{"id":"https://openalex.org/W2051968851","doi":"https://doi.org/10.1109/cns.2014.6997517","title":"Manipulating the attacker's view of a system's attack surface","display_name":"Manipulating the attacker's view of a system's attack surface","publication_year":2014,"publication_date":"2014-10-01","ids":{"openalex":"https://openalex.org/W2051968851","doi":"https://doi.org/10.1109/cns.2014.6997517","mag":"2051968851"},"language":"en","primary_location":{"id":"doi:10.1109/cns.2014.6997517","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns.2014.6997517","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 IEEE Conference on Communications and Network Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066709657","display_name":"Massimiliano Albanese","orcid":"https://orcid.org/0000-0002-2675-5810"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Massimiliano Albanese","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","Center for Secure Information Systems, George Mason University, Fairfax, VA 22030, USA"],"affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA 22030, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058023263","display_name":"Ermanno Battista","orcid":null},"institutions":[{"id":"https://openalex.org/I71267560","display_name":"University of Naples Federico II","ror":"https://ror.org/05290cv24","country_code":"IT","type":"education","lineage":["https://openalex.org/I71267560"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Ermanno Battista","raw_affiliation_strings":["Department of Electrical Engineering and Information Technology, University of Naples Federico II, Naples, NA, Italy","Department of Electrical Engineering and Information Technology, University of Naples Federico II, NA 80125, Italy"],"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Information Technology, University of Naples Federico II, Naples, NA, Italy","institution_ids":["https://openalex.org/I71267560"]},{"raw_affiliation_string":"Department of Electrical Engineering and Information Technology, University of Naples Federico II, NA 80125, Italy","institution_ids":["https://openalex.org/I71267560"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010727123","display_name":"Sushil Jajodia","orcid":"https://orcid.org/0000-0003-3210-558X"},"institutions":[{"id":"https://openalex.org/I162714631","display_name":"George Mason University","ror":"https://ror.org/02jqj7156","country_code":"US","type":"education","lineage":["https://openalex.org/I162714631"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Sushil Jajodia","raw_affiliation_strings":["Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","Center for Secure Information Systems, George Mason University, Fairfax, VA 22030, USA"],"affiliations":[{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA, USA","institution_ids":["https://openalex.org/I162714631"]},{"raw_affiliation_string":"Center for Secure Information Systems, George Mason University, Fairfax, VA 22030, USA","institution_ids":["https://openalex.org/I162714631"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5012994834","display_name":"Valentina Casola","orcid":"https://orcid.org/0000-0003-0964-7014"},"institutions":[{"id":"https://openalex.org/I71267560","display_name":"University of Naples Federico II","ror":"https://ror.org/05290cv24","country_code":"IT","type":"education","lineage":["https://openalex.org/I71267560"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Valentina Casola","raw_affiliation_strings":["Department of Electrical Engineering and Information Technology, University of Naples Federico II, Naples, NA, Italy","Department of Electrical Engineering and Information Technology, University of Naples Federico II, NA 80125, Italy"],"affiliations":[{"raw_affiliation_string":"Department of Electrical Engineering and Information Technology, University of Naples Federico II, Naples, NA, Italy","institution_ids":["https://openalex.org/I71267560"]},{"raw_affiliation_string":"Department of Electrical Engineering and Information Technology, University of Naples Federico II, NA 80125, Italy","institution_ids":["https://openalex.org/I71267560"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5066709657"],"corresponding_institution_ids":["https://openalex.org/I162714631"],"apc_list":null,"apc_paid":null,"fwci":2.7585,"has_fulltext":false,"cited_by_count":31,"citation_normalized_percentile":{"value":0.9132127,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"54","issue":null,"first_page":"472","last_page":"480"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9973000288009644,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7988446950912476},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7587727308273315},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.521497368812561},{"id":"https://openalex.org/keywords/perspective","display_name":"Perspective (graphical)","score":0.5109550356864929},{"id":"https://openalex.org/keywords/cyber-physical-system","display_name":"Cyber-physical system","score":0.4468301236629486},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.4440206289291382},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.42282718420028687},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.39602482318878174},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.392581045627594},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.2002103328704834}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7988446950912476},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7587727308273315},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.521497368812561},{"id":"https://openalex.org/C12713177","wikidata":"https://www.wikidata.org/wiki/Q1900281","display_name":"Perspective (graphical)","level":2,"score":0.5109550356864929},{"id":"https://openalex.org/C179768478","wikidata":"https://www.wikidata.org/wiki/Q1120057","display_name":"Cyber-physical system","level":2,"score":0.4468301236629486},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.4440206289291382},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.42282718420028687},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39602482318878174},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.392581045627594},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2002103328704834},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/cns.2014.6997517","is_oa":false,"landing_page_url":"https://doi.org/10.1109/cns.2014.6997517","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2014 IEEE Conference on Communications and Network Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":16,"referenced_works":["https://openalex.org/W24131227","https://openalex.org/W1576185228","https://openalex.org/W1601913623","https://openalex.org/W1986495842","https://openalex.org/W1999760104","https://openalex.org/W2020325966","https://openalex.org/W2065807626","https://openalex.org/W2074343878","https://openalex.org/W2107609241","https://openalex.org/W2129586531","https://openalex.org/W2161922052","https://openalex.org/W2502662055","https://openalex.org/W2939935322","https://openalex.org/W6634619446","https://openalex.org/W6655551629","https://openalex.org/W6761664354"],"related_works":["https://openalex.org/W2342018874","https://openalex.org/W4312303620","https://openalex.org/W3081354095","https://openalex.org/W2962702312","https://openalex.org/W4315882020","https://openalex.org/W2804450076","https://openalex.org/W2888213213","https://openalex.org/W3041847967","https://openalex.org/W4287577102","https://openalex.org/W4210388716"],"abstract_inverted_index":{"Cyber":[0],"attacks":[1],"are":[2,33],"typically":[3],"preceded":[4],"by":[5,96],"a":[6,72,102,107,116,138,183,224],"reconnaissance":[7],"phase":[8],"in":[9,75,93,239],"which":[10],"attackers":[11,35,242],"aim":[12],"at":[13,98,182],"collecting":[14],"valuable":[15],"information":[16],"about":[17,47],"the":[18,48,81,88,91,99,112,126,155,187,192,195,204,207,215,219,228,241],"target":[19,49],"system,":[20],"including":[21],"network":[22],"topology,":[23],"service":[24],"dependencies,":[25],"and":[26,51,105,131,237],"unpatched":[27],"vulnerabilities.":[28],"Unfortunately,":[29],"when":[30],"system":[31,50,129,156],"configurations":[32],"static,":[34],"will":[36],"always":[37],"be":[38],"able,":[39],"given":[40,210],"enough":[41],"time,":[42],"to":[43,66,77,110,141,144,149,169],"acquire":[44],"accurate":[45],"knowledge":[46],"engineer":[52],"effective":[53,238],"exploits.":[54],"To":[55,120],"address":[56],"this":[57,84,122],"important":[58],"problem,":[59],"many":[60],"adaptive":[61,94],"techniques":[62],"have":[63],"been":[64],"devised":[65],"dynamically":[67],"change":[68],"some":[69],"aspects":[70],"of":[71,90,115,128,154,172,227],"system's":[73,117],"configuration":[74],"order":[76],"introduce":[78],"uncertainty":[79],"for":[80,194,218],"attacker.":[82],"In":[83,162],"paper,":[85],"we":[86,124,164],"advance":[87],"state":[89],"art":[92],"defense":[95],"looking":[97],"problem":[100],"from":[101,186,206,244],"control":[103],"perspective":[104],"proposing":[106],"graph-based":[108],"approach":[109,140,234],"manipulate":[111,142],"attacker's":[113,145],"view":[114,130,153,179,189,201],"attack":[118],"surface.":[119],"achieve":[121],"objective,":[123],"formalize":[125],"notion":[127],"distance":[132,185,205],"between":[133],"views.":[134],"We":[135],"then":[136],"define":[137],"principled":[139],"responses":[143],"probes":[146],"so":[147],"as":[148],"induce":[150],"an":[151,177,199,211],"external":[152,178,200],"that":[157,180,202,232],"satisfies":[158],"certain":[159],"desirable":[160],"properties.":[161],"particular,":[163],"propose":[165],"efficient":[166,236],"algorithmic":[167],"solutions":[168],"different":[170],"classes":[171],"problems,":[173],"namely":[174],"(i)":[175],"inducing":[176,198],"is":[181,235],"minimum":[184],"internal":[188,208],"while":[190],"minimizing":[191],"cost":[193,217],"defender;":[196],"(ii)":[197],"maximizes":[203],"view,":[209],"upper":[212],"bound":[213],"on":[214,223],"admissible":[216],"defender.":[220],"Experiments":[221],"conducted":[222],"prototypal":[225],"implementation":[226],"proposed":[229],"algorithms":[230],"confirm":[231],"our":[233],"steering":[240],"away":[243],"critical":[245],"resources.":[246]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":5},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}