{"id":"https://openalex.org/W2786171514","doi":"https://doi.org/10.1109/msp.2018.1331028","title":"Science of Security: Combining Theory and Measurement to Reflect the Observable","display_name":"Science of Security: Combining Theory and Measurement to Reflect the Observable","publication_year":2018,"publication_date":"2018-01-01","ids":{"openalex":"https://openalex.org/W2786171514","doi":"https://doi.org/10.1109/msp.2018.1331028","mag":"2786171514"},"language":"en","primary_location":{"id":"doi:10.1109/msp.2018.1331028","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msp.2018.1331028","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5059864632","display_name":"Cormac Herley","orcid":"https://orcid.org/0000-0001-8436-5776"},"institutions":[{"id":"https://openalex.org/I4210164937","display_name":"Microsoft Research (United Kingdom)","ror":"https://ror.org/05k87vq12","country_code":"GB","type":"company","lineage":["https://openalex.org/I1290206253","https://openalex.org/I4210164937"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Cormac Herley","raw_affiliation_strings":["Microsoft Research"],"affiliations":[{"raw_affiliation_string":"Microsoft Research","institution_ids":["https://openalex.org/I4210164937"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5011846293","display_name":"Paul C. van Oorschot","orcid":"https://orcid.org/0000-0002-5038-5370"},"institutions":[{"id":"https://openalex.org/I67031392","display_name":"Carleton University","ror":"https://ror.org/02qtvee93","country_code":"CA","type":"education","lineage":["https://openalex.org/I67031392"]}],"countries":["CA"],"is_corresponding":false,"raw_author_name":"P.C. van Oorschot","raw_affiliation_strings":["Carleton University"],"affiliations":[{"raw_affiliation_string":"Carleton University","institution_ids":["https://openalex.org/I67031392"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5059864632"],"corresponding_institution_ids":["https://openalex.org/I4210164937"],"apc_list":null,"apc_paid":null,"fwci":1.6514,"has_fulltext":false,"cited_by_count":20,"citation_normalized_percentile":{"value":0.84412915,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"16","issue":"1","first_page":"12","last_page":"22"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mainstream","display_name":"Mainstream","score":0.7458901405334473},{"id":"https://openalex.org/keywords/critical-security-studies","display_name":"Critical security studies","score":0.5839183330535889},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.5836821794509888},{"id":"https://openalex.org/keywords/security-community","display_name":"Security community","score":0.5543538331985474},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.5169407725334167},{"id":"https://openalex.org/keywords/security-studies","display_name":"Security studies","score":0.4996609687805176},{"id":"https://openalex.org/keywords/theme","display_name":"Theme (computing)","score":0.48715540766716003},{"id":"https://openalex.org/keywords/epistemology","display_name":"Epistemology","score":0.47180119156837463},{"id":"https://openalex.org/keywords/work","display_name":"Work (physics)","score":0.4518806040287018},{"id":"https://openalex.org/keywords/engineering-ethics","display_name":"Engineering ethics","score":0.4121893048286438},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3593522906303406},{"id":"https://openalex.org/keywords/sociology","display_name":"Sociology","score":0.3153650462627411},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.3058159649372101},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.24121037125587463},{"id":"https://openalex.org/keywords/social-science","display_name":"Social science","score":0.2098333239555359},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.19898143410682678},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.18942761421203613},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.1858956515789032},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.14661219716072083},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.14617681503295898},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.11381250619888306},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.08028167486190796}],"concepts":[{"id":"https://openalex.org/C2777617010","wikidata":"https://www.wikidata.org/wiki/Q18957","display_name":"Mainstream","level":2,"score":0.7458901405334473},{"id":"https://openalex.org/C505623098","wikidata":"https://www.wikidata.org/wiki/Q3002932","display_name":"Critical security studies","level":5,"score":0.5839183330535889},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.5836821794509888},{"id":"https://openalex.org/C2778062554","wikidata":"https://www.wikidata.org/wiki/Q3404031","display_name":"Security community","level":2,"score":0.5543538331985474},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.5169407725334167},{"id":"https://openalex.org/C79165680","wikidata":"https://www.wikidata.org/wiki/Q1280151","display_name":"Security studies","level":2,"score":0.4996609687805176},{"id":"https://openalex.org/C33566652","wikidata":"https://www.wikidata.org/wiki/Q1065927","display_name":"Theme (computing)","level":2,"score":0.48715540766716003},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.47180119156837463},{"id":"https://openalex.org/C18762648","wikidata":"https://www.wikidata.org/wiki/Q42213","display_name":"Work (physics)","level":2,"score":0.4518806040287018},{"id":"https://openalex.org/C55587333","wikidata":"https://www.wikidata.org/wiki/Q1133029","display_name":"Engineering ethics","level":1,"score":0.4121893048286438},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3593522906303406},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.3153650462627411},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.3058159649372101},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.24121037125587463},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.2098333239555359},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.19898143410682678},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.18942761421203613},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.1858956515789032},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.14661219716072083},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.14617681503295898},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.11381250619888306},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.08028167486190796},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/msp.2018.1331028","is_oa":false,"landing_page_url":"https://doi.org/10.1109/msp.2018.1331028","pdf_url":null,"source":{"id":"https://openalex.org/S61906035","display_name":"IEEE Security & Privacy","issn_l":"1540-7993","issn":["1540-7993","1558-4046"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Security &amp; Privacy","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W107237338","https://openalex.org/W618190765","https://openalex.org/W1534673680","https://openalex.org/W1534968492","https://openalex.org/W1584053331","https://openalex.org/W1981315040","https://openalex.org/W1981949855","https://openalex.org/W1993575476","https://openalex.org/W2003394287","https://openalex.org/W2014781793","https://openalex.org/W2016331831","https://openalex.org/W2032205160","https://openalex.org/W2038348645","https://openalex.org/W2048755632","https://openalex.org/W2063380184","https://openalex.org/W2064345207","https://openalex.org/W2083820551","https://openalex.org/W2091833612","https://openalex.org/W2097267243","https://openalex.org/W2111397260","https://openalex.org/W2149929743","https://openalex.org/W2159047178","https://openalex.org/W2338717024","https://openalex.org/W2395828461","https://openalex.org/W2412014910","https://openalex.org/W2679033717","https://openalex.org/W4244178590"],"related_works":["https://openalex.org/W2279045796","https://openalex.org/W2528710332","https://openalex.org/W172307390","https://openalex.org/W2169321374","https://openalex.org/W1753565795","https://openalex.org/W4360851774","https://openalex.org/W2162903355","https://openalex.org/W2111305117","https://openalex.org/W2364773532","https://openalex.org/W2287714594"],"abstract_inverted_index":{"What":[0],"would":[1,33,35],"a":[2,69,81,103,115],"\u201cScience":[3,88],"of":[4,25,54,71,78,89],"Security\u201d":[5,90],"look":[6],"like?":[7],"This":[8],"question":[9],"has":[10,59,99],"received":[11,60],"considerable":[12],"attention":[13],"over":[14,102],"the":[15,23,52,74,86,118,135,144],"past":[16,126],"10":[17],"years.":[18],"No":[19],"one":[20,34],"argues":[21],"against":[22],"desirability":[24],"making":[26,42],"security":[27,119,145],"research":[28],"more":[29],"\u201cscientific.\u201d":[30],"But":[31],"how":[32],"go":[36],"about":[37],"that?":[38],"We":[39,64,109],"argue":[40],"that":[41,58,83,117],"progress":[43],"on":[44,68],"this":[45,66],"requires":[46],"clarifying":[47],"what":[48,98],"\u201cscientific\u201d":[49],"means":[50],"in":[51,73,107,134,143],"context":[53],"computer":[55],"security,":[56],"and":[57,76,80,94,112,128],"too":[61],"little":[62,141],"attention.":[63],"pursue":[65],"based":[67],"review":[70],"literature":[72],"history":[75],"Philosophy":[77],"Science":[79],"belief":[82],"work":[84],"under":[85],"theme":[87],"should":[91],"align":[92],"with":[93,114],"ideally,":[95],"benefit":[96,122],"from":[97,123],"been":[100],"learned":[101],"few":[104],"hundred":[105],"years":[106],"science.":[108],"offer":[110],"observations":[111],"insights,":[113],"view":[116],"community":[120],"can":[121],"better":[124],"leveraging":[125],"lessons":[127],"common":[129],"practices":[130],"well-accepted":[131],"by":[132],"consensus":[133],"mainstream":[136],"scientific":[137],"community\u2014but":[138],"which":[139],"appear":[140],"recognized":[142],"community.":[146]},"counts_by_year":[{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":4},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":4},{"year":2018,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}