{"id":"https://openalex.org/W3197739068","doi":"https://doi.org/10.1109/csr51186.2021.9527984","title":"Software Vulnerabilities, Products and Exploits: A Statistical Relational Learning Approach","display_name":"Software Vulnerabilities, Products and Exploits: A Statistical Relational Learning Approach","publication_year":2021,"publication_date":"2021-07-26","ids":{"openalex":"https://openalex.org/W3197739068","doi":"https://doi.org/10.1109/csr51186.2021.9527984","mag":"3197739068"},"language":"en","primary_location":{"id":"doi:10.1109/csr51186.2021.9527984","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr51186.2021.9527984","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Caina Figueiredo","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Caina Figueiredo","raw_affiliation_strings":["Federal University,Rio de Janeiro,RJ,Brazil","Federal University, Rio de Janeiro, RJ, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University,Rio de Janeiro,RJ,Brazil","institution_ids":["https://openalex.org/I122140584"]},{"raw_affiliation_string":"Federal University, Rio de Janeiro, RJ, Brazil","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044430164","display_name":"Joao Gabriel Lopes","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Joao Gabriel Lopes","raw_affiliation_strings":["Federal University,Rio de Janeiro,RJ,Brazil","Federal University, Rio de Janeiro, RJ, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University,Rio de Janeiro,RJ,Brazil","institution_ids":["https://openalex.org/I122140584"]},{"raw_affiliation_string":"Federal University, Rio de Janeiro, RJ, Brazil","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045934725","display_name":"Rodrigo Pinto De Azevedo","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Rodrigo Azevedo","raw_affiliation_strings":["Federal University,Rio de Janeiro,RJ,Brazil","Federal University, Rio de Janeiro, RJ, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University,Rio de Janeiro,RJ,Brazil","institution_ids":["https://openalex.org/I122140584"]},{"raw_affiliation_string":"Federal University, Rio de Janeiro, RJ, Brazil","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012291023","display_name":"Gerson Zaverucha","orcid":"https://orcid.org/0000-0002-3641-6839"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Gerson Zaverucha","raw_affiliation_strings":["Federal University,Rio de Janeiro,RJ,Brazil","Federal University, Rio de Janeiro, RJ, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University,Rio de Janeiro,RJ,Brazil","institution_ids":["https://openalex.org/I122140584"]},{"raw_affiliation_string":"Federal University, Rio de Janeiro, RJ, Brazil","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034604991","display_name":"Daniel Sadoc Menasch\u00e9","orcid":"https://orcid.org/0000-0002-8953-4003"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Daniel Sadoc Menasche","raw_affiliation_strings":["Federal University,Rio de Janeiro,RJ,Brazil","Federal University, Rio de Janeiro, RJ, Brazil"],"affiliations":[{"raw_affiliation_string":"Federal University,Rio de Janeiro,RJ,Brazil","institution_ids":["https://openalex.org/I122140584"]},{"raw_affiliation_string":"Federal University, Rio de Janeiro, RJ, Brazil","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058585548","display_name":"Leandro Pfleger de Aguiar","orcid":"https://orcid.org/0000-0001-6516-328X"},"institutions":[{"id":"https://openalex.org/I4210137693","display_name":"Siemens (United States)","ror":"https://ror.org/04axb7e79","country_code":"US","type":"company","lineage":["https://openalex.org/I1325886976","https://openalex.org/I4210137693"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Leandro Pfleger de Aguiar","raw_affiliation_strings":["Siemens Technology Princeton,USA","Siemens Technology Princeton, USA"],"affiliations":[{"raw_affiliation_string":"Siemens Technology Princeton,USA","institution_ids":["https://openalex.org/I4210137693"]},{"raw_affiliation_string":"Siemens Technology Princeton, USA","institution_ids":["https://openalex.org/I4210137693"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I122140584"],"apc_list":null,"apc_paid":null,"fwci":0.1601,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.52914516,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":"66","issue":null,"first_page":"41","last_page":"46"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9919000267982483,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9833999872207642,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9695000052452087,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9751867055892944},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7789547443389893},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.7399881482124329},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5193634629249573},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5068348050117493},{"id":"https://openalex.org/keywords/statistical-relational-learning","display_name":"Statistical relational learning","score":0.49256569147109985},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.4570164978504181},{"id":"https://openalex.org/keywords/product","display_name":"Product (mathematics)","score":0.4390195906162262},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.39716410636901855},{"id":"https://openalex.org/keywords/relational-database","display_name":"Relational database","score":0.3813313841819763},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3379879295825958},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.3287249207496643},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.314164400100708},{"id":"https://openalex.org/keywords/mathematics","display_name":"Mathematics","score":0.08784836530685425},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08297446370124817}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9751867055892944},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7789547443389893},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.7399881482124329},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5193634629249573},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5068348050117493},{"id":"https://openalex.org/C177877439","wikidata":"https://www.wikidata.org/wiki/Q7604413","display_name":"Statistical relational learning","level":3,"score":0.49256569147109985},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.4570164978504181},{"id":"https://openalex.org/C90673727","wikidata":"https://www.wikidata.org/wiki/Q901718","display_name":"Product (mathematics)","level":2,"score":0.4390195906162262},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.39716410636901855},{"id":"https://openalex.org/C5655090","wikidata":"https://www.wikidata.org/wiki/Q192588","display_name":"Relational database","level":2,"score":0.3813313841819763},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3379879295825958},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3287249207496643},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.314164400100708},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.08784836530685425},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08297446370124817},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr51186.2021.9527984","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr51186.2021.9527984","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2021 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.4099999964237213,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":47,"referenced_works":["https://openalex.org/W1492916191","https://openalex.org/W1585529040","https://openalex.org/W1608748481","https://openalex.org/W1966682079","https://openalex.org/W1971733255","https://openalex.org/W1991160483","https://openalex.org/W1991766488","https://openalex.org/W2101705355","https://openalex.org/W2119829020","https://openalex.org/W2126185296","https://openalex.org/W2150475393","https://openalex.org/W2154398797","https://openalex.org/W2170946209","https://openalex.org/W2293156673","https://openalex.org/W2603292144","https://openalex.org/W2620741116","https://openalex.org/W2623359660","https://openalex.org/W2743517242","https://openalex.org/W2748690817","https://openalex.org/W2806725586","https://openalex.org/W2807143630","https://openalex.org/W2910203822","https://openalex.org/W2962973553","https://openalex.org/W2967263059","https://openalex.org/W2981268527","https://openalex.org/W3004437357","https://openalex.org/W3025570773","https://openalex.org/W3044927412","https://openalex.org/W3095258863","https://openalex.org/W3102673518","https://openalex.org/W3130623539","https://openalex.org/W3131737144","https://openalex.org/W3137883743","https://openalex.org/W3158650358","https://openalex.org/W4285719527","https://openalex.org/W4288263078","https://openalex.org/W6675204935","https://openalex.org/W6685137047","https://openalex.org/W6713147049","https://openalex.org/W6719743065","https://openalex.org/W6742725575","https://openalex.org/W6752447413","https://openalex.org/W6752568125","https://openalex.org/W6766198657","https://openalex.org/W6781159446","https://openalex.org/W6791064955","https://openalex.org/W6791300599"],"related_works":["https://openalex.org/W2906845177","https://openalex.org/W4200107511","https://openalex.org/W2891427086","https://openalex.org/W1968625315","https://openalex.org/W3181676408","https://openalex.org/W1549959306","https://openalex.org/W320292658","https://openalex.org/W4313639514","https://openalex.org/W2186138942","https://openalex.org/W3186228248"],"abstract_inverted_index":{"Data":[0],"on":[1,17,67,95,173],"software":[2],"vulnerabilities,":[3,59,89,149],"products":[4,19,60,87],"and":[5,61,88,90,92,104,118],"exploits":[6],"is":[7,25,137],"typically":[8],"collected":[9],"from":[10,30,145],"multiple":[11],"non-structured":[12],"sources.":[13],"Valuable":[14],"information,":[15,154],"e.g.,":[16,143,155],"which":[18,23],"are":[20],"affected":[21],"by":[22,27],"exploits,":[24,93],"conveyed":[26],"matching":[28],"data":[29],"those":[31],"sources,":[32],"i.e.,":[33],"through":[34],"their":[35],"relations.":[36],"In":[37,63,159],"this":[38,42],"paper,":[39],"we":[40,65,108,133,166],"leverage":[41],"simple":[43,168],"albeit":[44],"unexplored":[45],"observation":[46],"to":[47,111,139],"introduce":[48],"a":[49,78],"statistical":[50],"relational":[51,163],"learning":[52],"(SRL)":[53],"approach":[54],"for":[55,77,124],"the":[56,68,72,84,100,125,146,176],"analysis":[57],"of":[58,70,74,116,122,148,178],"exploits.":[62],"particular,":[64],"focus":[66],"problem":[69,126],"determining":[71],"existence":[73],"an":[75,113,119],"exploit":[76],"given":[79,81],"product,":[80],"information":[82],"about":[83,156],"relations":[85],"between":[86],"vulnerabilities":[91],"focusing":[94],"Industrial":[96],"Control":[97],"Systems":[98],"(ICS),":[99],"National":[101],"Vulnerability":[102],"Database":[103],"ExploitDB.":[105],"Using":[106],"RDN-Boost,":[107],"were":[109],"able":[110],"reach":[112,130],"AUC":[114,120],"ROC":[115],"0.83":[117],"PR":[121],"0.69":[123],"at":[127],"hand.":[128],"To":[129],"that":[131,135,170],"performance,":[132],"indicate":[134],"it":[136],"instrumental":[138],"include":[140],"textual":[141],"features,":[142],"extracted":[144],"description":[147],"as":[150,152],"well":[151],"structured":[153],"product":[157],"categories.":[158],"addition,":[160],"using":[161],"interpretable":[162],"regression":[164],"trees":[165],"report":[167],"rules":[169],"shed":[171],"insight":[172],"factors":[174],"impacting":[175],"weaponization":[177],"ICS":[179],"products.":[180]},"counts_by_year":[{"year":2023,"cited_by_count":1}],"updated_date":"2026-04-16T08:26:57.006410","created_date":"2025-10-10T00:00:00"}