{"id":"https://openalex.org/W3162806222","doi":"https://doi.org/10.1007/s10207-021-00551-w","title":"Machine learning approach to vulnerability detection in OAuth 2.0 authentication and authorization flow","display_name":"Machine learning approach to vulnerability detection in OAuth 2.0 authentication and authorization flow","publication_year":2021,"publication_date":"2021-05-13","ids":{"openalex":"https://openalex.org/W3162806222","doi":"https://doi.org/10.1007/s10207-021-00551-w","mag":"3162806222"},"language":"en","primary_location":{"id":"doi:10.1007/s10207-021-00551-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00551-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00551-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00551-w.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5028731134","display_name":"Kindson Munonye","orcid":"https://orcid.org/0000-0002-2892-9925"},"institutions":[{"id":"https://openalex.org/I29770179","display_name":"Budapest University of Technology and Economics","ror":"https://ror.org/02w42ss30","country_code":"HU","type":"education","lineage":["https://openalex.org/I29770179"]}],"countries":["HU"],"is_corresponding":true,"raw_author_name":"Kindson Munonye","raw_affiliation_strings":["Budapest University of Technology and Economics, Budapest, Hungary"],"affiliations":[{"raw_affiliation_string":"Budapest University of Technology and Economics, Budapest, Hungary","institution_ids":["https://openalex.org/I29770179"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112907356","display_name":"P\u00e9ter Martinek","orcid":null},"institutions":[{"id":"https://openalex.org/I29770179","display_name":"Budapest University of Technology and Economics","ror":"https://ror.org/02w42ss30","country_code":"HU","type":"education","lineage":["https://openalex.org/I29770179"]}],"countries":["HU"],"is_corresponding":false,"raw_author_name":"Martinek P\u00e9ter","raw_affiliation_strings":["Budapest University of Technology and Economics, Budapest, Hungary"],"affiliations":[{"raw_affiliation_string":"Budapest University of Technology and Economics, Budapest, Hungary","institution_ids":["https://openalex.org/I29770179"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5028731134"],"corresponding_institution_ids":["https://openalex.org/I29770179"],"apc_list":{"value":2590,"currency":"EUR","value_usd":3190},"apc_paid":{"value":2590,"currency":"EUR","value_usd":3190},"fwci":3.9822,"has_fulltext":true,"cited_by_count":22,"citation_normalized_percentile":{"value":0.94133337,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"21","issue":"2","first_page":"223","last_page":"237"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9970999956130981,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.821872353553772},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7026344537734985},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6190321445465088},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5945682525634766},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5639973878860474},{"id":"https://openalex.org/keywords/protocol","display_name":"Protocol (science)","score":0.4457879960536957},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.44003826379776},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.32263749837875366}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.821872353553772},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7026344537734985},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6190321445465088},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5945682525634766},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5639973878860474},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.4457879960536957},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.44003826379776},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.32263749837875366},{"id":"https://openalex.org/C142724271","wikidata":"https://www.wikidata.org/wiki/Q7208","display_name":"Pathology","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C204787440","wikidata":"https://www.wikidata.org/wiki/Q188504","display_name":"Alternative medicine","level":2,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1007/s10207-021-00551-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00551-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00551-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1007/s10207-021-00551-w","is_oa":true,"landing_page_url":"https://doi.org/10.1007/s10207-021-00551-w","pdf_url":"https://link.springer.com/content/pdf/10.1007/s10207-021-00551-w.pdf","source":{"id":"https://openalex.org/S164062316","display_name":"International Journal of Information Security","issn_l":"1615-5262","issn":["1615-5262","1615-5270"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319900","host_organization_name":"Springer Science+Business Media","host_organization_lineage":["https://openalex.org/P4310319900","https://openalex.org/P4310319965"],"host_organization_lineage_names":["Springer Science+Business Media","Springer Nature"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information Security","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.6100000143051147,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[{"id":"https://openalex.org/F4320311358","display_name":"Budapesti M\u0171szaki \u00e9s Gazdas\u00e1gtudom\u00e1nyi Egyetem","ror":"https://ror.org/02w42ss30"}],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3162806222.pdf","grobid_xml":"https://content.openalex.org/works/W3162806222.grobid-xml"},"referenced_works_count":33,"referenced_works":["https://openalex.org/W88388190","https://openalex.org/W1495491588","https://openalex.org/W1514087635","https://openalex.org/W1614668525","https://openalex.org/W1918688019","https://openalex.org/W1971800255","https://openalex.org/W1986150219","https://openalex.org/W2003529494","https://openalex.org/W2037026906","https://openalex.org/W2067148378","https://openalex.org/W2086585882","https://openalex.org/W2112995928","https://openalex.org/W2159714224","https://openalex.org/W2229250518","https://openalex.org/W2244501064","https://openalex.org/W2292865721","https://openalex.org/W2297419069","https://openalex.org/W2468677662","https://openalex.org/W2469491375","https://openalex.org/W2748789698","https://openalex.org/W2752602409","https://openalex.org/W2753498304","https://openalex.org/W2784797438","https://openalex.org/W2793157084","https://openalex.org/W2887773459","https://openalex.org/W2899106578","https://openalex.org/W2951787500","https://openalex.org/W2962960733","https://openalex.org/W2963742047","https://openalex.org/W3072699177","https://openalex.org/W4233819588","https://openalex.org/W4241814897","https://openalex.org/W6758981364"],"related_works":["https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W1883246888","https://openalex.org/W2891427086","https://openalex.org/W1968625315","https://openalex.org/W2370114625","https://openalex.org/W2947584067","https://openalex.org/W2039540146","https://openalex.org/W3118510577","https://openalex.org/W2280562859"],"abstract_inverted_index":{"Abstract":[0],"Technologies":[1],"for":[2,35,174],"integrating":[3],"enterprise":[4],"web":[5],"applications":[6],"have":[7],"improved":[8],"rapidly":[9],"over":[10],"the":[11,21,47,59,64,77,83,91,96,100,106,131,149,152,179],"years.":[12],"The":[13,156],"OAuth":[14,51,65,84,97,107,137,154,180],"framework":[15],"provides":[16],"authentication":[17,85,181],"and":[18,24,86,99,121,133,165,182],"authorization":[19,52,87,183],"using":[20],"users\u2019":[22],"profile":[23],"credentials":[25],"in":[26,50,76,82,95,130,159,178,190],"an":[27,55],"existing":[28],"identity":[29],"provider.":[30,48],"This":[31,103],"makes":[32],"it":[33],"possible":[34],"attackers":[36],"to":[37,57,147],"exploit":[38],"any":[39],"vulnerability":[40,81,188],"arising":[41],"from":[42],"exchange":[43],"of":[44,63,79,135,151,176],"data":[45],"with":[46,186],"Vulnerability":[49],"flow":[53,61,88],"allows":[54],"attacker":[56],"alter":[58],"normal":[60],"sequence":[62],"protocol.":[66],"In":[67],"this":[68,160],"paper,":[69],"a":[70,110,191],"machine":[71],"learning-based":[72],"approach":[73],"was":[74,172],"applied":[75,129],"detection":[78,175],"potential":[80],"by":[89],"analyzing":[90],"relationship":[92],"between":[93],"changes":[94],"parameters":[98],"final":[101],"output.":[102],"research":[104,161],"models":[105,117,157],"protocol":[108],"as":[109],"supervised":[111],"learning":[112],"problem":[113],"where":[114],"seven":[115],"classification":[116],"were":[118,128,162],"developed,":[119],"tuned":[120,164],"evaluated.":[122],"Exploratory":[123],"Data":[124],"Analytics":[125],"(EDA)":[126],"techniques":[127],"extraction":[132],"analysis":[134],"specific":[136],"features":[138],"so":[139],"that":[140],"each":[141],"output":[142],"class":[143],"could":[144],"be":[145],"evaluated":[146],"determine":[148],"effect":[150],"identified":[153],"features.":[155],"developed":[158],"trained,":[163],"tested.":[166],"A":[167],"performance":[168],"accuracy":[169],"above":[170],"90%":[171],"attained":[173],"vulnerabilities":[177],"flow.":[184],"Comparison":[185],"known":[187],"resulted":[189],"54%":[192],"match.":[193]},"counts_by_year":[{"year":2025,"cited_by_count":8},{"year":2024,"cited_by_count":5},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":1}],"updated_date":"2026-04-01T17:29:45.350535","created_date":"2025-10-10T00:00:00"}