{"id":"https://openalex.org/W4407900144","doi":"https://doi.org/10.1109/access.2025.3545124","title":"A Robust Framework for Comprehensive Container Image Vulnerability Assessment","display_name":"A Robust Framework for Comprehensive Container Image Vulnerability Assessment","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4407900144","doi":"https://doi.org/10.1109/access.2025.3545124"},"language":"en","primary_location":{"id":"doi:10.1109/access.2025.3545124","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3545124","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3545124","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100713154","display_name":"Young Soo Kim","orcid":"https://orcid.org/0000-0001-5029-7082"},"institutions":[{"id":"https://openalex.org/I142401562","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10","country_code":"KR","type":"facility","lineage":["https://openalex.org/I142401562","https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098"]}],"countries":["KR"],"is_corresponding":true,"raw_author_name":"Youngsoo Kim","raw_affiliation_strings":["Electronics and Telecommunications Research Institute, Daejeon, South Korea"],"affiliations":[{"raw_affiliation_string":"Electronics and Telecommunications Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I142401562"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021047372","display_name":"Cheol-Hee Park","orcid":"https://orcid.org/0000-0002-3637-9951"},"institutions":[{"id":"https://openalex.org/I142401562","display_name":"Electronics and Telecommunications Research Institute","ror":"https://ror.org/03ysstz10","country_code":"KR","type":"facility","lineage":["https://openalex.org/I142401562","https://openalex.org/I2801339556","https://openalex.org/I4210144908","https://openalex.org/I4387152098"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Cheolhee Park","raw_affiliation_strings":["Electronics and Telecommunications Research Institute, Daejeon, South Korea"],"affiliations":[{"raw_affiliation_string":"Electronics and Telecommunications Research Institute, Daejeon, South Korea","institution_ids":["https://openalex.org/I142401562"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5024081692","display_name":"Dowon Hong","orcid":"https://orcid.org/0000-0001-9690-5055"},"institutions":[{"id":"https://openalex.org/I206597221","display_name":"Kongju National University","ror":"https://ror.org/0373nm262","country_code":"KR","type":"education","lineage":["https://openalex.org/I206597221"]},{"id":"https://openalex.org/I44073558","display_name":"Gongju National University of Education","ror":"https://ror.org/03sf7t726","country_code":"KR","type":"education","lineage":["https://openalex.org/I44073558"]}],"countries":["KR"],"is_corresponding":false,"raw_author_name":"Dowon Hong","raw_affiliation_strings":["Department of Applied Mathematics, Kongju National University, Gongju-si, South Korea","Department of Applied Mathematics, Kongju National University, Gongju, South Korea"],"affiliations":[{"raw_affiliation_string":"Department of Applied Mathematics, Kongju National University, Gongju-si, South Korea","institution_ids":["https://openalex.org/I206597221","https://openalex.org/I44073558"]},{"raw_affiliation_string":"Department of Applied Mathematics, Kongju National University, Gongju, South Korea","institution_ids":["https://openalex.org/I206597221"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5100713154"],"corresponding_institution_ids":["https://openalex.org/I142401562"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":14.2996,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.98403761,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":96,"max":100},"biblio":{"volume":"13","issue":null,"first_page":"35837","last_page":"35847"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.883400022983551,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.883400022983551,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11357","display_name":"Risk and Safety Analysis","score":0.8777999877929688,"subfield":{"id":"https://openalex.org/subfields/1804","display_name":"Statistics, Probability and Uncertainty"},"field":{"id":"https://openalex.org/fields/18","display_name":"Decision Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T14470","display_name":"Advanced Data Processing Techniques","score":0.8712999820709229,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.7056719064712524},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6865262389183044},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5790684819221497},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5408838391304016},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3715246915817261},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.3610285520553589},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3312101662158966},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.0985676646232605}],"concepts":[{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.7056719064712524},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6865262389183044},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5790684819221497},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5408838391304016},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3715246915817261},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.3610285520553589},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3312101662158966},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0985676646232605},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2025.3545124","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3545124","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:4e24743874224190b138be9eb88f55c1","is_oa":true,"landing_page_url":"https://doaj.org/article/4e24743874224190b138be9eb88f55c1","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 13, Pp 35837-35847 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3545124","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3545124","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W2805253791","https://openalex.org/W2936268283","https://openalex.org/W3007480145","https://openalex.org/W3034173033","https://openalex.org/W4213449103","https://openalex.org/W4386946955","https://openalex.org/W4388894132","https://openalex.org/W4402264034","https://openalex.org/W6780807558"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W1756374135","https://openalex.org/W2062873522","https://openalex.org/W2947584067","https://openalex.org/W2280562859","https://openalex.org/W230721595","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2789975780"],"abstract_inverted_index":{"Container":[0],"technologies":[1],"have":[2,50],"become":[3],"integral":[4],"to":[5,39,103,147],"modern":[6],"cloud-native":[7],"application":[8],"development,":[9],"offering":[10],"flexibility,":[11],"scalability,":[12],"and":[13,21,25,35,95,113,182],"ease":[14],"of":[15,108,165,175],"deployment.":[16],"Although":[17],"containers":[18],"offer":[19],"efficiency":[20],"scalability":[22],"in":[23,84,194],"deploying":[24],"managing":[26],"applications,":[27],"they":[28],"face":[29],"security":[30,48,64],"concerns":[31],"such":[32],"as":[33,61],"malware":[34],"privilege":[36],"escalation":[37],"due":[38],"their":[40,82],"weaker":[41],"isolation.":[42],"To":[43,161],"address":[44],"these":[45],"issues,":[46],"various":[47,180],"solutions":[49,193],"been":[51],"developed,":[52],"among":[53],"which":[54,80],"container":[55,97,115,155,176],"image":[56,98],"scanning":[57],"technology":[58],"is":[59],"regarded":[60],"a":[62,93],"fundamental":[63],"measure.":[65],"However,":[66],"existing":[67,118,192],"approaches":[68],"mainly":[69],"focus":[70],"on":[71,124,132,173],"OS":[72],"packages,":[73,79],"neglecting":[74],"manually":[75],"installed":[76],"or":[77,136,157],"migrated":[78],"limits":[81],"effectiveness":[83,164],"detecting":[85,195],"real-world":[86],"threats.":[87],"In":[88,139],"this":[89],"paper,":[90],"we":[91,169],"propose":[92,142],"novel":[94],"rigorous":[96],"vulnerability":[99],"assessment":[100],"system":[101,122,127,146,189],"designed":[102],"ensure":[104],"the":[105,120,141,145,163,166,183],"secure":[106],"deployment":[107],"applications":[109],"across":[110],"both":[111],"standard":[112],"non-standard":[114],"images.":[116],"Unlike":[117],"methods,":[119],"proposed":[121,167],"focuses":[123],"direct":[125],"file":[126],"inspection":[128],"rather":[129],"than":[130],"relying":[131],"package":[133],"manager":[134],"analysis":[135],"Dockerfile":[137],"inspection.":[138],"addition,":[140],"approach":[143],"enables":[144],"detect":[148],"vulnerabilities":[149],"that":[150,187],"may":[151],"be":[152],"introduced":[153],"during":[154],"execution":[156],"through":[158],"runtime-installed":[159],"packages.":[160],"evaluate":[162],"system,":[168],"conducted":[170],"extensive":[171],"experiments":[172],"datasets":[174],"images":[177],"collected":[178],"from":[179],"scenarios,":[181],"experimental":[184],"results":[185],"demonstrate":[186],"our":[188],"significantly":[190],"outperforms":[191],"vulnerabilities.":[196]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":3}],"updated_date":"2025-12-28T23:10:05.387466","created_date":"2025-10-10T00:00:00"}