{"id":"https://openalex.org/W59800629","doi":"https://doi.org/10.1007/978-3-642-00199-4_8","title":"Report: Measuring the Attack Surfaces of Enterprise Software","display_name":"Report: Measuring the Attack Surfaces of Enterprise Software","publication_year":2009,"publication_date":"2009-01-01","ids":{"openalex":"https://openalex.org/W59800629","doi":"https://doi.org/10.1007/978-3-642-00199-4_8","mag":"59800629"},"language":"en","primary_location":{"id":"doi:10.1007/978-3-642-00199-4_8","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-00199-4_8","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5058488385","display_name":"Pratyusa K. Manadhata","orcid":null},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Pratyusa K. Manadhata","raw_affiliation_strings":["Carnegie Mellon Univeristy, Pittsburgh, PA, USA"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon Univeristy, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5069596215","display_name":"Yuecel Karabulut","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yuecel Karabulut","raw_affiliation_strings":["SAP Research, Palo Alto, CA, USA"],"affiliations":[{"raw_affiliation_string":"SAP Research, Palo Alto, CA, USA","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5109185793","display_name":"Jeannette M. Wing","orcid":"https://orcid.org/0000-0002-1013-1990"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jeannette M. Wing","raw_affiliation_strings":["Carnegie Mellon Univeristy, Pittsburgh, PA, USA"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon Univeristy, Pittsburgh, PA, USA","institution_ids":["https://openalex.org/I74973139"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5058488385"],"corresponding_institution_ids":["https://openalex.org/I74973139"],"apc_list":{"value":5000,"currency":"EUR","value_usd":5392},"apc_paid":null,"fwci":2.2806,"has_fulltext":false,"cited_by_count":16,"citation_normalized_percentile":{"value":0.87091168,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"91","last_page":"100"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9930999875068665,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9905999898910522,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7821656465530396},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.6578490734100342},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6001256704330444},{"id":"https://openalex.org/keywords/eclipse","display_name":"Eclipse","score":0.5836752653121948},{"id":"https://openalex.org/keywords/backporting","display_name":"Backporting","score":0.5790573358535767},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5208200216293335},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.5128174424171448},{"id":"https://openalex.org/keywords/software-quality","display_name":"Software quality","score":0.5079672932624817},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.5013222694396973},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.49091655015945435},{"id":"https://openalex.org/keywords/verification-and-validation","display_name":"Verification and validation","score":0.48713037371635437},{"id":"https://openalex.org/keywords/plug-in","display_name":"Plug-in","score":0.4787684977054596},{"id":"https://openalex.org/keywords/software-system","display_name":"Software system","score":0.47818854451179504},{"id":"https://openalex.org/keywords/software-sizing","display_name":"Software sizing","score":0.4568231701850891},{"id":"https://openalex.org/keywords/java","display_name":"Java","score":0.41668444871902466},{"id":"https://openalex.org/keywords/software-measurement","display_name":"Software measurement","score":0.4112609624862671},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.30617624521255493},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2502370774745941},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.11344581842422485},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.10184356570243835},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.06347149610519409}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7821656465530396},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.6578490734100342},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6001256704330444},{"id":"https://openalex.org/C2778505590","wikidata":"https://www.wikidata.org/wiki/Q141022","display_name":"Eclipse","level":2,"score":0.5836752653121948},{"id":"https://openalex.org/C21491501","wikidata":"https://www.wikidata.org/wiki/Q430253","display_name":"Backporting","level":5,"score":0.5790573358535767},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5208200216293335},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.5128174424171448},{"id":"https://openalex.org/C117447612","wikidata":"https://www.wikidata.org/wiki/Q1412670","display_name":"Software quality","level":4,"score":0.5079672932624817},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.5013222694396973},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.49091655015945435},{"id":"https://openalex.org/C48002344","wikidata":"https://www.wikidata.org/wiki/Q2919644","display_name":"Verification and validation","level":2,"score":0.48713037371635437},{"id":"https://openalex.org/C4924752","wikidata":"https://www.wikidata.org/wiki/Q184148","display_name":"Plug-in","level":2,"score":0.4787684977054596},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.47818854451179504},{"id":"https://openalex.org/C201515116","wikidata":"https://www.wikidata.org/wiki/Q7554363","display_name":"Software sizing","level":5,"score":0.4568231701850891},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.41668444871902466},{"id":"https://openalex.org/C89567784","wikidata":"https://www.wikidata.org/wiki/Q7554325","display_name":"Software measurement","level":5,"score":0.4112609624862671},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.30617624521255493},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2502370774745941},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.11344581842422485},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.10184356570243835},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.06347149610519409},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C1276947","wikidata":"https://www.wikidata.org/wiki/Q333","display_name":"Astronomy","level":1,"score":0.0},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1007/978-3-642-00199-4_8","is_oa":false,"landing_page_url":"https://doi.org/10.1007/978-3-642-00199-4_8","pdf_url":null,"source":{"id":"https://openalex.org/S106296714","display_name":"Lecture notes in computer science","issn_l":"0302-9743","issn":["0302-9743","1611-3349"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"book series"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Lecture Notes in Computer Science","raw_type":"book-chapter"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.141.6444","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.141.6444","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.cs.cmu.edu/~wing/publications/ManadhataKarabulutWing08.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.5400000214576721}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W299675352","https://openalex.org/W1584602698","https://openalex.org/W1587970460","https://openalex.org/W2144459403","https://openalex.org/W4254402789"],"related_works":["https://openalex.org/W2387089893","https://openalex.org/W3016442572","https://openalex.org/W2589805430","https://openalex.org/W2798385000","https://openalex.org/W2359534713","https://openalex.org/W2609860947","https://openalex.org/W2325578905","https://openalex.org/W2945638654","https://openalex.org/W1600817782","https://openalex.org/W2056894504"],"abstract_inverted_index":null,"counts_by_year":[{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":3},{"year":2018,"cited_by_count":2},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1},{"year":2014,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}