{"id":"https://openalex.org/W3194305383","doi":"https://doi.org/10.1145/3465481.3470475","title":"Integrating Security Behavior into Attack Simulations","display_name":"Integrating Security Behavior into Attack Simulations","publication_year":2021,"publication_date":"2021-08-16","ids":{"openalex":"https://openalex.org/W3194305383","doi":"https://doi.org/10.1145/3465481.3470475","mag":"3194305383"},"language":"en","primary_location":{"id":"doi:10.1145/3465481.3470475","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3465481.3470475","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-300454","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5072907647","display_name":"Simon Hacks","orcid":"https://orcid.org/0000-0003-0478-9347"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Simon Hacks","raw_affiliation_strings":["KTH Royal Institute of Technology, SE"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"KTH Royal Institute of Technology, SE","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5060274685","display_name":"\u0130smail B\u00fct\u00fcn","orcid":"https://orcid.org/0000-0002-1723-5741"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Ismail Butun","raw_affiliation_strings":["KTH Royal Institute of Technology, SE"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"KTH Royal Institute of Technology, SE","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5038692098","display_name":"Robert Lagerstr\u00f6m","orcid":"https://orcid.org/0000-0003-3089-3885"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Robert Lagerstr\u00f6m","raw_affiliation_strings":["KTH Royal Institute of Technology, SE"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"KTH Royal Institute of Technology, SE","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037726227","display_name":"Andrei Buhaiu","orcid":null},"institutions":[{"id":"https://openalex.org/I101466613","display_name":"Swedish Defence University","ror":"https://ror.org/04mj8af82","country_code":"SE","type":"education","lineage":["https://openalex.org/I101466613"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Andrei Buhaiu","raw_affiliation_strings":["Swedish Defence University, SE"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Swedish Defence University, SE","institution_ids":["https://openalex.org/I101466613"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025488036","display_name":"Anna Georgiadou","orcid":"https://orcid.org/0000-0002-0078-6969"},"institutions":[{"id":"https://openalex.org/I174458059","display_name":"National Technical University of Athens","ror":"https://ror.org/03cx6bg69","country_code":"GR","type":"education","lineage":["https://openalex.org/I174458059"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Anna Georgiadou","raw_affiliation_strings":["National Technical University of Athens, GR"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Technical University of Athens, GR","institution_ids":["https://openalex.org/I174458059"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5070773155","display_name":"Ariadni Michalitsi-Psarrou","orcid":"https://orcid.org/0000-0003-0792-8568"},"institutions":[{"id":"https://openalex.org/I174458059","display_name":"National Technical University of Athens","ror":"https://ror.org/03cx6bg69","country_code":"GR","type":"education","lineage":["https://openalex.org/I174458059"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Ariadni Michalitsi Psarrou","raw_affiliation_strings":["National Technical University of Athens, GR"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"National Technical University of Athens, GR","institution_ids":["https://openalex.org/I174458059"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.9915,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.89122231,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"13"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.8081729412078857},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6992505788803101},{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.6008961796760559},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.5921079516410828},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.5244348645210266},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.47820591926574707},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4319697916507721},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.4244024455547333},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3231145441532135},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.09327691793441772}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.8081729412078857},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6992505788803101},{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.6008961796760559},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.5921079516410828},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.5244348645210266},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.47820591926574707},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4319697916507721},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.4244024455547333},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3231145441532135},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.09327691793441772},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3465481.3470475","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3465481.3470475","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 16th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:DiVA.org:kth-300454","is_oa":true,"landing_page_url":"http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-300454","pdf_url":null,"source":{"id":"https://openalex.org/S4306401559","display_name":"KTH Publication Database DiVA (KTH Royal Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference paper"}],"best_oa_location":{"id":"pmh:oai:DiVA.org:kth-300454","is_oa":true,"landing_page_url":"http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-300454","pdf_url":null,"source":{"id":"https://openalex.org/S4306401559","display_name":"KTH Publication Database DiVA (KTH Royal Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference paper"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4937468798","display_name":null,"funder_award_id":"H2020","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"},{"id":"https://openalex.org/G5389254508","display_name":null,"funder_award_id":"832907","funder_id":"https://openalex.org/F4320332999","funder_display_name":"Horizon 2020 Framework Programme"},{"id":"https://openalex.org/G8447366620","display_name":null,"funder_award_id":"832907","funder_id":"https://openalex.org/F4320320300","funder_display_name":"European Commission"}],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320332999","display_name":"Horizon 2020 Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":59,"referenced_works":["https://openalex.org/W1578929691","https://openalex.org/W1654306951","https://openalex.org/W1903013269","https://openalex.org/W1941007816","https://openalex.org/W1964088509","https://openalex.org/W1965473535","https://openalex.org/W1989210507","https://openalex.org/W2000256107","https://openalex.org/W2009730797","https://openalex.org/W2010219174","https://openalex.org/W2024488177","https://openalex.org/W2037454480","https://openalex.org/W2038651258","https://openalex.org/W2042708274","https://openalex.org/W2046426195","https://openalex.org/W2056847254","https://openalex.org/W2065109455","https://openalex.org/W2081526168","https://openalex.org/W2089527867","https://openalex.org/W2095019315","https://openalex.org/W2095165925","https://openalex.org/W2102578156","https://openalex.org/W2109706498","https://openalex.org/W2133187249","https://openalex.org/W2155202145","https://openalex.org/W2174850379","https://openalex.org/W2467610291","https://openalex.org/W2479527914","https://openalex.org/W2495404006","https://openalex.org/W2495611832","https://openalex.org/W2585206336","https://openalex.org/W2784054170","https://openalex.org/W2789825598","https://openalex.org/W2808844959","https://openalex.org/W2898350078","https://openalex.org/W2906268933","https://openalex.org/W2907611437","https://openalex.org/W2914662937","https://openalex.org/W2981219636","https://openalex.org/W2990806790","https://openalex.org/W2996772696","https://openalex.org/W2997828523","https://openalex.org/W3006249124","https://openalex.org/W3011422375","https://openalex.org/W3013385581","https://openalex.org/W3019933808","https://openalex.org/W3033923639","https://openalex.org/W3040353697","https://openalex.org/W3107766616","https://openalex.org/W3110276721","https://openalex.org/W3128018419","https://openalex.org/W3128518894","https://openalex.org/W3131092307","https://openalex.org/W3159239323","https://openalex.org/W3162974214","https://openalex.org/W3190695173","https://openalex.org/W4235641773","https://openalex.org/W4240739110","https://openalex.org/W4244216206"],"related_works":["https://openalex.org/W2976616124","https://openalex.org/W3189065608","https://openalex.org/W2165898552","https://openalex.org/W2299494954","https://openalex.org/W2164920192","https://openalex.org/W2345270111","https://openalex.org/W2940646603","https://openalex.org/W2605865535","https://openalex.org/W1811024770","https://openalex.org/W896362041"],"abstract_inverted_index":{"The":[0],"increase":[1],"of":[2,32,39,49,69],"cyber-attacks":[3],"raised":[4],"security":[5,24],"concerns":[6],"for":[7,53,126],"critical":[8],"assets":[9],"worldwide":[10],"in":[11,44,81,118],"the":[12,22,30,50,59,67,75,89,93,114,121],"last":[13],"decade.":[14],"Leading":[15],"to":[16,137],"more":[17],"efforts":[18],"spent":[19],"towards":[20],"increasing":[21],"cyber":[23,34],"among":[25],"companies":[26],"and":[27,37],"countries.":[28],"For":[29,97],"sake":[31],"enhancing":[33],"security,":[35],"representation":[36],"testing":[38],"attacks":[40,55],"have":[41],"prime":[42],"importance":[43],"understanding":[45,74,104],"system":[46,106],"vulnerabilities.":[47],"One":[48],"available":[51],"tools":[52],"simulating":[54],"on":[56],"systems":[57],"is":[58,78,88],"Meta":[60],"Attack":[61],"Language":[62],"(MAL),":[63],"which":[64,91,105],"allows":[65],"representing":[66],"effects":[68],"certain":[70],"cyber-attacks.":[71],"However,":[72],"only":[73],"component":[76],"vulnerabilities":[77],"not":[79],"enough":[80],"securing":[82],"enterprise":[83],"systems.":[84],"Another":[85],"important":[86],"factor":[87],"\u2018human\u2018,":[90],"constitutes":[92],"biggest":[94],"\u2018insider":[95],"threat\u2018.":[96],"this,":[98],"Security":[99],"Behavior":[100],"Analysis":[101],"(SBA)":[102],"helps":[103],"components":[107],"that":[108],"might":[109],"be":[110],"directly":[111],"affected":[112],"by":[113,134],"\u2018human\u2018.":[115],"As":[116],"such,":[117],"this":[119],"work,":[120],"authors":[122],"present":[123],"an":[124],"approach":[125],"integrating":[127],"user":[128],"actions,":[129],"so":[130],"called":[131],"\u201csecurity":[132],"behavior\u201d,":[133],"mapping":[135],"SBA":[136],"a":[138],"MAL-based":[139],"language":[140],"through":[141],"MITRE":[142],"ATT&CK":[143],"techniques.":[144]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}