{"id":"https://openalex.org/W236829","doi":"https://doi.org/10.1007/978-3-642-30436-1_35","title":"Optimizing Network Patching Policy Decisions","display_name":"Optimizing Network Patching Policy Decisions","publication_year":2012,"publication_date":"2012-01-01","ids":{"openalex":"https://openalex.org/W236829","doi":"https://doi.org/10.1007/978-3-642-30436-1_35","mag":"236829"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-642-30436-1_35","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-30436-1_35","pdf_url":null,"source":{"id":"https://openalex.org/S4210175514","display_name":"IFIP International Federation for Information Processing/IFIP","issn_l":"1571-5736","issn":["1571-5736","1861-2288"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://inria.hal.science/hal-01518224","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5067929028","display_name":"Yolanta Beres","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Yolanta Beres","raw_affiliation_strings":["HP Labs, Bristol, UK"],"affiliations":[{"raw_affiliation_string":"HP Labs, Bristol, UK","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5042851788","display_name":"Jonathan Griffin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jonathan Griffin","raw_affiliation_strings":["HP Labs, Bristol, UK"],"affiliations":[{"raw_affiliation_string":"HP Labs, Bristol, UK","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5067929028"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.2163,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.76040155,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"424","last_page":"442"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9936000108718872,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/timeline","display_name":"Timeline","score":0.9266637563705444},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.7422339916229248},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.646212100982666},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.591834306716919},{"id":"https://openalex.org/keywords/function","display_name":"Function (biology)","score":0.5690705180168152},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5587385296821594},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.47310709953308105},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.470243364572525},{"id":"https://openalex.org/keywords/operations-research","display_name":"Operations research","score":0.33797386288642883},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.28795313835144043},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.17728179693222046}],"concepts":[{"id":"https://openalex.org/C4438859","wikidata":"https://www.wikidata.org/wiki/Q186117","display_name":"Timeline","level":2,"score":0.9266637563705444},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.7422339916229248},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.646212100982666},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.591834306716919},{"id":"https://openalex.org/C14036430","wikidata":"https://www.wikidata.org/wiki/Q3736076","display_name":"Function (biology)","level":2,"score":0.5690705180168152},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5587385296821594},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.47310709953308105},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.470243364572525},{"id":"https://openalex.org/C42475967","wikidata":"https://www.wikidata.org/wiki/Q194292","display_name":"Operations research","level":1,"score":0.33797386288642883},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.28795313835144043},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.17728179693222046},{"id":"https://openalex.org/C78458016","wikidata":"https://www.wikidata.org/wiki/Q840400","display_name":"Evolutionary biology","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-642-30436-1_35","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-30436-1_35","pdf_url":null,"source":{"id":"https://openalex.org/S4210175514","display_name":"IFIP International Federation for Information Processing/IFIP","issn_l":"1571-5736","issn":["1571-5736","1861-2288"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IFIP Advances in Information and Communication Technology","raw_type":"book-chapter"},{"id":"pmh:oai:HAL:hal-01518224v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01518224","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.424-442, &#x27E8;10.1007/978-3-642-30436-1_35&#x27E9;","raw_type":"Conference papers"}],"best_oa_location":{"id":"pmh:oai:HAL:hal-01518224v1","is_oa":true,"landing_page_url":"https://inria.hal.science/hal-01518224","pdf_url":null,"source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"27th Information Security and Privacy Conference (SEC), Jun 2012, Heraklion, Crete, Greece. pp.424-442, &#x27E8;10.1007/978-3-642-30436-1_35&#x27E9;","raw_type":"Conference papers"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W9592747","https://openalex.org/W42479647","https://openalex.org/W136938133","https://openalex.org/W1979820341","https://openalex.org/W2004584049","https://openalex.org/W2109914336","https://openalex.org/W2112257544","https://openalex.org/W2123059002","https://openalex.org/W2152118002","https://openalex.org/W2394809607","https://openalex.org/W2806687211","https://openalex.org/W2914692020"],"related_works":["https://openalex.org/W1858249912","https://openalex.org/W2114034199","https://openalex.org/W2317428717","https://openalex.org/W2734259032","https://openalex.org/W4385261515","https://openalex.org/W3094038556","https://openalex.org/W4296345146","https://openalex.org/W2014772881","https://openalex.org/W4254228154","https://openalex.org/W3049477255"],"abstract_inverted_index":{"Patch":[0],"management":[1],"of":[2,13,57,73,100,176],"networks":[3],"is":[4,107],"essential":[5],"to":[6,44,68,108,114,190],"mitigate":[7],"the":[8,11,31,45,55,71,87,105,110,115,148,168,184,192,205],"risks":[9],"from":[10,76,117,132,139,167],"exploitation":[12],"vulnerabilities":[14],"through":[15],"malware":[16],"and":[17,79,138,160,201],"other":[18],"attacks,":[19],"but":[20,62],"by":[21,135,143],"setting":[22],"too":[23],"rigorous":[24],"a":[25,122,156,174],"patching":[26,93,137,152,194],"policy":[27,90],"for":[28,39,173],"network":[29],"devices":[30],"IT":[32,40,88],"security":[33,89],"team":[34],"can":[35,95],"also":[36],"create":[37],"burdens":[38],"operations":[41],"or":[42],"disruptions":[43,171],"business.":[46],"Different":[47],"patch":[48,177],"deployment":[49,178],"timelines":[50,94,195],"could":[51],"be":[52,65,96],"adopted":[53],"with":[54,183],"aim":[56,106],"reducing":[58],"this":[59,82],"operational":[60],"cost,":[61],"care":[63],"must":[64],"taken":[66],"not":[67],"substantially":[69],"increase":[70],"risk":[72,207],"emergency":[74,144],"disruption":[75,133,141],"potential":[77],"exploits":[78],"attacks.":[80],"In":[81],"paper":[83],"we":[84,154],"explore":[85,147],"how":[86],"choices":[91],"regarding":[92],"made":[97],"in":[98,103],"terms":[99],"economically-based":[101],"decisions,":[102],"which":[104],"minimize":[109],"expected":[111,140],"overall":[112],"costs":[113,130],"organization":[116],"patching-related":[118],"activity.":[119],"We":[120],"introduce":[121],"simple":[123],"cost":[124,185],"function":[125,186],"that":[126],"takes":[127],"into":[128,203],"account":[129,204],"incurred":[131],"caused":[134,142,172],"planned":[136],"patching.":[145],"To":[146],"outcomes":[149],"under":[150,196],"different":[151,197],"policies":[153],"apply":[155],"systems":[157],"modelling":[158],"approach":[159],"Monte":[161],"Carlo":[162],"style":[163],"simulations.":[164],"The":[165],"results":[166,181],"simulations":[169],"show":[170],"range":[175],"timelines.":[179],"These":[180],"together":[182],"are":[187],"then":[188],"used":[189],"identify":[191],"optimal":[193],"threat":[198],"environment":[199],"conditions":[200],"taking":[202],"organization\u2019s":[206],"tolerance.":[208]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2025-10-10T00:00:00"}