{"id":"https://openalex.org/W4403447112","doi":"https://doi.org/10.1109/access.2024.3481374","title":"Microservice Vulnerability Analysis: A Literature Review With Empirical Insights","display_name":"Microservice Vulnerability Analysis: A Literature Review With Empirical Insights","publication_year":2024,"publication_date":"2024-01-01","ids":{"openalex":"https://openalex.org/W4403447112","doi":"https://doi.org/10.1109/access.2024.3481374"},"language":"en","primary_location":{"id":"doi:10.1109/access.2024.3481374","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3481374","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"review","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2024.3481374","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5114286137","display_name":"Raveen Kanishka Jayalath","orcid":null},"institutions":[{"id":"https://openalex.org/I5681781","display_name":"The University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Raveen Kanishka Jayalath","raw_affiliation_strings":["School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","University of Adelaide, Australia"],"raw_orcid":"https://orcid.org/0009-0005-4802-1382","affiliations":[{"raw_affiliation_string":"School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","institution_ids":["https://openalex.org/I5681781"]},{"raw_affiliation_string":"University of Adelaide, Australia","institution_ids":["https://openalex.org/I5681781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5101660408","display_name":"Hussain Ahmad","orcid":"https://orcid.org/0000-0001-8815-7587"},"institutions":[{"id":"https://openalex.org/I5681781","display_name":"The University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Hussain Ahmad","raw_affiliation_strings":["School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","University of Adelaide, Australia"],"raw_orcid":"https://orcid.org/0000-0001-8815-7587","affiliations":[{"raw_affiliation_string":"School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","institution_ids":["https://openalex.org/I5681781"]},{"raw_affiliation_string":"University of Adelaide, Australia","institution_ids":["https://openalex.org/I5681781"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084412291","display_name":"Diksha Goel","orcid":"https://orcid.org/0000-0001-8212-8793"},"institutions":[{"id":"https://openalex.org/I1292875679","display_name":"Commonwealth Scientific and Industrial Research Organisation","ror":"https://ror.org/03qn8fb07","country_code":"AU","type":"government","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I4387156119"]},{"id":"https://openalex.org/I42894916","display_name":"Data61","ror":"https://ror.org/03q397159","country_code":"AU","type":"other","lineage":["https://openalex.org/I1292875679","https://openalex.org/I2801453606","https://openalex.org/I42894916","https://openalex.org/I4387156119"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Diksha Goel","raw_affiliation_strings":["CSIRO&#x2019;s Data61, Clayton, VIC, Australia","CSIRO&#x2019;s Data61, Australia"],"raw_orcid":"https://orcid.org/0000-0001-8212-8793","affiliations":[{"raw_affiliation_string":"CSIRO&#x2019;s Data61, Clayton, VIC, Australia","institution_ids":["https://openalex.org/I1292875679","https://openalex.org/I42894916"]},{"raw_affiliation_string":"CSIRO&#x2019;s Data61, Australia","institution_ids":["https://openalex.org/I42894916","https://openalex.org/I1292875679"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Muhammad Shuja Syed","orcid":"https://orcid.org/0000-0003-4812-4654"},"institutions":[{"id":"https://openalex.org/I4210146255","display_name":"Silence Therapeutics (United States)","ror":"https://ror.org/05dwtb503","country_code":"US","type":"company","lineage":["https://openalex.org/I4210134646","https://openalex.org/I4210146255"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Muhammad Shuja Syed","raw_affiliation_strings":["SLB, Houston, TX, USA","SLB, USA"],"raw_orcid":"https://orcid.org/0000-0003-4812-4654","affiliations":[{"raw_affiliation_string":"SLB, Houston, TX, USA","institution_ids":[]},{"raw_affiliation_string":"SLB, USA","institution_ids":["https://openalex.org/I4210146255"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074689211","display_name":"Faheem Ullah","orcid":"https://orcid.org/0000-0002-7678-1603"},"institutions":[{"id":"https://openalex.org/I5681781","display_name":"The University of Adelaide","ror":"https://ror.org/00892tw58","country_code":"AU","type":"education","lineage":["https://openalex.org/I5681781"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Faheem Ullah","raw_affiliation_strings":["School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","University of Adelaide, Australia"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"School of Computer and Mathematical Sciences, The University of Adelaide, Adelaide, SA, Australia","institution_ids":["https://openalex.org/I5681781"]},{"raw_affiliation_string":"University of Adelaide, Australia","institution_ids":["https://openalex.org/I5681781"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5114286137"],"corresponding_institution_ids":["https://openalex.org/I5681781"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":3.3101,"has_fulltext":false,"cited_by_count":10,"citation_normalized_percentile":{"value":0.92864061,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":"12","issue":null,"first_page":"155168","last_page":"155204"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9929999709129333,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9837999939918518,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.701356828212738},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.574838399887085},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5290226936340332},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3959214985370636},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.23648971319198608},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.07484936714172363}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.701356828212738},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.574838399887085},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5290226936340332},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3959214985370636},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.23648971319198608},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.07484936714172363},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2024.3481374","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3481374","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:3246f2f4bd8a4f9faeed055066580d47","is_oa":true,"landing_page_url":"https://doaj.org/article/3246f2f4bd8a4f9faeed055066580d47","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 12, Pp 155168-155204 (2024)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2024.3481374","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2024.3481374","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":95,"referenced_works":["https://openalex.org/W2322013807","https://openalex.org/W2513765047","https://openalex.org/W2550529331","https://openalex.org/W2560468917","https://openalex.org/W2563693940","https://openalex.org/W2578655761","https://openalex.org/W2585403493","https://openalex.org/W2588722087","https://openalex.org/W2744357384","https://openalex.org/W2752034591","https://openalex.org/W2758807987","https://openalex.org/W2766248701","https://openalex.org/W2773120226","https://openalex.org/W2780954022","https://openalex.org/W2786131231","https://openalex.org/W2791003924","https://openalex.org/W2792590405","https://openalex.org/W2801369688","https://openalex.org/W2801519282","https://openalex.org/W2801779434","https://openalex.org/W2804174676","https://openalex.org/W2806109533","https://openalex.org/W2886995815","https://openalex.org/W2892877065","https://openalex.org/W2905838340","https://openalex.org/W2911048197","https://openalex.org/W2922761213","https://openalex.org/W2936268283","https://openalex.org/W2944103775","https://openalex.org/W2953599647","https://openalex.org/W2954388734","https://openalex.org/W2955520352","https://openalex.org/W2956033010","https://openalex.org/W2963026732","https://openalex.org/W2983462835","https://openalex.org/W2989715396","https://openalex.org/W2998675524","https://openalex.org/W3005330455","https://openalex.org/W3006666257","https://openalex.org/W3011512329","https://openalex.org/W3018067527","https://openalex.org/W3026169053","https://openalex.org/W3041912091","https://openalex.org/W3061562950","https://openalex.org/W3081034060","https://openalex.org/W3097527727","https://openalex.org/W3107176592","https://openalex.org/W3113082031","https://openalex.org/W3114452056","https://openalex.org/W3115676336","https://openalex.org/W3121723636","https://openalex.org/W3125400929","https://openalex.org/W3130767031","https://openalex.org/W3139293882","https://openalex.org/W3157719223","https://openalex.org/W3158009416","https://openalex.org/W3172646970","https://openalex.org/W3177328664","https://openalex.org/W3190243498","https://openalex.org/W3203473930","https://openalex.org/W3207204380","https://openalex.org/W4205440020","https://openalex.org/W4206010938","https://openalex.org/W4213108923","https://openalex.org/W4220829356","https://openalex.org/W4221034655","https://openalex.org/W4232169583","https://openalex.org/W4236741779","https://openalex.org/W4293023295","https://openalex.org/W4293238389","https://openalex.org/W4294948391","https://openalex.org/W4297846217","https://openalex.org/W4299546373","https://openalex.org/W4328142914","https://openalex.org/W4382449989","https://openalex.org/W4384835155","https://openalex.org/W4385834032","https://openalex.org/W4386946955","https://openalex.org/W4388412703","https://openalex.org/W4388700468","https://openalex.org/W4388712798","https://openalex.org/W4394966872","https://openalex.org/W4399114138","https://openalex.org/W4399918187","https://openalex.org/W4400947017","https://openalex.org/W6760928574","https://openalex.org/W6773130785","https://openalex.org/W6773243790","https://openalex.org/W6781744845","https://openalex.org/W6788005943","https://openalex.org/W6791131171","https://openalex.org/W6863035404","https://openalex.org/W6980931447","https://openalex.org/W7019790472","https://openalex.org/W7028751688"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W1756374135","https://openalex.org/W2062873522","https://openalex.org/W2947584067","https://openalex.org/W2280562859","https://openalex.org/W230721595","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2789975780"],"abstract_inverted_index":{"Microservice":[0],"architectures":[1],"are":[2,57],"revolutionizing":[3],"both":[4,198],"small":[5],"businesses":[6],"and":[7,23,43,89,110,165,183,194,201],"large":[8],"corporations,":[9],"igniting":[10],"a":[11,48,61,68,101,127],"new":[12,49],"era":[13],"of":[14,37,51,63,70,76,104,138],"innovation":[15],"with":[16,29,73,97,171],"their":[17],"exceptional":[18],"advantages":[19],"in":[20,116,204],"maintainability,":[21],"reusability,":[22],"scalability.":[24],"However,":[25],"these":[26],"benefits":[27],"come":[28],"significant":[30],"security":[31,55,94,113],"challenges,":[32],"as":[33],"the":[34,135,199,202],"increased":[35],"complexity":[36],"service":[38],"interactions,":[39],"expanded":[40],"attack":[41],"surfaces,":[42],"intricate":[44],"dependency":[45],"management":[46],"introduce":[47],"array":[50],"cybersecurity":[52],"vulnerabilities.":[53,78],"While":[54],"concerns":[56],"mounting,":[58],"there":[59],"is":[60],"lack":[62],"comprehensive":[64,120],"research":[65],"that":[66,129],"integrates":[67],"review":[69],"existing":[71,91],"knowledge":[72],"empirical":[74,144],"analysis":[75,121,145,179],"microservice":[77,98,117,131,139,153,206],"This":[79,119],"study":[80,188],"aims":[81],"to":[82,124,161,196],"fill":[83],"this":[84],"gap":[85],"by":[86,146],"gathering,":[87],"analyzing,":[88],"synthesizing":[90],"literature":[92],"on":[93,134,150],"vulnerabilities":[95,114,132,170],"associated":[96],"architectures.":[99,118,207],"Through":[100],"thorough":[102],"examination":[103],"62":[105],"studies,":[106],"we":[107],"identify,":[108],"analyze,":[109],"report":[111],"126":[112],"inherent":[115],"enables":[122],"us":[123],"(i)":[125],"propose":[126],"taxonomy":[128,169],"categorizes":[130],"based":[133],"distinctive":[136],"features":[137],"architectures;":[140],"(ii)":[141],"conduct":[142],"an":[143,176],"performing":[147],"vulnerability":[148,178],"scans":[149],"four":[151],"diverse":[152],"benchmark":[154],"applications":[155],"using":[156],"three":[157],"different":[158],"scanning":[159,184],"tools":[160],"validate":[162],"our":[163,168],"taxonomy;":[164],"(iii)":[166],"map":[167],"empirically":[172],"identified":[173],"vulnerabilities,":[174],"providing":[175],"in-depth":[177],"at":[180],"microservice,":[181],"application,":[182],"tool":[185],"levels.":[186],"Our":[187],"offers":[189],"crucial":[190],"guidelines":[191],"for":[192],"practitioners":[193],"researchers":[195],"advance":[197],"state-of-the-practice":[200],"state-of-the-art":[203],"securing":[205]},"counts_by_year":[{"year":2026,"cited_by_count":3},{"year":2025,"cited_by_count":7}],"updated_date":"2026-05-06T08:25:59.206177","created_date":"2025-10-10T00:00:00"}