{"id":"https://openalex.org/W1985424295","doi":"https://doi.org/10.1109/tsc.2014.2310221","title":"Assessing and Comparing Vulnerability Detection Tools for Web Services: Benchmarking Approach and Examples","display_name":"Assessing and Comparing Vulnerability Detection Tools for Web Services: Benchmarking Approach and Examples","publication_year":2014,"publication_date":"2014-03-11","ids":{"openalex":"https://openalex.org/W1985424295","doi":"https://doi.org/10.1109/tsc.2014.2310221","mag":"1985424295"},"language":"en","primary_location":{"id":"doi:10.1109/tsc.2014.2310221","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsc.2014.2310221","pdf_url":null,"source":{"id":"https://openalex.org/S204223317","display_name":"IEEE Transactions on Services Computing","issn_l":"1939-1374","issn":["1939-1374","2372-0204"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Services Computing","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5030619096","display_name":"Nuno Antunes","orcid":"https://orcid.org/0000-0002-6044-4012"},"institutions":[{"id":"https://openalex.org/I76903346","display_name":"University of Coimbra","ror":"https://ror.org/04z8k9a98","country_code":"PT","type":"education","lineage":["https://openalex.org/I76903346"]}],"countries":["PT"],"is_corresponding":true,"raw_author_name":"Nuno Antunes","raw_affiliation_strings":["University of Coimbra, Coimbra, Portugal","university of coimbra, coimbra, Portugal"],"affiliations":[{"raw_affiliation_string":"University of Coimbra, Coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]},{"raw_affiliation_string":"university of coimbra, coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016622594","display_name":"Marco Vieira","orcid":"https://orcid.org/0000-0001-5103-8541"},"institutions":[{"id":"https://openalex.org/I76903346","display_name":"University of Coimbra","ror":"https://ror.org/04z8k9a98","country_code":"PT","type":"education","lineage":["https://openalex.org/I76903346"]}],"countries":["PT"],"is_corresponding":false,"raw_author_name":"Marco Vieira","raw_affiliation_strings":["University of Coimbra, Coimbra, Portugal","university of coimbra, coimbra, Portugal"],"affiliations":[{"raw_affiliation_string":"University of Coimbra, Coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]},{"raw_affiliation_string":"university of coimbra, coimbra, Portugal","institution_ids":["https://openalex.org/I76903346"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5030619096"],"corresponding_institution_ids":["https://openalex.org/I76903346"],"apc_list":null,"apc_paid":null,"fwci":14.9891,"has_fulltext":false,"cited_by_count":74,"citation_normalized_percentile":{"value":0.98648085,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":"8","issue":"2","first_page":"269","last_page":"283"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9957000017166138,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10743","display_name":"Software Testing and Debugging Techniques","score":0.9940000176429749,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/benchmarking","display_name":"Benchmarking","score":0.9255627393722534},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8561837077140808},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6508782505989075},{"id":"https://openalex.org/keywords/benchmark","display_name":"Benchmark (surveying)","score":0.5586032867431641},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5182399749755859},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.5083808302879333},{"id":"https://openalex.org/keywords/software-deployment","display_name":"Software deployment","score":0.5032939314842224},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.45651766657829285},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.44894102215766907},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.41063210368156433},{"id":"https://openalex.org/keywords/field","display_name":"Field (mathematics)","score":0.4105568826198578},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.3527679443359375},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.3382588028907776},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.3359852433204651},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.31198689341545105},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.22396859526634216}],"concepts":[{"id":"https://openalex.org/C86251818","wikidata":"https://www.wikidata.org/wiki/Q816754","display_name":"Benchmarking","level":2,"score":0.9255627393722534},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8561837077140808},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6508782505989075},{"id":"https://openalex.org/C185798385","wikidata":"https://www.wikidata.org/wiki/Q1161707","display_name":"Benchmark (surveying)","level":2,"score":0.5586032867431641},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5182399749755859},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.5083808302879333},{"id":"https://openalex.org/C105339364","wikidata":"https://www.wikidata.org/wiki/Q2297740","display_name":"Software deployment","level":2,"score":0.5032939314842224},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.45651766657829285},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.44894102215766907},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.41063210368156433},{"id":"https://openalex.org/C9652623","wikidata":"https://www.wikidata.org/wiki/Q190109","display_name":"Field (mathematics)","level":2,"score":0.4105568826198578},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.3527679443359375},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.3382588028907776},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.3359852433204651},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.31198689341545105},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.22396859526634216},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C202444582","wikidata":"https://www.wikidata.org/wiki/Q837863","display_name":"Pure mathematics","level":1,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C205649164","wikidata":"https://www.wikidata.org/wiki/Q1071","display_name":"Geography","level":0,"score":0.0},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C13280743","wikidata":"https://www.wikidata.org/wiki/Q131089","display_name":"Geodesy","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tsc.2014.2310221","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tsc.2014.2310221","pdf_url":null,"source":{"id":"https://openalex.org/S204223317","display_name":"IEEE Transactions on Services Computing","issn_l":"1939-1374","issn":["1939-1374","2372-0204"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Services Computing","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6899999976158142,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":35,"referenced_works":["https://openalex.org/W253588779","https://openalex.org/W1489021242","https://openalex.org/W1505465226","https://openalex.org/W1511682410","https://openalex.org/W1573136363","https://openalex.org/W1600776630","https://openalex.org/W1952428424","https://openalex.org/W1971137495","https://openalex.org/W1989657183","https://openalex.org/W2005380349","https://openalex.org/W2061234822","https://openalex.org/W2062814932","https://openalex.org/W2096791889","https://openalex.org/W2103378897","https://openalex.org/W2107230831","https://openalex.org/W2117593603","https://openalex.org/W2119852587","https://openalex.org/W2121321274","https://openalex.org/W2132531706","https://openalex.org/W2141461041","https://openalex.org/W2142647473","https://openalex.org/W2143072251","https://openalex.org/W2143244564","https://openalex.org/W2143396136","https://openalex.org/W2150446539","https://openalex.org/W2152498909","https://openalex.org/W2152725427","https://openalex.org/W2170478581","https://openalex.org/W2171644977","https://openalex.org/W3101964726","https://openalex.org/W4214763668","https://openalex.org/W4249737388","https://openalex.org/W4253289766","https://openalex.org/W6630065895","https://openalex.org/W6634053785"],"related_works":["https://openalex.org/W4238897586","https://openalex.org/W435179959","https://openalex.org/W2619091065","https://openalex.org/W2059640416","https://openalex.org/W1490753184","https://openalex.org/W2284465472","https://openalex.org/W2291782699","https://openalex.org/W1993948687","https://openalex.org/W2011676020","https://openalex.org/W2329895846"],"abstract_inverted_index":{"Selecting":[0],"a":[1,6,82,119,184],"vulnerability":[2,33,92,111,180],"detection":[3,51,93,112,181],"tool":[4,68],"is":[5,10,42,116],"key":[7],"problem":[8,41],"that":[9,23,43,136,172,189],"frequently":[11],"faced":[12],"by":[13],"developers":[14],"of":[15,32,74,91,122,142,179],"security-critical":[16],"web":[17,96,123],"services.":[18],"Research":[19],"and":[20,35,54,87,125,152,166,187],"practice":[21],"shows":[22],"state-of-the-art":[24],"tools":[25,45,94,182],"present":[26],"low":[27],"effectiveness":[28,90,178],"both":[29],"in":[30,49,60,95,197],"terms":[31],"coverage":[34],"false":[36],"positive":[37],"rates.":[38],"The":[39,114,145],"main":[40],"such":[44],"are":[46,55,148],"typically":[47],"limited":[48],"the":[50,66,72,89,126,129,134,139,173,177,190,198],"approaches":[52],"implemented,":[53],"designed":[56],"for":[57,108],"being":[58],"applied":[59,196],"very":[61],"concrete":[62,106],"scenarios.":[63],"Thus,":[64],"using":[65],"wrong":[67],"may":[69],"lead":[70],"to":[71,85,103,132,150],"deployment":[73],"services":[75,97],"with":[76],"undetected":[77],"vulnerabilities.":[78],"This":[79,99],"paper":[80],"proposes":[81],"benchmarking":[83,192],"approach":[84,100,193],"assess":[86,151],"compare":[88,153],"environments.":[98],"was":[101],"used":[102,149,156],"define":[104],"two":[105,146],"benchmarks":[107,147,174],"SQL":[109],"Injection":[110],"tools.":[113],"first":[115],"based":[117],"on":[118],"predefined":[120],"set":[121],"services,":[124],"second":[127],"allows":[128],"benchmark":[130],"user":[131],"specify":[133],"workload":[135],"best":[137],"portrays":[138],"specific":[140],"characteristics":[141],"his":[143],"environment.":[144],"several":[154],"widely":[155],"tools,":[157],"including":[158],"four":[159],"penetration":[160],"testers,":[161],"three":[162],"static":[163],"code":[164],"analyzers,":[165],"one":[167],"anomaly":[168],"detector.":[169],"Results":[170],"show":[171],"accurately":[175],"portray":[176],"(in":[183],"relative":[185],"manner)":[186],"suggest":[188],"proposed":[191],"can":[194],"be":[195],"field.":[199]},"counts_by_year":[{"year":2025,"cited_by_count":6},{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":12},{"year":2021,"cited_by_count":3},{"year":2020,"cited_by_count":13},{"year":2019,"cited_by_count":11},{"year":2018,"cited_by_count":6},{"year":2017,"cited_by_count":9},{"year":2016,"cited_by_count":6},{"year":2015,"cited_by_count":4}],"updated_date":"2026-02-25T23:00:34.991745","created_date":"2025-10-10T00:00:00"}