{"id":"https://openalex.org/W7128614500","doi":"https://doi.org/10.1109/access.2026.3663577","title":"AegisGuard: A Context-Aware Framework for Semantic Vulnerability Detection and Risk Stratification","display_name":"AegisGuard: A Context-Aware Framework for Semantic Vulnerability Detection and Risk Stratification","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7128614500","doi":"https://doi.org/10.1109/access.2026.3663577"},"language":null,"primary_location":{"id":"doi:10.1109/access.2026.3663577","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3663577","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2026.3663577","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5125639278","display_name":"Pin-Chieh Huang","orcid":null},"institutions":[{"id":"https://openalex.org/I169090423","display_name":"Tunghai University","ror":"https://ror.org/00zhvdn11","country_code":"TW","type":"education","lineage":["https://openalex.org/I169090423"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Pin-Chieh Huang","raw_affiliation_strings":["Department of Computer Science, Tunghai University, Taichung, Taiwan"],"raw_orcid":"https://orcid.org/0009-0001-9278-8741","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Tunghai University, Taichung, Taiwan","institution_ids":["https://openalex.org/I169090423"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020533893","display_name":"Ching-Hao Mao","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122179","display_name":"Wistron (Taiwan)","ror":"https://ror.org/02knfsk89","country_code":"TW","type":"company","lineage":["https://openalex.org/I4210122179"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Ching-Hao Mao","raw_affiliation_strings":["Department of Advanced Technology Development, Wistron NeWeb Corporation (WNC), Hsinchu, Taiwan"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Department of Advanced Technology Development, Wistron NeWeb Corporation (WNC), Hsinchu, Taiwan","institution_ids":["https://openalex.org/I4210122179"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5057146164","display_name":"Chun-Ming Lai","orcid":"https://orcid.org/0000-0002-8680-5947"},"institutions":[{"id":"https://openalex.org/I169090423","display_name":"Tunghai University","ror":"https://ror.org/00zhvdn11","country_code":"TW","type":"education","lineage":["https://openalex.org/I169090423"]}],"countries":["TW"],"is_corresponding":false,"raw_author_name":"Chun-Ming Lai","raw_affiliation_strings":["Department of Computer Science, Tunghai University, Taichung, Taiwan"],"raw_orcid":"https://orcid.org/0000-0002-8680-5947","affiliations":[{"raw_affiliation_string":"Department of Computer Science, Tunghai University, Taichung, Taiwan","institution_ids":["https://openalex.org/I169090423"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.14581942,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"14","issue":null,"first_page":"26538","last_page":"26551"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.7400000095367432,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.7400000095367432,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.09650000184774399,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.0203000009059906,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7265999913215637},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.6771000027656555},{"id":"https://openalex.org/keywords/ground-truth","display_name":"Ground truth","score":0.6319000124931335},{"id":"https://openalex.org/keywords/identification","display_name":"Identification (biology)","score":0.48539999127388},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.3573000133037567},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.35580000281333923},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.3402000069618225},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.3330000042915344}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8776000142097473},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7265999913215637},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.6771000027656555},{"id":"https://openalex.org/C146849305","wikidata":"https://www.wikidata.org/wiki/Q370766","display_name":"Ground truth","level":2,"score":0.6319000124931335},{"id":"https://openalex.org/C116834253","wikidata":"https://www.wikidata.org/wiki/Q2039217","display_name":"Identification (biology)","level":2,"score":0.48539999127388},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3785000145435333},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.3573000133037567},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.35580000281333923},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.34459999203681946},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.3402000069618225},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.3330000042915344},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.32339999079704285},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.30720001459121704},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.3043999969959259},{"id":"https://openalex.org/C2776151529","wikidata":"https://www.wikidata.org/wiki/Q3045304","display_name":"Object detection","level":3,"score":0.30410000681877136},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.2976999878883362},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.2881999909877777},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.2865000069141388},{"id":"https://openalex.org/C2129575","wikidata":"https://www.wikidata.org/wiki/Q54837","display_name":"Semantic Web","level":2,"score":0.27469998598098755},{"id":"https://openalex.org/C97686452","wikidata":"https://www.wikidata.org/wiki/Q7604153","display_name":"Static analysis","level":2,"score":0.2718000113964081},{"id":"https://openalex.org/C2777877512","wikidata":"https://www.wikidata.org/wiki/Q1116097","display_name":"Common ground","level":2,"score":0.2655999958515167},{"id":"https://openalex.org/C184337299","wikidata":"https://www.wikidata.org/wiki/Q1437428","display_name":"Semantics (computer science)","level":2,"score":0.25450000166893005},{"id":"https://openalex.org/C35525427","wikidata":"https://www.wikidata.org/wiki/Q745881","display_name":"Intrusion detection system","level":2,"score":0.2540999948978424},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.25209999084472656}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/access.2026.3663577","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3663577","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1109/access.2026.3663577","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3663577","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1485068020","display_name":null,"funder_award_id":"113-2221-E-029-009-MY3","funder_id":"https://openalex.org/F4320331164","funder_display_name":"National Science and Technology Council"},{"id":"https://openalex.org/G7191348050","display_name":null,"funder_award_id":"114-2634-F-027-001-MBK","funder_id":"https://openalex.org/F4320331164","funder_display_name":"National Science and Technology Council"}],"funders":[{"id":"https://openalex.org/F4320331164","display_name":"National Science and Technology Council","ror":"https://ror.org/00wnb9798"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0],"growing":[1],"complexity":[2],"of":[3,10,114,165,191],"cyber":[4],"threats":[5],"has":[6],"exposed":[7],"the":[8,112,189],"limitations":[9],"traditional":[11],"vulnerability":[12,51,218],"assessment":[13],"tools,":[14],"which":[15],"primarily":[16],"rely":[17],"on":[18],"static":[19,124],"scanning":[20],"and":[21,32,53,69,80,91,108,118,131,134,148,172,184,194,215],"CVSS-based":[22],"scoring.":[23],"These":[24],"approaches":[25],"often":[26,121],"fail":[27],"to":[28,76,102,167],"capture":[29],"dynamic":[30],"configurations":[31],"evolving":[33],"threat":[34,63],"surfaces":[35],"in":[36,169,198],"enterprise":[37],"environments.":[38],"To":[39],"address":[40],"this":[41],"gap,":[42],"we":[43],"present":[44],"AegisGuard,":[45],"a":[46,70,136,178],"context-aware":[47,208],"framework":[48],"for":[49,145,153,212],"automated":[50],"detection":[52,171],"adaptive":[54],"risk":[55,83,180],"stratification.":[56],"AegisGuard":[57,97,160],"integrates":[58],"structured":[59,195],"system":[60],"telemetry,":[61],"semantic":[62],"intelligence":[64],"through":[65],"retrieval-augmented":[66],"generation":[67],"(RAG),":[68],"specialized":[71],"large":[72],"language":[73],"model":[74],"(LLM)":[75],"infer":[77],"CVE":[78,170],"applicability":[79],"assign":[81],"five-level":[82],"labels":[84],"(L0\u2013L4)":[85],"that":[86,159,206],"reflect":[87],"both":[88,115],"technical":[89],"severity":[90],"environmental":[92],"context.":[93],"Unlike":[94],"conventional":[95],"scanners,":[96],"dynamically":[98],"adjusts":[99],"its":[100],"reasoning":[101],"system-specific":[103],"privilege":[104],"settings,":[105],"exposure":[106],"levels,":[107],"service":[109],"criticality,":[110],"enabling":[111],"identification":[113],"critical":[116],"exploits":[117],"subtle":[119],"misconfigurations":[120],"missed":[122],"by":[123],"tools.":[125],"Our":[126],"evaluation":[127],"spans":[128],"heterogeneous":[129],"Linux":[130],"Windows":[132],"platforms":[133],"leverages":[135],"dual-layer":[137],"ground":[138],"truth":[139],"methodology:":[140],"Core":[141],"Ground":[142,150],"Truth":[143,151],"(C-GT)":[144],"verified":[146],"vulnerabilities":[147],"Extended":[149],"(E-GT)":[152],"semantically":[154],"related":[155],"threats.":[156],"Results":[157],"show":[158],"achieves":[161],"an":[162],"F1":[163],"score":[164],"up":[166],"0.79":[168],"exceeds":[173],"90%":[174],"classification":[175],"accuracy":[176],"within":[177],"\u00b11":[179],"margin.":[181],"Complementary":[182],"ablation":[183],"prompt":[185],"sensitivity":[186],"analyses":[187],"confirm":[188],"importance":[190],"RAG-based":[192],"enrichment":[193],"input":[196],"design":[197],"maximizing":[199],"LLM":[200],"effectiveness.":[201],"Overall,":[202],"these":[203],"findings":[204],"demonstrate":[205],"semantic,":[207],"modeling":[209],"is":[210],"essential":[211],"accurate,":[213],"scalable,":[214],"operationally":[216],"relevant":[217],"management.":[219]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-02-12T00:00:00"}