{"id":"https://openalex.org/W2207457333","doi":"https://doi.org/10.1080/19393555.2015.1111961","title":"Predicting Cyber Risks through National Vulnerability Database","display_name":"Predicting Cyber Risks through National Vulnerability Database","publication_year":2015,"publication_date":"2015-11-30","ids":{"openalex":"https://openalex.org/W2207457333","doi":"https://doi.org/10.1080/19393555.2015.1111961","mag":"2207457333"},"language":"en","primary_location":{"id":"doi:10.1080/19393555.2015.1111961","is_oa":false,"landing_page_url":"https://doi.org/10.1080/19393555.2015.1111961","pdf_url":null,"source":{"id":"https://openalex.org/S39280739","display_name":"Information Security Journal A Global Perspective","issn_l":"1939-3547","issn":["1939-3547","1939-3555"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Security Journal: A Global Perspective","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5101757162","display_name":"Su Zhang","orcid":"https://orcid.org/0000-0002-8172-7740"},"institutions":[{"id":"https://openalex.org/I1308906816","display_name":"NortonLifeLock (United States)","ror":"https://ror.org/0449t3a80","country_code":"US","type":"company","lineage":["https://openalex.org/I1308906816"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Su Zhang","raw_affiliation_strings":["Cloud Platform Engineering, Symantec Corporation, Mountain View, California, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Cloud Platform Engineering, Symantec Corporation, Mountain View, California, USA","institution_ids":["https://openalex.org/I1308906816"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113810433","display_name":"Xinming Ou","orcid":"https://orcid.org/0009-0007-2501-7991"},"institutions":[{"id":"https://openalex.org/I2613432","display_name":"University of South Florida","ror":"https://ror.org/032db5x82","country_code":"US","type":"education","lineage":["https://openalex.org/I2613432"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinming Ou","raw_affiliation_strings":["Department of Computer Science and Engineering, University of South Florida, Tampa, Florida, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, University of South Florida, Tampa, Florida, USA","institution_ids":["https://openalex.org/I2613432"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5067341711","display_name":"Doina Caragea","orcid":"https://orcid.org/0000-0002-6440-0914"},"institutions":[{"id":"https://openalex.org/I189590672","display_name":"Kansas State University","ror":"https://ror.org/05p1j8758","country_code":"US","type":"education","lineage":["https://openalex.org/I189590672"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Doina Caragea","raw_affiliation_strings":["Department of Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA","institution_ids":["https://openalex.org/I189590672"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5101757162"],"corresponding_institution_ids":["https://openalex.org/I1308906816"],"apc_list":null,"apc_paid":null,"fwci":8.2449,"has_fulltext":false,"cited_by_count":59,"citation_normalized_percentile":{"value":0.97341148,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"24","issue":"4-6","first_page":"194","last_page":"206"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7774244546890259},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6969504356384277},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.6746816635131836},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.635200560092926},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5634926557540894},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5567841529846191},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5504183173179626},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4917033314704895},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.43910956382751465},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3797900676727295},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.34796175360679626},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3472977876663208},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.3423806428909302},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.29949599504470825},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.10728457570075989}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7774244546890259},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6969504356384277},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.6746816635131836},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.635200560092926},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5634926557540894},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5567841529846191},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5504183173179626},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4917033314704895},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.43910956382751465},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3797900676727295},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.34796175360679626},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3472977876663208},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.3423806428909302},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.29949599504470825},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.10728457570075989},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1080/19393555.2015.1111961","is_oa":false,"landing_page_url":"https://doi.org/10.1080/19393555.2015.1111961","pdf_url":null,"source":{"id":"https://openalex.org/S39280739","display_name":"Information Security Journal A Global Perspective","issn_l":"1939-3547","issn":["1939-3547","1939-3555"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320547","host_organization_name":"Taylor & Francis","host_organization_lineage":["https://openalex.org/P4310320547"],"host_organization_lineage_names":["Taylor & Francis"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Security Journal: A Global Perspective","raw_type":"journal-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.705.2125","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.705.2125","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://people.cis.ksu.edu/%7Ezhangs84/papers/ISJ16.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W1946033","https://openalex.org/W39385419","https://openalex.org/W110007310","https://openalex.org/W1527341546","https://openalex.org/W1547152107","https://openalex.org/W1550602550","https://openalex.org/W1590752147","https://openalex.org/W1989892116","https://openalex.org/W1997322704","https://openalex.org/W2022695357","https://openalex.org/W2078283664","https://openalex.org/W2087064593","https://openalex.org/W2120077409","https://openalex.org/W2121141821","https://openalex.org/W2126513985","https://openalex.org/W2159173139","https://openalex.org/W2245321558","https://openalex.org/W2738559562","https://openalex.org/W4285719527"],"related_works":["https://openalex.org/W2560421591","https://openalex.org/W1978034799","https://openalex.org/W2796094063","https://openalex.org/W4384518368","https://openalex.org/W2062583373","https://openalex.org/W2123075981","https://openalex.org/W2537414278","https://openalex.org/W2504659933","https://openalex.org/W2509785410","https://openalex.org/W3043810321"],"abstract_inverted_index":{"Software":[0],"vulnerabilities":[1,42,61],"are":[2,74],"the":[3,68,77,92,114,133,137,154,167,171,177,187,202,227,235],"major":[4],"cause":[5],"of":[6,70,97,135,170,189,237],"cyber":[7],"security":[8,69,80,110],"problems.":[9],"The":[10],"National":[11],"Vulnerability":[12],"Database":[13],"(NVD)":[14],"is":[15,51],"a":[16,95,100,143,190,208],"public":[17],"data":[18,131,178,204,228],"source":[19],"that":[20,63,73,94,176],"maintains":[21],"standardized":[22],"information":[23,36,50,155],"about":[24,37],"reported":[25],"software":[26,41,47,60,79,98,145,194],"vulnerabilities.":[27],"Since":[28],"its":[29],"inception":[30],"in":[31,54,59,109,117,157,179,225,229],"1997,":[32],"NVD":[33,130,158,180,203,230],"has":[34],"published":[35],"more":[38,44],"than":[39,45],"43,000":[40],"affecting":[43],"17,000":[46],"applications.":[48,195],"This":[49],"potentially":[52],"valuable":[53],"understanding":[55],"trends":[56],"and":[57,159,193,221],"patterns":[58],"so":[62],"one":[64,84],"can":[65,231],"better":[66],"manage":[67],"computer":[71],"systems":[72],"pestered":[75],"by":[76],"ubiquitous":[78],"flaws.":[81],"In":[82],"particular,":[83],"would":[85],"like":[86],"to":[87,90,113,139,165,214],"be":[88,105,232],"able":[89],"predict":[91],"likelihood":[93],"piece":[96],"contains":[99],"yet-to-be-discovered":[101],"vulnerability,":[102],"which":[103,226],"must":[104],"taken":[106],"into":[107],"account":[108],"management":[111],"due":[112],"increasing":[115],"trend":[116],"zero-day":[118],"attacks.":[119],"We":[120,147,196],"conducted":[121],"an":[122],"empirical":[123],"study":[124],"on":[125,129],"applying":[126],"data-mining":[127],"techniques":[128],"with":[132,149,186,217],"objective":[134],"predicting":[136],"time":[138,213],"next":[140,215],"vulnerability":[141,216],"for":[142,200,212,234],"given":[144],"application.":[146],"experimented":[148],"various":[150,161],"features":[151],"constructed":[152],"using":[153],"available":[156],"applied":[160],"machine":[162],"learning":[163],"algorithms":[164],"examine":[166],"predictive":[168],"power":[169],"data.":[172],"Our":[173],"results":[174],"show":[175],"generally":[181],"have":[182,205],"poor":[183],"prediction":[184,210],"capability,":[185],"exception":[188],"few":[191],"vendors":[192],"suggest":[197,222],"possible":[198],"reasons":[199],"why":[201],"not":[206],"produced":[207],"reasonable":[209],"model":[211],"our":[218],"current":[219],"approach,":[220],"alternative":[223],"ways":[224],"used":[233],"purpose":[236],"risk":[238],"estimation.":[239]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":7},{"year":2023,"cited_by_count":12},{"year":2022,"cited_by_count":6},{"year":2021,"cited_by_count":7},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":8},{"year":2018,"cited_by_count":7},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":1}],"updated_date":"2026-06-05T09:01:59.212387","created_date":"2025-10-10T00:00:00"}