{"id":"https://openalex.org/W4224928709","doi":"https://doi.org/10.1145/3510547.3517919","title":"Optimal Security Hardening over a Probabilistic Attack Graph","display_name":"Optimal Security Hardening over a Probabilistic Attack Graph","publication_year":2022,"publication_date":"2022-04-18","ids":{"openalex":"https://openalex.org/W4224928709","doi":"https://doi.org/10.1145/3510547.3517919"},"language":"en","primary_location":{"id":"doi:10.1145/3510547.3517919","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3510547.3517919","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3510547.3517919","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3510547.3517919","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5104980291","display_name":"Przemys\u0142aw Buczkowski","orcid":null},"institutions":[{"id":"https://openalex.org/I166337079","display_name":"Queen Mary University of London","ror":"https://ror.org/026zzn846","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I166337079"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Przemys\u0142aw Buczkowski","raw_affiliation_strings":["Queen Mary University of London, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen Mary University of London, London, United Kingdom","institution_ids":["https://openalex.org/I166337079"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070622642","display_name":"Pasquale Malacaria","orcid":"https://orcid.org/0000-0001-6155-1541"},"institutions":[{"id":"https://openalex.org/I166337079","display_name":"Queen Mary University of London","ror":"https://ror.org/026zzn846","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I166337079"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Pasquale Malacaria","raw_affiliation_strings":["Queen Mary University of London, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Queen Mary University of London, London, United Kingdom","institution_ids":["https://openalex.org/I166337079"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5013709529","display_name":"Chris Hankin","orcid":"https://orcid.org/0000-0001-9149-8577"},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Chris Hankin","raw_affiliation_strings":["Imperial College London, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Imperial College London, London, United Kingdom","institution_ids":["https://openalex.org/I47508984"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5006946645","display_name":"Andrew Fielder","orcid":null},"institutions":[{"id":"https://openalex.org/I47508984","display_name":"Imperial College London","ror":"https://ror.org/041kmwe10","country_code":"GB","type":"education","lineage":["https://openalex.org/I47508984"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Andrew Fielder","raw_affiliation_strings":["Imperial College London, London, United Kingdom"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Imperial College London, London, United Kingdom","institution_ids":["https://openalex.org/I47508984"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.956,"has_fulltext":true,"cited_by_count":5,"citation_normalized_percentile":{"value":0.7931182,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"21","last_page":"30"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7519570589065552},{"id":"https://openalex.org/keywords/probabilistic-logic","display_name":"Probabilistic logic","score":0.6746184825897217},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6175504922866821},{"id":"https://openalex.org/keywords/scada","display_name":"SCADA","score":0.5725206732749939},{"id":"https://openalex.org/keywords/portfolio","display_name":"Portfolio","score":0.4483887553215027},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.43292829394340515},{"id":"https://openalex.org/keywords/graph","display_name":"Graph","score":0.43036335706710815},{"id":"https://openalex.org/keywords/theoretical-computer-science","display_name":"Theoretical computer science","score":0.3484507203102112},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.14726585149765015},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.1409468948841095}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7519570589065552},{"id":"https://openalex.org/C49937458","wikidata":"https://www.wikidata.org/wiki/Q2599292","display_name":"Probabilistic logic","level":2,"score":0.6746184825897217},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6175504922866821},{"id":"https://openalex.org/C113863187","wikidata":"https://www.wikidata.org/wiki/Q17498","display_name":"SCADA","level":2,"score":0.5725206732749939},{"id":"https://openalex.org/C2780821815","wikidata":"https://www.wikidata.org/wiki/Q5340806","display_name":"Portfolio","level":2,"score":0.4483887553215027},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.43292829394340515},{"id":"https://openalex.org/C132525143","wikidata":"https://www.wikidata.org/wiki/Q141488","display_name":"Graph","level":2,"score":0.43036335706710815},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.3484507203102112},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.14726585149765015},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.1409468948841095},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C106159729","wikidata":"https://www.wikidata.org/wiki/Q2294553","display_name":"Financial economics","level":1,"score":0.0},{"id":"https://openalex.org/C119599485","wikidata":"https://www.wikidata.org/wiki/Q43035","display_name":"Electrical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"doi:10.1145/3510547.3517919","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3510547.3517919","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3510547.3517919","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2204.11707","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2204.11707","pdf_url":"https://arxiv.org/pdf/2204.11707","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:oai:qmro.qmul.ac.uk:123456789/80223","is_oa":true,"landing_page_url":"https://qmro.qmul.ac.uk/xmlui/handle/123456789/80223","pdf_url":null,"source":{"id":"https://openalex.org/S4306400530","display_name":"Queen Mary Research Online (Queen Mary University of London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I166337079","host_organization_name":"Queen Mary University of London","host_organization_lineage":["https://openalex.org/I166337079"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Proceeding"},{"id":"pmh:oai:qmro.qmul.ac.uk:123456789/84505","is_oa":true,"landing_page_url":"https://qmro.qmul.ac.uk/xmlui/handle/123456789/84505","pdf_url":null,"source":{"id":"https://openalex.org/S4306400530","display_name":"Queen Mary Research Online (Queen Mary University of London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I166337079","host_organization_name":"Queen Mary University of London","host_organization_lineage":["https://openalex.org/I166337079"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Conference Proceeding"}],"best_oa_location":{"id":"doi:10.1145/3510547.3517919","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3510547.3517919","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3510547.3517919","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2633352483","display_name":"Customized and Adaptive approach for Optimal Cybersecurity Investment","funder_award_id":"EP/R002983/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G4013386927","display_name":null,"funder_award_id":"EP/R002983/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G5065507122","display_name":"Customized and Adaptive approach for Optimal Cybersecurity Investment","funder_award_id":"EP/R004897/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"},{"id":"https://openalex.org/G6232078762","display_name":null,"funder_award_id":"EP/R004897/1","funder_id":"https://openalex.org/F4320334627","funder_display_name":"Engineering and Physical Sciences Research Council"}],"funders":[{"id":"https://openalex.org/F4320334627","display_name":"Engineering and Physical Sciences Research Council","ror":"https://ror.org/0439y7842"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4224928709.pdf","grobid_xml":"https://content.openalex.org/works/W4224928709.grobid-xml"},"referenced_works_count":22,"referenced_works":["https://openalex.org/W1979433901","https://openalex.org/W1979594128","https://openalex.org/W1990414757","https://openalex.org/W2053741629","https://openalex.org/W2117694832","https://openalex.org/W2131875370","https://openalex.org/W2137204060","https://openalex.org/W2143842190","https://openalex.org/W2156607688","https://openalex.org/W2193214538","https://openalex.org/W2513147652","https://openalex.org/W2554028885","https://openalex.org/W2910378408","https://openalex.org/W2943011553","https://openalex.org/W4205981421","https://openalex.org/W4233010915","https://openalex.org/W4234752970","https://openalex.org/W4244102997","https://openalex.org/W4298187937","https://openalex.org/W4299301436","https://openalex.org/W6635235395","https://openalex.org/W6681366076"],"related_works":["https://openalex.org/W2615977515","https://openalex.org/W2115760278","https://openalex.org/W2146396794","https://openalex.org/W2809162650","https://openalex.org/W2807864071","https://openalex.org/W2388279172","https://openalex.org/W2055218442","https://openalex.org/W2617238897","https://openalex.org/W4386714408","https://openalex.org/W3164929525"],"abstract_inverted_index":{"CySecTool":[0,198],"is":[1,22,40,151],"a":[2,6,12,16,23,33,41,44,87,115,124,154,167,193],"tool":[3,75],"that":[4],"finds":[5],"cost-optimal":[7],"security":[8,134],"controls":[9,65],"portfolio":[10,21],"in":[11,111],"given":[13,100],"budget":[14],"for":[15,32,99,107],"probabilistic":[17],"attack":[18,38,50,129],"graph.":[19],"A":[20,118],"set":[24],"of":[25,43,56,69,114,147,180],"counter-measures,":[26],"or":[27],"controls,":[28],"against":[29],"vulnerabilities":[30,61,71],"adopted":[31],"computer":[34],"system,":[35],"while":[36,175],"an":[37,49,78,138],"graph":[39,126],"type":[42],"threat":[45],"scenario":[46],"model.":[47],"In":[48],"graph,":[51],"nodes":[52],"are":[53,60,188],"privilege":[54],"states":[55],"the":[57,67,104,112,148],"attacker,":[58],"edges":[59],"escalating":[62],"privileges,":[63],"and":[64,93,102,127,157,203],"reduce":[66],"probabilities":[68],"some":[70],"being":[72],"exploited.":[73],"The":[74,145],"builds":[76],"on":[77,137],"optimisation":[79],"algorithm":[80],"published":[81],"by":[82,132],"Khouzani":[83],"et":[84],"al.,":[85],"enabling":[86],"user":[88],"to":[89,152,165,169,178,190,199],"quickly":[90],"create,":[91],"edit,":[92],"incrementally":[94],"improve":[95],"models,":[96],"analyse":[97],"results":[98],"portfolios":[101],"display":[103],"best":[105],"solutions":[106],"all":[108],"possible":[109],"budgets":[110],"form":[113],"Pareto":[116],"frontier.":[117],"case":[119,149],"study":[120,150],"was":[121],"performed":[122],"utilising":[123],"system":[125,162],"suspected":[128],"paths":[130],"prepared":[131],"industrial":[133,139,161],"engineers":[135],"based":[136],"source":[140],"with":[141],"which":[142],"they":[143],"work.":[144],"goal":[146],"model":[153],"supervisory":[155],"control":[156],"data":[158],"acquisition":[159],"(SCADA)":[160],"which,":[163],"due":[164],"having":[166],"potential":[168],"harm":[170],"people,":[171],"necessitates":[172],"strong":[173],"protection":[174],"not":[176],"allowing":[177],"use":[179,197],"typical":[181],"penetration":[182],"tools":[183],"like":[184],"vulnerability":[185],"scanners.":[186],"Results":[187],"analysed":[189],"show":[191],"how":[192],"cyber-security":[194,201],"analyst":[195],"would":[196],"store":[200],"intelligence":[202],"draw":[204],"further":[205],"conclusions.":[206]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2022,"cited_by_count":1}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2022-04-28T00:00:00"}