Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering 2020
DOI: 10.1145/3324884.3416540
|View full text |Cite
|
Sign up to set email alerts
|

Automated implementation of windows-related security-configuration guides

Patrick Stöckle
1
,
Bernd Grobauer
2
,
Alexander Pretschner
3

Abstract: Hardening is the process of configuring IT systems to ensure the security of the systems' components and data they process or store. The complexity of contemporary IT infrastructures, however, renders manual security hardening and maintenance a daunting task.In many organizations, security-configuration guides expressed in the SCAP (Security Content Automation Protocol) are used as a basis for hardening, but these guides by themselves provide no means for automatically implementing the required configurations.… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2022
2022
2023
2023

Publication Types

Select...
4

Relationship

2
2

Authors

Journals

citations
Cited by 4 publications
(2 citation statements)
references
References 29 publications
(31 reference statements)
0
2
0
Order By: Relevance
“…Adding machine-readable information from which implementations and checks can be derived requires, of course, manual effort, but such effort would be necessary for generating separate implementation mechanism, as well. Furthermore, for some use-cases, semi-automated mechanisms for deriving machine-readable information from humanreadable text exist [26]. guides.…”
Section: Contributionsmentioning
confidence: 99%

Hardening with Scapolite

Stöckle
1
,
Pruteanu
2
,
Grobauer
3
et al. 2022
Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy
Self Cite
3
0
0
0
View full textAdd to dashboardCite
show abstract
“…Adding machine-readable information from which implementations and checks can be derived requires, of course, manual effort, but such effort would be necessary for generating separate implementation mechanism, as well. Furthermore, for some use-cases, semi-automated mechanisms for deriving machine-readable information from humanreadable text exist [26]. guides.…”
Section: Contributionsmentioning
confidence: 99%

Hardening with Scapolite

Stöckle
1
,
Pruteanu
2
,
Grobauer
3
et al. 2022
Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy
Self Cite
3
0
0
0
View full textAdd to dashboardCite
show abstract
“…Research about configuration is an essential part of the software engineering [1,6] as well as the security domain [4,10]. Stöckle et al demonstrated how one could use NLP to implement guides efficiently [9]. Most relevant for the problem of identifying sr settings is sentiment analysis, where we classify documents as being positive or negative, depending on the expressed sentiment [5].…”
Section: Related Workmentioning
confidence: 99%

Automated Identification of Security-Relevant Configuration Settings Using NLP

Stöckle,
Wasserer,
Grobauer
et al. 2022
Preprint
Self Cite
0
0
0
0
View full textAdd to dashboardCite
show abstract

Better Safe Than Sorry! Automated Identification of Functionality-Breaking Security-Configuration Rules

Stöckle
1
,
Sammereier
2
,
Grobauer
3
et al. 2023
2023 IEEE/ACM International Conference on Automation of Software Test (AST)
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.