{"id":"https://openalex.org/W4393286887","doi":"https://doi.org/10.1109/wetice57085.2023.10477812","title":"Securing the Software Supply Chain: A New Taxonomy for Attack Classification","display_name":"Securing the Software Supply Chain: A New Taxonomy for Attack Classification","publication_year":2023,"publication_date":"2023-12-14","ids":{"openalex":"https://openalex.org/W4393286887","doi":"https://doi.org/10.1109/wetice57085.2023.10477812"},"language":"en","primary_location":{"id":"doi:10.1109/wetice57085.2023.10477812","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/wetice57085.2023.10477812","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5094273248","display_name":"Kawouther Thabet","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Kawouther Thabet","raw_affiliation_strings":["Higher Institute of Computer and Communication Techniques,Tunisia","Higher Institute of Computer and Communication Techniques, Tunisia"],"affiliations":[{"raw_affiliation_string":"Higher Institute of Computer and Communication Techniques,Tunisia","institution_ids":[]},{"raw_affiliation_string":"Higher Institute of Computer and Communication Techniques, Tunisia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5023152436","display_name":"Jihen Bennaceur","orcid":"https://orcid.org/0000-0001-8584-5253"},"institutions":[{"id":"https://openalex.org/I3131031036","display_name":"Mediterranean School of Business","ror":"https://ror.org/02fyv5292","country_code":"TN","type":"education","lineage":["https://openalex.org/I3131031036"]}],"countries":["TN"],"is_corresponding":false,"raw_author_name":"Jihen Bennaceur","raw_affiliation_strings":["Mediterranean Institute of Technology, South Mediterranean University,Tunisia","Mediterranean Institute of Technology, South Mediterranean University, Tunisia"],"affiliations":[{"raw_affiliation_string":"Mediterranean Institute of Technology, South Mediterranean University,Tunisia","institution_ids":["https://openalex.org/I3131031036"]},{"raw_affiliation_string":"Mediterranean Institute of Technology, South Mediterranean University, Tunisia","institution_ids":["https://openalex.org/I3131031036"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020839212","display_name":"Salma Hamza","orcid":"https://orcid.org/0000-0003-2936-4097"},"institutions":[{"id":"https://openalex.org/I26840924","display_name":"Mediterranean University","ror":"https://ror.org/03tsjvt68","country_code":"ME","type":"education","lineage":["https://openalex.org/I26840924"]}],"countries":["ME"],"is_corresponding":false,"raw_author_name":"Salma Hamza","raw_affiliation_strings":["MedTech, South Mediterranean University (SMU)","National School of Computer Science, Tunisia"],"affiliations":[{"raw_affiliation_string":"MedTech, South Mediterranean University (SMU)","institution_ids":["https://openalex.org/I26840924"]},{"raw_affiliation_string":"National School of Computer Science, Tunisia","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5048832846","display_name":"Raoudha Ben Djemaa","orcid":"https://orcid.org/0000-0002-7831-112X"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Raoudha Ben Jemaa","raw_affiliation_strings":["SAMA PARTNERS Business Solutions GmbH,Mannheim,Germany","SAMA PARTNERS Business Solutions GmbH, Mannheim, Germany"],"affiliations":[{"raw_affiliation_string":"SAMA PARTNERS Business Solutions GmbH,Mannheim,Germany","institution_ids":[]},{"raw_affiliation_string":"SAMA PARTNERS Business Solutions GmbH, Mannheim, Germany","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5068322187","display_name":"Wissem Zouaghi","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wissem Zouaghi","raw_affiliation_strings":["SAMA PARTNERS Business Solutions GmbH,Mannheim,Germany","SAMA PARTNERS Business Solutions GmbH, Mannheim, Germany"],"affiliations":[{"raw_affiliation_string":"SAMA PARTNERS Business Solutions GmbH,Mannheim,Germany","institution_ids":[]},{"raw_affiliation_string":"SAMA PARTNERS Business Solutions GmbH, Mannheim, Germany","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5094273248"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.4664,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.74989456,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"8"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9980999827384949,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9976000189781189,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7136156558990479},{"id":"https://openalex.org/keywords/taxonomy","display_name":"Taxonomy (biology)","score":0.6116008162498474},{"id":"https://openalex.org/keywords/supply-chain","display_name":"Supply chain","score":0.49063625931739807},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.47663959860801697},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3816030025482178},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32812416553497314},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.119017094373703},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.11332359910011292}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7136156558990479},{"id":"https://openalex.org/C58642233","wikidata":"https://www.wikidata.org/wiki/Q8269924","display_name":"Taxonomy (biology)","level":2,"score":0.6116008162498474},{"id":"https://openalex.org/C108713360","wikidata":"https://www.wikidata.org/wiki/Q1824206","display_name":"Supply chain","level":2,"score":0.49063625931739807},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.47663959860801697},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3816030025482178},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32812416553497314},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.119017094373703},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.11332359910011292},{"id":"https://openalex.org/C59822182","wikidata":"https://www.wikidata.org/wiki/Q441","display_name":"Botany","level":1,"score":0.0},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C162853370","wikidata":"https://www.wikidata.org/wiki/Q39809","display_name":"Marketing","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/wetice57085.2023.10477812","is_oa":false,"landing_page_url":"http://dx.doi.org/10.1109/wetice57085.2023.10477812","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W2013113775","https://openalex.org/W2014227860","https://openalex.org/W2128200145","https://openalex.org/W2129234022","https://openalex.org/W2134075299","https://openalex.org/W2780145918","https://openalex.org/W2808861319","https://openalex.org/W3015447433","https://openalex.org/W3046453918","https://openalex.org/W3081194266","https://openalex.org/W4206172203","https://openalex.org/W4226330898","https://openalex.org/W4226410005","https://openalex.org/W4297325279","https://openalex.org/W4299363674","https://openalex.org/W4312423228","https://openalex.org/W4318147418","https://openalex.org/W4391903895"],"related_works":["https://openalex.org/W2767550285","https://openalex.org/W2620085874","https://openalex.org/W2064496565","https://openalex.org/W1575661125","https://openalex.org/W4309070544","https://openalex.org/W2108330697","https://openalex.org/W169337936","https://openalex.org/W2049056888","https://openalex.org/W2365436291","https://openalex.org/W4241842276"],"abstract_inverted_index":{"A":[0],"software":[1,11,21,68,82,99,148,159],"supply":[2,100],"chain":[3,101],"attack":[4,137],"refers":[5],"to":[6,16,27,36,76,83,96,118,139,153],"an":[7],"intrusion":[8],"in":[9],"the":[10,38,41,47,55,67,72,77,81,98,103,109,124,142,158],"development":[12,69],"process":[13],"that":[14],"aims":[15],"inject":[17],"malicious":[18,106],"code":[19],"into":[20],"components":[22],"before":[23],"they":[24],"are":[25],"deployed":[26],"end":[28,42],"users.":[29],"The":[30,112],"objective":[31],"of":[32,40,66,80,114,147],"these":[33],"attacks":[34,60],"is":[35,117],"compromise":[37],"security":[39,90,126],"users":[43],"or":[44],"organizations":[45],"using":[46],"software.":[48],"This":[49],"includes":[50],"vulnerabilities":[51],"introduced":[52],"even":[53],"during":[54,108],"critical":[56],"design":[57,74],"phase.":[58],"Such":[59],"can":[61],"occur":[62],"at":[63],"any":[64],"stage":[65],"process,":[70],"from":[71],"initial":[73],"phase":[75],"final":[78],"delivery":[79],"end-users.":[84],"To":[85],"address":[86],"this":[87,115,129],"problem,":[88],"many":[89],"techniques":[91],"and":[92,105,133,145],"mechanisms":[93],"were":[94],"proposed":[95],"protect":[97],"against":[102],"suspicious":[104],"actors":[107],"different":[110],"stages.":[111],"scope":[113],"survey":[116],"give":[119],"a":[120],"comprehensive":[121],"overview":[122],"about":[123,157],"existing":[125],"solutions.":[127],"Moreover,":[128],"paper":[130],"introduces":[131],"new":[132],"exhaustive":[134],"criteria":[135],"for":[136],"classification":[138],"help":[140],"identifying":[141],"features,":[143],"capabilities,":[144],"limitations":[146],"solutions,":[149],"thereby":[150],"enabling":[151],"stakeholders":[152],"make":[154],"informed":[155],"decisions":[156],"products.":[160]},"counts_by_year":[{"year":2026,"cited_by_count":1}],"updated_date":"2026-03-06T13:50:29.536080","created_date":"2025-10-10T00:00:00"}