031-94458-1_17","title":"Assessing and\u00a0Prioritizing Ransomware Risk Based on\u00a0Historical Victim Data","display_name":"Assessing and\u00a0Prioritizing Ransomware Risk Based on\u00a0Historical Victim Data","publication_year":2025,"publication_date":"2025-08-30","ids":{"openalex":"https://openalex.org/W4413849401","doi":"https://doi.org/10.1007/978-3-031-94458-1_17"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-031-94458-1_17","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-031-94458-1_17","pdf_url":null,"source":{"id":"https://openalex.org/S4393917809","display_name":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","issn_l":"1867-8211","issn":["1867-8211","1867-822X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://doi.org/10.1007/978-3-031-94458-1_17","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5115905029","display_name":"Spencer Massengale","orcid":"https://orcid.org/0009-0003-3483-1697"},"institutions":[{"id":"https://openalex.org/I102401767","display_name":"University of Arkansas at Little Rock","ror":"https://ror.org/04fttyv97","country_code":"US","type":"education","lineage":["https://openalex.org/I102401767"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Spencer Massengale","raw_affiliation_strings":["University of Arkansas at Little Rock, Little Rock, AR, USA"],"affiliations":[{"raw_affiliation_string":"University of Arkansas at Little Rock, Little Rock, AR, USA","institution_ids":["https://openalex.org/I102401767"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5009392352","display_name":"Philip Huff","orcid":"https://orcid.org/0000-0003-0869-2147"},"institutions":[{"id":"https://openalex.org/I102401767","display_name":"University of Arkansas at Little Rock","ror":"https://ror.org/04fttyv97","country_code":"US","type":"education","lineage":["https://openalex.org/I102401767"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Philip Huff","raw_affiliation_strings":["University of Arkansas at Little Rock, Little Rock, AR, USA"],"affiliations":[{"raw_affiliation_string":"University of Arkansas at Little Rock, Little Rock, AR, USA","institution_ids":["https://openalex.org/I102401767"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5115905029"],"corresponding_institution_ids":["https://openalex.org/I102401767"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.66696152,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"351","last_page":"369"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ransomware","display_name":"Ransomware","score":0.7885230779647827},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.4018833339214325},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.37025654315948486},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.34562361240386963},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.25979411602020264},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.14207977056503296}],"concepts":[{"id":"https://openalex.org/C2777667771","wikidata":"https://www.wikidata.org/wiki/Q926331","display_name":"Ransomware","level":3,"score":0.7885230779647827},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.4018833339214325},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.37025654315948486},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.34562361240386963},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.25979411602020264},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.14207977056503296}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/978-3-031-94458-1_17","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-031-94458-1_17","pdf_url":null,"source":{"id":"https://openalex.org/S4393917809","display_name":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","issn_l":"1867-8211","issn":["1867-8211","1867-822X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","raw_type":"book-chapter"}],"best_oa_location":{"id":"doi:10.1007/978-3-031-94458-1_17","is_oa":true,"landing_page_url":"https://doi.org/10.1007/978-3-031-94458-1_17","pdf_url":null,"source":{"id":"https://openalex.org/S4393917809","display_name":"Lecture notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","issn_l":"1867-8211","issn":["1867-8211","1867-822X"],"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-nc","license_id":"https://openalex.org/licenses/cc-by-nc","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","raw_type":"book-chapter"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/5","display_name":"Gender equality","score":0.5199999809265137}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2017179611","https://openalex.org/W2771963642","https://openalex.org/W2799620259","https://openalex.org/W2907086310","https://openalex.org/W2964522977","https://openalex.org/W3009066821","https://openalex.org/W3203444100","https://openalex.org/W4205199446","https://openalex.org/W4224312479","https://openalex.org/W4280631595","https://openalex.org/W4293077671","https://openalex.org/W4307562124","https://openalex.org/W4310931642","https://openalex.org/W4311496609","https://openalex.org/W4322154771","https://openalex.org/W4385575191","https://openalex.org/W4387298166","https://openalex.org/W4394897999"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W3201228709","https://openalex.org/W2922354075","https://openalex.org/W4389157351","https://openalex.org/W4232561318","https://openalex.org/W3202245533","https://openalex.org/W4253977752","https://openalex.org/W2942879794"],"abstract_inverted_index":{"We":[0,118],"present":[1],"an":[2,109],"approach":[3],"to":[4,12,90,104,134],"identifying":[5],"which":[6],"ransomware":[7,76,85,102,116,146,193],"adversaries":[8],"are":[9],"most":[10,58,208],"likely":[11,209],"target":[13],"specific":[14,115],"entities,":[15],"thereby":[16],"assisting":[17],"these":[18],"entities":[19],"in":[20,64,78,84,180,191],"formulating":[21,196],"better":[22],"protection":[23],"strategies.":[24],"Ransomware":[25],"poses":[26],"a":[27,35,61,114,120,128,167,184],"formidable":[28],"cybersecurity":[29],"threat":[30,148],"characterized":[31],"by":[32,113,166],"profit-driven":[33],"motives,":[34],"complex":[36],"underlying":[37],"economy":[38],"supporting":[39],"criminal":[40],"syndicates,":[41],"and":[42,142,150,162,195,203],"the":[43,57,106,181,200,207],"overt":[44],"nature":[45],"of":[46,51,73,108,183,206],"its":[47],"attacks.":[48],"This":[49,153],"type":[50],"malware":[52],"has":[53],"consistently":[54],"ranked":[55],"among":[56],"prevalent,":[59],"with":[60,157],"rapid":[62],"escalation":[63],"activity":[65],"observed.":[66],"Recent":[67],"estimates":[68],"indicate":[69],"that":[70,126,173,188],"approximately":[71],"two-thirds":[72],"organizations":[74,190],"experienced":[75],"attacks":[77,89],"2023":[79],"[1].":[80],"A":[81],"central":[82],"tactic":[83],"campaigns":[86],"is":[87,155,163],"publicizing":[88],"coerce":[91],"victims":[92,103],"into":[93],"paying":[94],"ransoms.":[95],"Our":[96,177],"study":[97],"utilizes":[98],"public":[99],"disclosures":[100],"from":[101,145],"predict":[105],"likelihood":[107],"entity":[110],"being":[111],"targeted":[112],"variant.":[117],"employ":[119],"Large":[121],"Language":[122],"Model":[123],"(LLM)":[124],"architecture":[125],"uses":[127],"unique":[129],"chain-of-thought,":[130],"multi-shot":[131],"prompt":[132],"methodology":[133],"define":[135],"adversary":[136],"SKRAM":[137],"(Skills,":[138],"Knowledge,":[139],"Resources,":[140],"Authorities,":[141],"Motivation)":[143],"profiles":[144],"bulletins,":[147],"reports,":[149],"news":[151],"items.":[152],"analysis":[154],"enriched":[156],"publicly":[158],"available":[159],"victim":[160,175],"data":[161,172],"further":[164],"enhanced":[165],"heuristic":[168],"for":[169],"generating":[170],"synthetic":[171],"reflects":[174],"profiles.":[176],"work":[178],"culminates":[179],"development":[182],"machine":[185],"learning":[186],"model":[187],"assists":[189],"prioritizing":[192],"threats":[194],"defenses":[197],"based":[198],"on":[199],"tactics,":[201],"techniques,":[202],"procedures":[204],"(TTP)":[205],"attackers.":[210]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}