{"id":"https://openalex.org/W4413639972","doi":"https://doi.org/10.1109/csr64739.2025.11130104","title":"Classification of Software Vulnerability Artifacts Using Public Internet Data","display_name":"Classification of Software Vulnerability Artifacts Using Public Internet Data","publication_year":2025,"publication_date":"2025-08-04","ids":{"openalex":"https://openalex.org/W4413639972","doi":"https://doi.org/10.1109/csr64739.2025.11130104"},"language":"en","primary_location":{"id":"doi:10.1109/csr64739.2025.11130104","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130104","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5117755999","display_name":"Leonardo Ambrus de Lima","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":true,"raw_author_name":"Leonardo Ambrus de Lima","raw_affiliation_strings":["Institute of Computing, Federal University of Rio de Janeiro (UFRJ)"],"affiliations":[{"raw_affiliation_string":"Institute of Computing, Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5117756000","display_name":"Estev\u00e3o Rabello Ussler","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Estevao Rabello Ussler","raw_affiliation_strings":["Institute of Computing, Federal University of Rio de Janeiro (UFRJ)"],"affiliations":[{"raw_affiliation_string":"Institute of Computing, Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078375408","display_name":"Miguel Bicudo","orcid":"https://orcid.org/0000-0002-6266-4369"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Miguel Angelo Santos Bicudo","raw_affiliation_strings":["Institute of Computing, Federal University of Rio de Janeiro (UFRJ)"],"affiliations":[{"raw_affiliation_string":"Institute of Computing, Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034604991","display_name":"Daniel Sadoc Menasch\u00e9","orcid":"https://orcid.org/0000-0002-8953-4003"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Daniel Sadoc Menasche","raw_affiliation_strings":["Institute of Computing, Federal University of Rio de Janeiro (UFRJ)"],"affiliations":[{"raw_affiliation_string":"Institute of Computing, Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052598260","display_name":"Anton Kocheturov","orcid":"https://orcid.org/0000-0003-2549-9146"},"institutions":[{"id":"https://openalex.org/I4210137693","display_name":"Siemens (United States)","ror":"https://ror.org/04axb7e79","country_code":"US","type":"company","lineage":["https://openalex.org/I1325886976","https://openalex.org/I4210137693"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anton Kocheturov","raw_affiliation_strings":["Siemens AG,Princeton,NJ,USA"],"affiliations":[{"raw_affiliation_string":"Siemens AG,Princeton,NJ,USA","institution_ids":["https://openalex.org/I4210137693"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101960107","display_name":"Gaurav Srivastava","orcid":"https://orcid.org/0000-0003-3139-4439"},"institutions":[{"id":"https://openalex.org/I4210137693","display_name":"Siemens (United States)","ror":"https://ror.org/04axb7e79","country_code":"US","type":"company","lineage":["https://openalex.org/I1325886976","https://openalex.org/I4210137693"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Gaurav Srivastava","raw_affiliation_strings":["Siemens AG,Princeton,NJ,USA"],"affiliations":[{"raw_affiliation_string":"Siemens AG,Princeton,NJ,USA","institution_ids":["https://openalex.org/I4210137693"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5117755999"],"corresponding_institution_ids":["https://openalex.org/I122140584"],"apc_list":null,"apc_paid":null,"fwci":2.4061,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.89846743,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":91,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"153","last_page":"158"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9851999878883362,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9851999878883362,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9837999939918518,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9794999957084656,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7343722581863403},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6897941827774048},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.5812079310417175},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5321108102798462},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.40517956018447876},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.31230735778808594},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.07508161664009094}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7343722581863403},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6897941827774048},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.5812079310417175},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5321108102798462},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40517956018447876},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.31230735778808594},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.07508161664009094}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr64739.2025.11130104","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130104","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.47999998927116394,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":9,"referenced_works":["https://openalex.org/W3163835525","https://openalex.org/W3175201754","https://openalex.org/W3191226037","https://openalex.org/W4313639514","https://openalex.org/W4381326152","https://openalex.org/W4389543405","https://openalex.org/W4407278772","https://openalex.org/W4408565072","https://openalex.org/W4413639972"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2065457896","https://openalex.org/W3173234801","https://openalex.org/W2167984027","https://openalex.org/W3021302227","https://openalex.org/W10630519","https://openalex.org/W1919377569","https://openalex.org/W3144288563","https://openalex.org/W3123907821","https://openalex.org/W2382319620"],"abstract_inverted_index":{"Artifacts":[0],"associated":[1,37,101],"with":[2,52,102],"vulnerabilities,":[3,116],"such":[4,108,117],"as":[5,109,118],"patches,":[6],"exploits,":[7],"and":[8,36,81,131,141],"scanners,":[9],"provide":[10],"valuable":[11],"insights":[12],"in":[13],"the":[14,21,49,103,128,132],"context":[15],"of":[16,83,105,127,134],"network":[17,22,106],"security.":[18],"In":[19,39],"particular,":[20],"protocols":[23],"used":[24],"by":[25],"scanners":[26],"to":[27,123],"identify":[28],"vulnerabilities":[29,45],"offer":[30],"clues":[31],"about":[32],"their":[33],"exploitation":[34,67,104],"mechanisms":[35],"risks.":[38],"this":[40],"work,":[41],"we":[42,60,78],"analyze":[43],"network-related":[44],"using":[46],"data":[47,139],"from":[48,98,144],"NomiSec":[50],"repository,":[51],"a":[53,124],"special":[54],"focus":[55,113],"on":[56,114,138],"scanners.":[57],"For":[58],"example,":[59],"observe":[61],"that":[62,66,93],"some":[63],"artifacts":[64,95],"indicate":[65],"occurs":[68],"via":[69],"HTTP,":[70],"while":[71,111],"others":[72,112],"require":[73],"direct":[74],"socket":[75],"interactions.":[76],"Additionally,":[77],"perform":[79],"clustering":[80],"visualization":[82],"these":[84],"artifacts,":[85],"identifying":[86],"relationships":[87],"between":[88],"different":[89],"categories.":[90],"We":[91],"find":[92],"certain":[94],"(directly":[96],"taken":[97],"GitHub)":[99],"are":[100],"devices,":[107],"firewalls,":[110],"protocol-specific":[115],"SSL/TLS.":[119],"These":[120],"findings":[121],"contribute":[122],"better":[125],"understanding":[126],"vulnerability":[129],"ecosystem":[130],"improvement":[133],"mitigation":[135],"strategies":[136],"based":[137],"automatically":[140],"periodically":[142],"collected":[143],"GitHub.":[145]},"counts_by_year":[{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}