{"id":"https://openalex.org/W2026347877","doi":"https://doi.org/10.1108/09685221211235625","title":"Estimates of success rates of remote arbitrary code execution attacks","display_name":"Estimates of success rates of remote arbitrary code execution attacks","publication_year":2012,"publication_date":"2012-06-01","ids":{"openalex":"https://openalex.org/W2026347877","doi":"https://doi.org/10.1108/09685221211235625","mag":"2026347877"},"language":"en","primary_location":{"id":"doi:10.1108/09685221211235625","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685221211235625","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://zenodo.org/record/3429800","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5091355367","display_name":"Teodor Sommestad","orcid":"https://orcid.org/0000-0002-2606-4139"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Teodor Sommestad","raw_affiliation_strings":["Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)"],"affiliations":[{"raw_affiliation_string":"Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","institution_ids":["https://openalex.org/I86987016"]},{"raw_affiliation_string":"(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5103165985","display_name":"Hannes Holm","orcid":null},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Hannes Holm","raw_affiliation_strings":["Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)"],"affiliations":[{"raw_affiliation_string":"Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","institution_ids":["https://openalex.org/I86987016"]},{"raw_affiliation_string":"(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102842661","display_name":"Mathias Ekstedt","orcid":"https://orcid.org/0000-0003-3922-9606"},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":false,"raw_author_name":"Mathias Ekstedt","raw_affiliation_strings":["Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)"],"affiliations":[{"raw_affiliation_string":"Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden","institution_ids":["https://openalex.org/I86987016"]},{"raw_affiliation_string":"(Industrial Information and Control Systems, KTH Royal Institute of Technology, Stockholm, Sweden)","institution_ids":["https://openalex.org/I86987016"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5091355367"],"corresponding_institution_ids":["https://openalex.org/I86987016"],"apc_list":null,"apc_paid":null,"fwci":7.816,"has_fulltext":false,"cited_by_count":21,"citation_normalized_percentile":{"value":0.96963734,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":"20","issue":"2","first_page":"107","last_page":"122"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9955999851226807,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.992900013923645,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8171581029891968},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6788796186447144},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5812455415725708},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5041650533676147},{"id":"https://openalex.org/keywords/weighting","display_name":"Weighting","score":0.48772725462913513},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.4805510640144348},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4627630114555359},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.15232902765274048}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8171581029891968},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6788796186447144},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5812455415725708},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5041650533676147},{"id":"https://openalex.org/C183115368","wikidata":"https://www.wikidata.org/wiki/Q856577","display_name":"Weighting","level":2,"score":0.48772725462913513},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.4805510640144348},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4627630114555359},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.15232902765274048},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C126838900","wikidata":"https://www.wikidata.org/wiki/Q77604","display_name":"Radiology","level":1,"score":0.0},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1108/09685221211235625","is_oa":false,"landing_page_url":"https://doi.org/10.1108/09685221211235625","pdf_url":null,"source":{"id":"https://openalex.org/S204075876","display_name":"Information Management & Computer Security","issn_l":"0968-5227","issn":["0968-5227","1758-5805"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319811","host_organization_name":"Emerald Publishing Limited","host_organization_lineage":["https://openalex.org/P4310319811"],"host_organization_lineage_names":["Emerald Publishing Limited"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information Management &amp; Computer Security","raw_type":"journal-article"},{"id":"pmh:oai:zenodo.org:3429800","is_oa":true,"landing_page_url":"https://zenodo.org/record/3429800","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"}],"best_oa_location":{"id":"pmh:oai:zenodo.org:3429800","is_oa":true,"landing_page_url":"https://zenodo.org/record/3429800","pdf_url":null,"source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"info:eu-repo/semantics/article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7799999713897705}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":32,"referenced_works":["https://openalex.org/W123720765","https://openalex.org/W1495864704","https://openalex.org/W1501429253","https://openalex.org/W1512687779","https://openalex.org/W1537783470","https://openalex.org/W1587981097","https://openalex.org/W1991160483","https://openalex.org/W1991766488","https://openalex.org/W1993558273","https://openalex.org/W2009083767","https://openalex.org/W2037755262","https://openalex.org/W2052591741","https://openalex.org/W2053597171","https://openalex.org/W2053945117","https://openalex.org/W2063431930","https://openalex.org/W2079025608","https://openalex.org/W2081394306","https://openalex.org/W2098010707","https://openalex.org/W2111284364","https://openalex.org/W2132811257","https://openalex.org/W2143396794","https://openalex.org/W2145482311","https://openalex.org/W2159306398","https://openalex.org/W2168909631","https://openalex.org/W2179747557","https://openalex.org/W2180474751","https://openalex.org/W2479612266","https://openalex.org/W2620244897","https://openalex.org/W2678934292","https://openalex.org/W4248996458","https://openalex.org/W4388156124","https://openalex.org/W7046755668"],"related_works":["https://openalex.org/W2180954594","https://openalex.org/W2052835778","https://openalex.org/W2049003611","https://openalex.org/W2127804977","https://openalex.org/W2108418243","https://openalex.org/W164103134","https://openalex.org/W2787352659","https://openalex.org/W1970611213","https://openalex.org/W1707372784","https://openalex.org/W2096006843"],"abstract_inverted_index":{"Purpose":[0],"The":[1,53,73,94,157,237],"purpose":[2],"of":[3,11,19,56,149,159,190],"this":[4,160,188],"paper":[5,238],"is":[6,75,81,153],"to":[7,33,164,169,198,211,226,246],"identify":[8],"the":[9,12,16,35,98,104,117,121,147,183],"importance":[10],"factors":[13],"that":[14,194],"influence":[15,148],"success":[17,54,123],"rate":[18,124],"remote":[20,175],"arbitrary":[21],"code":[22,38,176,200],"execution":[23,177],"attacks.":[24,72,142,178],"In":[25],"other":[26],"words,":[27],"attacks":[28,43,47,57,67,133,224],"which":[29],"use":[30,195],"software":[31,196],"vulnerabilities":[32,197],"execute":[34,199,227],"attacker's":[36],"own":[37],"on":[39,103,116,144,167,201,220,229],"targeted":[40,202],"machines.":[41],"Both":[42],"against":[44,48,174,235],"servers":[45],"and":[46,68,80,109,128,134,137,206],"clients":[49],"are":[50,58,204,216,225,234],"studied.":[51],"Design/methodology/approach":[52],"rates":[55],"assessed":[59],"for":[60,65,70,90,131,140],"24":[61],"scenarios:":[62],"16":[63],"scenarios":[64],"server\u2010side":[66,132],"eight":[69],"client\u2010side":[71,141],"assessment":[74],"made":[76],"through":[77],"domain":[78,112],"experts":[79],"synthesized":[82],"using":[83,242],"Cooke's":[84],"classical":[85],"method,":[86],"an":[87],"established":[88],"method":[89],"weighting":[91],"experts'":[92],"judgments.":[93,249],"variables":[95],"included":[96],"in":[97,119],"study":[99,161],"were":[100],"selected":[101],"based":[102],"literature,":[105],"a":[106,208,243],"pilot":[107],"study,":[108],"interviews":[110],"with":[111],"experts.":[113],"Findings":[114],"Depending":[115],"scenario":[118],"question,":[120],"expected":[122],"varies":[125],"between":[126,135],"15":[127],"67":[129,138],"percent":[130,139],"43":[136],"Based":[143],"these":[145],"scenarios,":[146],"different":[150],"protective":[151],"measures":[152,233],"identified.":[154],"Practical":[155],"implications":[156],"results":[158,180],"offer":[162],"guidance":[163],"decision":[165],"makers":[166],"how":[168,221,230],"best":[170],"secure":[171],"their":[172],"assets":[173],"These":[179],"also":[181],"indicate":[182],"overall":[184],"risk":[185,210],"posed":[186],"by":[187],"type":[189],"attack.":[191],"Originality/value":[192],"Attacks":[193],"machines":[203],"common":[205],"pose":[207],"serious":[209],"most":[212],"enterprises.":[213],"However,":[214],"there":[215],"no":[217],"quantitative":[218],"data":[219,241],"difficult":[222],"such":[223,240],"or":[228],"effective":[231],"security":[232],"them.":[236],"provides":[239],"structured":[244],"technique":[245],"combine":[247],"expert":[248]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":2},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":3},{"year":2012,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}