{"id":"https://openalex.org/W7148669416","doi":"https://doi.org/10.48550/arxiv.2604.01627","title":"RefinementEngine: Automating Intent-to-Device Filtering Policy Deployment under Network Constraints","display_name":"RefinementEngine: Automating Intent-to-Device Filtering Policy Deployment under Network Constraints","publication_year":2026,"publication_date":"2026-04-02","ids":{"openalex":"https://openalex.org/W7148669416","doi":"https://doi.org/10.48550/arxiv.2604.01627"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2604.01627","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.01627","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2604.01627","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5126739310","display_name":"Davide Colaiacomo","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Colaiacomo, Davide","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5024709988","display_name":"Chiara Bonfanti","orcid":"https://orcid.org/0009-0007-8015-7786"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Bonfanti, Chiara","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5015749928","display_name":"Cataldo Basile","orcid":"https://orcid.org/0000-0002-8016-1490"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Basile, Cataldo","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5126739310"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.5435000061988831,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.5435000061988831,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12326","display_name":"Network Packet Processing and Optimization","score":0.3513000011444092,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.022099999710917473,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6549000144004822},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.6504999995231628},{"id":"https://openalex.org/keywords/adaptability","display_name":"Adaptability","score":0.5620999932289124},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.5442000031471252},{"id":"https://openalex.org/keywords/reachability","display_name":"Reachability","score":0.5200999975204468},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4912000000476837},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.4569000005722046},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.45190000534057617},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4260999858379364},{"id":"https://openalex.org/keywords/network-packet","display_name":"Network packet","score":0.42289999127388}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.699999988079071},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6549000144004822},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.6504999995231628},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6105999946594238},{"id":"https://openalex.org/C177606310","wikidata":"https://www.wikidata.org/wiki/Q5674297","display_name":"Adaptability","level":2,"score":0.5620999932289124},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.5442000031471252},{"id":"https://openalex.org/C136643341","wikidata":"https://www.wikidata.org/wiki/Q1361526","display_name":"Reachability","level":2,"score":0.5200999975204468},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4912000000476837},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.4569000005722046},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.45190000534057617},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4260999858379364},{"id":"https://openalex.org/C158379750","wikidata":"https://www.wikidata.org/wiki/Q214111","display_name":"Network packet","level":2,"score":0.42289999127388},{"id":"https://openalex.org/C14982408","wikidata":"https://www.wikidata.org/wiki/Q11006334","display_name":"Network Access Control","level":4,"score":0.4223000109195709},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.41600000858306885},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.41339999437332153},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.413100004196167},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.40939998626708984},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.40860000252723694},{"id":"https://openalex.org/C178148461","wikidata":"https://www.wikidata.org/wiki/Q1632136","display_name":"Security controls","level":3,"score":0.4081999957561493},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.39739999175071716},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.38499999046325684},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.36480000615119934},{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.3571999967098236},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.32710000872612},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.2874999940395355},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.28349998593330383},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2761000096797943},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.26840001344680786},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.26339998841285706},{"id":"https://openalex.org/C155386361","wikidata":"https://www.wikidata.org/wiki/Q1649571","display_name":"Process control","level":3,"score":0.2554999887943268}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2604.01627","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.01627","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2604.01627","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2604.01627","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6520509123802185,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Translating":[0],"security":[1,42,68,81,112],"intent":[2],"into":[3,70],"deployable":[4],"network":[5,76],"enforcement":[6],"rules":[7],"and":[8,29,40,50,79,87,105,125,139],"maintaining":[9],"their":[10],"effectiveness":[11],"despite":[12],"evolving":[13],"cyber":[14],"threats":[15],"remains":[16],"a":[17,51,75],"largely":[18],"manual":[19],"process":[20,47],"in":[21],"most":[22],"Security":[23],"Operations":[24],"Centers":[25],"(SOCs).":[26],"In":[27],"large":[28],"heterogeneous":[30],"networks,":[31],"this":[32],"challenge":[33],"is":[34,117],"complicated":[35],"by":[36],"topology-dependent":[37],"reachability":[38],"constraints":[39],"device-specific":[41],"control":[43],"capabilities,":[44],"making":[45],"the":[46,64,99],"slow,":[48],"error-prone,":[49],"recurring":[52],"source":[53],"of":[54,66],"misconfigurations.":[55],"This":[56],"paper":[57],"presents":[58],"RefinementEngine,":[59],"an":[60],"engine":[61],"that":[62,97],"automates":[63],"refinement":[65],"high-level":[67,85],"intents":[69,86],"low-level,":[71],"deployment-ready":[72],"configurations.":[73],"Given":[74],"topology,":[77],"devices,":[78],"available":[80],"controls,":[82],"along":[83],"with":[84],"Cyber":[88],"Threat":[89],"Intelligence":[90],"(CTI)":[91],"reports,":[92,133],"RefinementEngine":[93],"automatically":[94],"generates":[95],"settings":[96],"implement":[98],"desired":[100],"intent,":[101],"counter":[102],"reported":[103],"threats,":[104],"can":[106],"be":[107],"directly":[108],"deployed":[109],"on":[110,123],"target":[111],"controls.":[113],"The":[114],"proposed":[115],"approach":[116],"validated":[118],"through":[119],"real-world":[120],"use":[121],"cases":[122],"packet":[124],"web":[126],"filtering":[127],"policies":[128],"derived":[129],"from":[130],"actual":[131],"CTI":[132],"demonstrating":[134],"both":[135],"correctness,":[136],"practical":[137],"applicability,":[138],"adaptability":[140],"to":[141],"new":[142],"data.":[143]},"counts_by_year":[],"updated_date":"2026-04-04T06:15:33.020886","created_date":"2026-04-04T00:00:00"}