{"id":"https://openalex.org/W4300487691","doi":"https://doi.org/10.1109/csr54599.2022.9850335","title":"OGMA: Visualisation for Software Container Security Analysis and Automated Remediation","display_name":"OGMA: Visualisation for Software Container Security Analysis and Automated Remediation","publication_year":2022,"publication_date":"2022-07-27","ids":{"openalex":"https://openalex.org/W4300487691","doi":"https://doi.org/10.1109/csr54599.2022.9850335"},"language":"en","primary_location":{"id":"doi:10.1109/csr54599.2022.9850335","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr54599.2022.9850335","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5014349746","display_name":"Alan Mills","orcid":"https://orcid.org/0000-0003-4187-2270"},"institutions":[{"id":"https://openalex.org/I178535277","display_name":"University of the West of England","ror":"https://ror.org/02nwg5t34","country_code":"GB","type":"education","lineage":["https://openalex.org/I178535277"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Alan Mills","raw_affiliation_strings":["University of the West of England,Computer Science Research Centre,Bristol,UK","Computer Science Research Centre, University of the West of England, Bristol, UK"],"affiliations":[{"raw_affiliation_string":"University of the West of England,Computer Science Research Centre,Bristol,UK","institution_ids":["https://openalex.org/I178535277"]},{"raw_affiliation_string":"Computer Science Research Centre, University of the West of England, Bristol, UK","institution_ids":["https://openalex.org/I178535277"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033488166","display_name":"Jonathan White","orcid":"https://orcid.org/0000-0002-7931-658X"},"institutions":[{"id":"https://openalex.org/I178535277","display_name":"University of the West of England","ror":"https://ror.org/02nwg5t34","country_code":"GB","type":"education","lineage":["https://openalex.org/I178535277"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Jonathan White","raw_affiliation_strings":["University of the West of England,Computer Science Research Centre,Bristol,UK","Computer Science Research Centre, University of the West of England, Bristol, UK"],"affiliations":[{"raw_affiliation_string":"University of the West of England,Computer Science Research Centre,Bristol,UK","institution_ids":["https://openalex.org/I178535277"]},{"raw_affiliation_string":"Computer Science Research Centre, University of the West of England, Bristol, UK","institution_ids":["https://openalex.org/I178535277"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053235466","display_name":"Phil Legg","orcid":"https://orcid.org/0000-0003-3460-5609"},"institutions":[{"id":"https://openalex.org/I178535277","display_name":"University of the West of England","ror":"https://ror.org/02nwg5t34","country_code":"GB","type":"education","lineage":["https://openalex.org/I178535277"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Phil Legg","raw_affiliation_strings":["University of the West of England,Computer Science Research Centre,Bristol,UK","Computer Science Research Centre, University of the West of England, Bristol, UK"],"affiliations":[{"raw_affiliation_string":"University of the West of England,Computer Science Research Centre,Bristol,UK","institution_ids":["https://openalex.org/I178535277"]},{"raw_affiliation_string":"Computer Science Research Centre, University of the West of England, Bristol, UK","institution_ids":["https://openalex.org/I178535277"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5014349746"],"corresponding_institution_ids":["https://openalex.org/I178535277"],"apc_list":null,"apc_paid":null,"fwci":0.4144,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.62750016,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"76","last_page":"81"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/container","display_name":"Container (type theory)","score":0.8960200548171997},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7340900897979736},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6805226802825928},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.6372827887535095},{"id":"https://openalex.org/keywords/visualization","display_name":"Visualization","score":0.6228182911872864},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5344998240470886},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5275202393531799},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.4935542345046997},{"id":"https://openalex.org/keywords/threat-model","display_name":"Threat model","score":0.42914992570877075},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.41878026723861694},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.25712066888809204},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.24285101890563965},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.16168662905693054},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.14669442176818848},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.10920125246047974}],"concepts":[{"id":"https://openalex.org/C2781018962","wikidata":"https://www.wikidata.org/wiki/Q5164884","display_name":"Container (type theory)","level":2,"score":0.8960200548171997},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7340900897979736},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6805226802825928},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.6372827887535095},{"id":"https://openalex.org/C36464697","wikidata":"https://www.wikidata.org/wiki/Q451553","display_name":"Visualization","level":2,"score":0.6228182911872864},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5344998240470886},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5275202393531799},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.4935542345046997},{"id":"https://openalex.org/C140547941","wikidata":"https://www.wikidata.org/wiki/Q7797194","display_name":"Threat model","level":2,"score":0.42914992570877075},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.41878026723861694},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.25712066888809204},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.24285101890563965},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.16168662905693054},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.14669442176818848},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.10920125246047974},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C78519656","wikidata":"https://www.wikidata.org/wiki/Q101333","display_name":"Mechanical engineering","level":1,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr54599.2022.9850335","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr54599.2022.9850335","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2022 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":11,"referenced_works":["https://openalex.org/W597436473","https://openalex.org/W2598200822","https://openalex.org/W2968031544","https://openalex.org/W3012308217","https://openalex.org/W3034155019","https://openalex.org/W3084754580","https://openalex.org/W3118815308","https://openalex.org/W3215583729","https://openalex.org/W6782897890","https://openalex.org/W6788160615","https://openalex.org/W6804135535"],"related_works":["https://openalex.org/W4284888217","https://openalex.org/W1590991404","https://openalex.org/W2430357810","https://openalex.org/W2042616262","https://openalex.org/W2379513284","https://openalex.org/W4226106940","https://openalex.org/W3122267592","https://openalex.org/W120768992","https://openalex.org/W2182242992","https://openalex.org/W2040807797"],"abstract_inverted_index":{"The":[0,35],"use":[1],"of":[2,18,31,44,75,84,91,120,196,234,238],"software":[3,239],"containerisation":[4],"has":[5,13],"rapidly":[6],"increased":[7],"in":[8,65,106,207],"academia":[9],"and":[10,29,49,62,118,141,184,211,224],"industry":[11],"which":[12,68],"lead":[14],"to":[15,57,132,137,157,222,228],"the":[16,26,42,72,82,100,159,192,197,203,212,235],"production":[17],"several":[19],"container":[20,33,92,121,163,209,230],"security":[21,27,122,194,205,231],"scanning":[22,128,215],"tools":[23,38],"for":[24,87,115,154,174],"assessing":[25],"posture":[28,195],"threat":[30,160],"a":[32,76,112,151,170],"image.":[34],"variability":[36],"between":[37,214],"often":[39,70,126],"differ":[40],"on":[41],"coverage":[43],"vulnerabilities,":[45],"their":[46,50,66],"assessed":[47],"severity":[48],"output":[51],"formats.":[52],"It":[53],"is":[54,182],"also":[55,145],"common":[56],"find":[58],"duplicate":[59],"Common":[60],"Vulnerabilities":[61],"Exposures":[63],"(CVEs)":[64],"reporting":[67],"can":[69,190],"skew":[71],"risk":[73,155],"assessment":[74,119],"container.":[77,199],"These":[78],"issues":[79,97,123,206],"along":[80],"with":[81,169],"lack":[83],"automated":[85],"solutions":[86],"maintaining":[88],"up-to-date":[89],"patching":[90],"images":[93,210],"are":[94],"currently":[95],"open":[96],"identified":[98],"by":[99,162],"research":[101],"community":[102],"that":[103,180],"we":[104,166],"address":[105],"this":[107,168],"paper.":[108],"We":[109],"present":[110],"OGMA,":[111],"visualisation":[113,188],"tool":[114],"improved":[116,193],"analysis":[117],"across":[124],"multiple,":[125],"conflicting,":[127],"tools.":[129],"In":[130],"addition":[131],"severity,":[133],"our":[134,187,218],"approach":[135,220],"helps":[136,221],"examine":[138],"attack":[139],"vector":[140],"exploit":[142],"availability,":[143],"while":[144],"removing":[146],"duplicated":[147],"CVEs,":[148],"therefore":[149],"providing":[150],"clearer":[152],"picture":[153],"analysts":[156],"understand":[158],"posed":[161],"deployment.":[164],"Furthermore,":[165],"couple":[167],"novel":[171],"remediation":[172],"scheme":[173],"updating":[175],"vulnerable":[176],"containers":[177],"whilst":[178,217],"ensuring":[179],"functionality":[181],"preserved,":[183],"show":[185],"how":[186],"system":[189],"highlight":[191,202],"fixed":[198],"Our":[200],"results":[201],"existing":[204],"pre-built":[208],"inconsistencies":[213],"tools,":[216],"proposed":[219],"identify":[223],"mitigate":[225],"such":[226],"threats":[227],"improve":[229],"as":[232],"part":[233],"wider":[236],"challenges":[237],"supply":[240],"chain":[241],"security.":[242]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":2}],"updated_date":"2026-02-06T02:01:19.302388","created_date":"2025-10-10T00:00:00"}