{"id":"https://openalex.org/W2534544954","doi":"https://doi.org/10.1145/2994475.2994483","title":"Configuring Software and Systems for Defense-in-Depth","display_name":"Configuring Software and Systems for Defense-in-Depth","publication_year":2016,"publication_date":"2016-10-24","ids":{"openalex":"https://openalex.org/W2534544954","doi":"https://doi.org/10.1145/2994475.2994483","mag":"2534544954"},"language":"en","primary_location":{"id":"doi:10.1145/2994475.2994483","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2994475.2994483","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2994483&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"http://dl.acm.org/ft_gateway.cfm?id=2994483&type=pdf","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["The Pennsylvania State University, State College, PA, USA"],"affiliations":[{"raw_affiliation_string":"The Pennsylvania State University, State College, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5055045569"],"corresponding_institution_ids":["https://openalex.org/I130769515"],"apc_list":null,"apc_paid":null,"fwci":0.4285,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.79273007,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"1"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7376232147216797},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7108815908432007},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.6539228558540344},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5847175121307373},{"id":"https://openalex.org/keywords/component","display_name":"Component (thermodynamics)","score":0.5500687956809998},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.5204268097877502},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.47250139713287354},{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.43996304273605347},{"id":"https://openalex.org/keywords/software-system","display_name":"Software system","score":0.4339592158794403},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.4315575361251831},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.41950374841690063},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.3410987854003906},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.1769619882106781},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1683860719203949},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1550900936126709}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7376232147216797},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7108815908432007},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.6539228558540344},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5847175121307373},{"id":"https://openalex.org/C168167062","wikidata":"https://www.wikidata.org/wiki/Q1117970","display_name":"Component (thermodynamics)","level":2,"score":0.5500687956809998},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.5204268097877502},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.47250139713287354},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.43996304273605347},{"id":"https://openalex.org/C149091818","wikidata":"https://www.wikidata.org/wiki/Q2429814","display_name":"Software system","level":3,"score":0.4339592158794403},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.4315575361251831},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.41950374841690063},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.3410987854003906},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.1769619882106781},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1683860719203949},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1550900936126709},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C97355855","wikidata":"https://www.wikidata.org/wiki/Q11473","display_name":"Thermodynamics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2994475.2994483","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2994475.2994483","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2994483&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/2994475.2994483","is_oa":true,"landing_page_url":"https://doi.org/10.1145/2994475.2994483","pdf_url":"http://dl.acm.org/ft_gateway.cfm?id=2994483&type=pdf","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2016 ACM Workshop on Automated Decision Making for Active Cyber Defense","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.800000011920929,"display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G3166108113","display_name":null,"funder_award_id":"CNS-1408880","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2534544954.pdf","grobid_xml":"https://content.openalex.org/works/W2534544954.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W1994712384","https://openalex.org/W4240186231","https://openalex.org/W2166844173","https://openalex.org/W3170525725","https://openalex.org/W3089468277","https://openalex.org/W4310805820","https://openalex.org/W2119580333","https://openalex.org/W3200236636","https://openalex.org/W2402565116","https://openalex.org/W1838401043"],"abstract_inverted_index":{"The":[0],"computer":[1],"security":[2,44,53,81],"community":[3],"has":[4,70],"long":[5],"advocated":[6],"defense":[7,14,67,144],"in":[8,35,68,74,145],"depth,":[9],"building":[10],"multiple":[11],"layers":[12,85],"of":[13,86,114],"to":[15,49,121,138],"protect":[16],"a":[17,71],"system.":[18],"Realizing":[19],"this":[20,59],"vision":[21],"is":[22],"not":[23],"yet":[24],"practical,":[25],"as":[26],"software":[27,87,97,116,140],"often":[28],"ships":[29],"with":[30,117],"inadequate":[31],"defenses,":[32],"typically":[33],"developed":[34],"an":[36],"ad":[37],"hoc":[38],"fashion.":[39],"Currently,":[40],"programmers":[41],"reason":[42],"about":[43],"manually":[45],"and":[46,93,95,98,130,141],"lack":[47],"tools":[48],"validate":[50],"assurance":[51],"that":[52,101],"controls":[54],"provide":[55],"satisfactory":[56],"defenses.":[57],"In":[58,76],"keynote":[60],"talk,":[61],"I":[62,107],"will":[63,108],"discuss":[64,131],"how":[65,132],"achieving":[66],"depth":[69],"significant":[72],"component":[73],"configuration.":[75],"particular,":[77],"we":[78,133],"advocate":[79],"configuring":[80,139],"requirements":[82],"for":[83,143],"various":[84],"defenses":[88,100],"(e.g.,":[89],"privilege":[90],"separation,":[91],"authorization,":[92],"auditing)":[94],"generating":[96],"systems":[99,142],"implement":[102],"such":[103],"configurations":[104],"(mostly)":[105],"automatically.":[106],"focus":[109],"mainly":[110],"on":[111],"the":[112,123,128],"challenge":[113],"retrofitting":[115],"authorization":[118],"code":[119],"automatically":[120],"demonstrate":[122],"configuration":[124],"problems":[125],"faced":[126],"by":[127],"community,":[129],"may":[134],"leverage":[135],"these":[136],"lessons":[137],"depth.":[146]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}