{"id":"https://openalex.org/W2082554729","doi":"https://doi.org/10.1145/2133601.2133622","title":"Risk-based security decisions under uncertainty","display_name":"Risk-based security decisions under uncertainty","publication_year":2012,"publication_date":"2012-02-07","ids":{"openalex":"https://openalex.org/W2082554729","doi":"https://doi.org/10.1145/2133601.2133622","mag":"2082554729"},"language":"en","primary_location":{"id":"doi:10.1145/2133601.2133622","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2133601.2133622","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the second ACM conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5040348286","display_name":"Ian Molloy","orcid":null},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ian Molloy","raw_affiliation_strings":["IBM Research TJ Watson, Hawthorne, NY, USA","IBM Research TJ Watson, Hawthorne, NY, USA#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087020709","display_name":"Luke Dickens","orcid":null},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Luke Dickens","raw_affiliation_strings":["Imperial College, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Imperial College, London, United Kingdom","institution_ids":["https://openalex.org/I47508984"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Charles Morisset","orcid":null},"institutions":[{"id":"https://openalex.org/I4210130157","display_name":"Institute of Informatics and Telematics","ror":"https://ror.org/02gdcn153","country_code":"IT","type":"facility","lineage":["https://openalex.org/I4210130157","https://openalex.org/I4210155236"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Charles Morisset","raw_affiliation_strings":["IIT-CNR, Pisa, Italy"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IIT-CNR, Pisa, Italy","institution_ids":["https://openalex.org/I4210130157"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101556378","display_name":"Pau-Chen Cheng","orcid":null},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pau-Chen Cheng","raw_affiliation_strings":["IBM Research TJ Watson, Hawthorne, NY, USA","IBM Research TJ Watson, Hawthorne, NY, USA#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105652031","display_name":"Jorge Lobo","orcid":"https://orcid.org/0000-0002-9438-0926"},"institutions":[{"id":"https://openalex.org/I1341412227","display_name":"IBM (United States)","ror":"https://ror.org/05hh8d621","country_code":"US","type":"company","lineage":["https://openalex.org/I1341412227"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Jorge Lobo","raw_affiliation_strings":["IBM Research TJ Watson, Hawthorne, NY, USA","IBM Research TJ Watson, Hawthorne, NY, USA#TAB#"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA","institution_ids":["https://openalex.org/I1341412227"]},{"raw_affiliation_string":"IBM Research TJ Watson, Hawthorne, NY, USA#TAB#","institution_ids":["https://openalex.org/I1341412227"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5046462940","display_name":"Alessandra Russo","orcid":"https://orcid.org/0000-0002-3318-8711"},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Alessandra Russo","raw_affiliation_strings":["Imperial College, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Imperial College, London, United Kingdom","institution_ids":["https://openalex.org/I47508984"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":7.4527,"has_fulltext":false,"cited_by_count":67,"citation_normalized_percentile":{"value":0.9741356,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"157","last_page":"168"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11598","display_name":"Internet Traffic Analysis and Secure E-voting","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7499914765357971},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6032390594482422},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.5425652861595154},{"id":"https://openalex.org/keywords/optimal-decision","display_name":"Optimal decision","score":0.4609326720237732},{"id":"https://openalex.org/keywords/cache","display_name":"Cache","score":0.4531944990158081},{"id":"https://openalex.org/keywords/point","display_name":"Point (geometry)","score":0.4424270987510681},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.34421178698539734},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.333329439163208},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.32290518283843994},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.256957083940506},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.23966705799102783},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.08721351623535156}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7499914765357971},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6032390594482422},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.5425652861595154},{"id":"https://openalex.org/C150325174","wikidata":"https://www.wikidata.org/wiki/Q4335500","display_name":"Optimal decision","level":3,"score":0.4609326720237732},{"id":"https://openalex.org/C115537543","wikidata":"https://www.wikidata.org/wiki/Q165596","display_name":"Cache","level":2,"score":0.4531944990158081},{"id":"https://openalex.org/C28719098","wikidata":"https://www.wikidata.org/wiki/Q44946","display_name":"Point (geometry)","level":2,"score":0.4424270987510681},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.34421178698539734},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.333329439163208},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.32290518283843994},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.256957083940506},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.23966705799102783},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.08721351623535156},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2133601.2133622","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2133601.2133622","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the second ACM conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-00757539v1","is_oa":false,"landing_page_url":"https://inria.hal.science/hal-00757539","pdf_url":null,"source":{"id":"https://openalex.org/S4306402512","display_name":"HAL (Le Centre pour la Communication Scientifique Directe)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1294671590","host_organization_name":"Centre National de la Recherche Scientifique","host_organization_lineage":["https://openalex.org/I1294671590"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Proceedings of the second ACM conference on Data and Application Security and Privacy, Feb 2012, New York, NY, USA, United States. pp.157--168, ⟨10.1145/2133601.2133622⟩","raw_type":"Conference papers"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7900000214576721,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320338295","display_name":"Army Research Laboratory","ror":"https://ror.org/011hc8f90"},{"id":"https://openalex.org/F4320338370","display_name":"FP7 Information and Communication Technologies","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":31,"referenced_works":["https://openalex.org/W182234909","https://openalex.org/W627242592","https://openalex.org/W1506806321","https://openalex.org/W1547111832","https://openalex.org/W1552859189","https://openalex.org/W1573760589","https://openalex.org/W1579338639","https://openalex.org/W1663973292","https://openalex.org/W1775772884","https://openalex.org/W1968556863","https://openalex.org/W1973954799","https://openalex.org/W2002604183","https://openalex.org/W2043226436","https://openalex.org/W2058347046","https://openalex.org/W2099353173","https://openalex.org/W2103317919","https://openalex.org/W2108287273","https://openalex.org/W2113851063","https://openalex.org/W2124228505","https://openalex.org/W2125743503","https://openalex.org/W2125830297","https://openalex.org/W2135273046","https://openalex.org/W2138798600","https://openalex.org/W2139287545","https://openalex.org/W2148603752","https://openalex.org/W2163764145","https://openalex.org/W2171022360","https://openalex.org/W4254721730","https://openalex.org/W4285719527","https://openalex.org/W6675844770","https://openalex.org/W7071374342"],"related_works":["https://openalex.org/W2152099439","https://openalex.org/W1984163603","https://openalex.org/W3130422087","https://openalex.org/W3004195166","https://openalex.org/W2126310295","https://openalex.org/W1563139915","https://openalex.org/W4288413100","https://openalex.org/W2885669284","https://openalex.org/W2077172685","https://openalex.org/W2901729341"],"abstract_inverted_index":{"This":[0],"paper":[1],"addresses":[2],"the":[3,19,25,131,146,156,161,181,246],"making":[4],"of":[5,21,51,84,108,137,148,160,219],"security":[6],"decisions,":[7,15,93,133],"such":[8],"as":[9],"access-control":[10],"decisions":[11,31,52,95,150],"or":[12,41,70,186],"spam":[13],"filtering":[14],"under":[16],"uncertainty,":[17],"when":[18,36,57,96,115],"benefit":[20],"doing":[22],"so":[23],"outweighs":[24],"need":[26],"to":[27,45,113,144,154,225,230,245],"absolutely":[28],"guarantee":[29],"these":[30,149],"are":[32,38],"correct.":[33],"For":[34],"instance,":[35],"there":[37,127,187],"limited,":[39],"costly,":[40],"failed":[42],"communication":[43,251],"channels":[44],"a":[46,58,65,71,123,135,142,174,199,217],"policy-decision-point.":[47],"Previously,":[48],"local":[49],"caching":[50],"has":[53,100],"been":[54,102],"proposed,":[55],"but":[56],"correct":[59],"decision":[60,73,118],"is":[61,119,128,183,188,223],"not":[62,101],"available,":[63],"either":[64],"policy-decision-point":[66],"must":[67],"be":[68],"contacted,":[69],"default":[72],"used.":[74],"We":[75,192],"improve":[76],"upon":[77],"this":[78],"model":[79],"by":[80,197],"using":[81],"learned":[82],"classifiers":[83],"access":[85,209,232],"control":[86,210,233],"decisions.":[87,235],"These":[88],"classifiers,":[89],"trained":[90],"on":[91,171],"known":[92],"infer":[94,231],"an":[97,116],"exact":[98],"match":[99],"cached,":[103],"and":[104,111,151,202,250,256],"uses":[105],"intuitive":[106],"notions":[107],"utility,":[109],"damage":[110],"uncertainty":[112,129,147],"determine":[114],"inferred":[117],"preferred":[120],"over":[121,216],"contacting":[122],"remote":[124],"PDP.":[125],"Clearly":[126],"in":[130,178],"predicted":[132],"introducing":[134],"degree":[136],"risk.":[138],"Our":[139,212],"solution":[140],"proposes":[141],"mechanism":[143],"quantify":[145],"allows":[152],"administrators":[153],"bound":[155],"overall":[157],"risk":[158,182],"posture":[159],"system.":[162],"The":[163],"learning":[164,228],"component":[165],"continuously":[166],"refines":[167],"its":[168],"models":[169,196],"based":[170],"inputs":[172],"from":[173,207],"central":[175],"policy":[176],"server":[177],"cases":[179],"where":[180],"too":[184,189],"high":[185],"much":[190],"uncertainty.":[191],"have":[193],"validated":[194],"our":[195,237],"building":[198],"prototype":[200],"system":[201,220,238,258],"evaluating":[203],"it":[204,222],"with":[205],"requests":[206],"real":[208],"policies.":[211],"experiments":[213],"show":[214],"that":[215],"range":[218],"parameters,":[221],"feasible":[224],"use":[226],"machine":[227],"methods":[229],"policies":[234],"Thus":[236],"yields":[239],"several":[240],"benefits,":[241],"including":[242],"reduced":[243],"calls":[244],"PDP,":[247],"reducing":[248],"latency":[249],"costs;":[252],"increased":[253,257],"net":[254],"utility;":[255],"survivability.":[259]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":12},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":6},{"year":2017,"cited_by_count":4},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":10},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}