{"id":"https://openalex.org/W2060602490","doi":"https://doi.org/10.1145/1640162.1640171","title":"Research on software design level security vulnerabilities","display_name":"Research on software design level security vulnerabilities","publication_year":2009,"publication_date":"2009-12-03","ids":{"openalex":"https://openalex.org/W2060602490","doi":"https://doi.org/10.1145/1640162.1640171","mag":"2060602490"},"language":"en","primary_location":{"id":"doi:10.1145/1640162.1640171","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1640162.1640171","pdf_url":null,"source":{"id":"https://openalex.org/S186921487","display_name":"ACM SIGSOFT Software Engineering Notes","issn_l":"0163-5948","issn":["0163-5948","1943-5843"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM SIGSOFT Software Engineering Notes","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5100646979","display_name":"Shafiq ur R\u00e9hman","orcid":"https://orcid.org/0000-0002-1895-4625"},"institutions":[{"id":"https://openalex.org/I59475050","display_name":"Jamia Millia Islamia","ror":"https://ror.org/00pnhhv55","country_code":"IN","type":"education","lineage":["https://openalex.org/I59475050"]}],"countries":["IN"],"is_corresponding":true,"raw_author_name":"S. Rehman","raw_affiliation_strings":["Jamia Millia Islamia, New Delhi, India","Jamia Millia Islamia , New Delhi , India"],"affiliations":[{"raw_affiliation_string":"Jamia Millia Islamia, New Delhi, India","institution_ids":["https://openalex.org/I59475050"]},{"raw_affiliation_string":"Jamia Millia Islamia , New Delhi , India","institution_ids":["https://openalex.org/I59475050"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091056832","display_name":"Khurram Mustafa","orcid":"https://orcid.org/0000-0002-0540-5408"},"institutions":[{"id":"https://openalex.org/I59475050","display_name":"Jamia Millia Islamia","ror":"https://ror.org/00pnhhv55","country_code":"IN","type":"education","lineage":["https://openalex.org/I59475050"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"K. Mustafa","raw_affiliation_strings":["Jamia Millia Islamia, New Delhi, India","Jamia Millia Islamia , New Delhi , India"],"affiliations":[{"raw_affiliation_string":"Jamia Millia Islamia, New Delhi, India","institution_ids":["https://openalex.org/I59475050"]},{"raw_affiliation_string":"Jamia Millia Islamia , New Delhi , India","institution_ids":["https://openalex.org/I59475050"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5100646979"],"corresponding_institution_ids":["https://openalex.org/I59475050"],"apc_list":null,"apc_paid":null,"fwci":2.9612,"has_fulltext":false,"cited_by_count":18,"citation_normalized_percentile":{"value":0.9283245,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":96},"biblio":{"volume":"34","issue":"6","first_page":"1","last_page":"5"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9951000213623047,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9882000088691711,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9864000082015991,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.8203846216201782},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.7366774678230286},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.6736887693405151},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5905612707138062},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.5891398191452026},{"id":"https://openalex.org/keywords/software-development","display_name":"Software development","score":0.4898974299430847},{"id":"https://openalex.org/keywords/software-construction","display_name":"Software construction","score":0.4745129942893982},{"id":"https://openalex.org/keywords/software-design","display_name":"Software design","score":0.46673333644866943},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45764487981796265},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4516999125480652},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.44549867510795593},{"id":"https://openalex.org/keywords/software-peer-review","display_name":"Software peer review","score":0.427783727645874},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.176538348197937},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.15750020742416382},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.05798545479774475}],"concepts":[{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.8203846216201782},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.7366774678230286},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.6736887693405151},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5905612707138062},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.5891398191452026},{"id":"https://openalex.org/C529173508","wikidata":"https://www.wikidata.org/wiki/Q638608","display_name":"Software development","level":3,"score":0.4898974299430847},{"id":"https://openalex.org/C186846655","wikidata":"https://www.wikidata.org/wiki/Q3398377","display_name":"Software construction","level":4,"score":0.4745129942893982},{"id":"https://openalex.org/C52913732","wikidata":"https://www.wikidata.org/wiki/Q857102","display_name":"Software design","level":4,"score":0.46673333644866943},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45764487981796265},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4516999125480652},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.44549867510795593},{"id":"https://openalex.org/C74579156","wikidata":"https://www.wikidata.org/wiki/Q7554342","display_name":"Software peer review","level":5,"score":0.427783727645874},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.176538348197937},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.15750020742416382},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.05798545479774475},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/1640162.1640171","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1640162.1640171","pdf_url":null,"source":{"id":"https://openalex.org/S186921487","display_name":"ACM SIGSOFT Software Engineering Notes","issn_l":"0163-5948","issn":["0163-5948","1943-5843"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM SIGSOFT Software Engineering Notes","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":27,"referenced_works":["https://openalex.org/W84546129","https://openalex.org/W1487726010","https://openalex.org/W1495153211","https://openalex.org/W1531064568","https://openalex.org/W1566733061","https://openalex.org/W1572877680","https://openalex.org/W1993252585","https://openalex.org/W2017484176","https://openalex.org/W2031508806","https://openalex.org/W2035029962","https://openalex.org/W2050764671","https://openalex.org/W2052029850","https://openalex.org/W2097777162","https://openalex.org/W2098608032","https://openalex.org/W2104682122","https://openalex.org/W2106798436","https://openalex.org/W2123075981","https://openalex.org/W2123347687","https://openalex.org/W2135191468","https://openalex.org/W2140178650","https://openalex.org/W2141808825","https://openalex.org/W2158572645","https://openalex.org/W2168140364","https://openalex.org/W2554263218","https://openalex.org/W4205529312","https://openalex.org/W4285719527","https://openalex.org/W6603469494"],"related_works":["https://openalex.org/W2560421591","https://openalex.org/W1978034799","https://openalex.org/W2796094063","https://openalex.org/W4384518368","https://openalex.org/W2537414278","https://openalex.org/W2123075981","https://openalex.org/W2062583373","https://openalex.org/W2509785410","https://openalex.org/W3043810321","https://openalex.org/W2383958993"],"abstract_inverted_index":{"One":[0],"of":[1,11,53,60,70,77,107,112],"the":[2,9,37,54,61,68,105,108],"major":[3],"problems":[4],"in":[5,57,66,95],"software":[6,16,27,62,71,79,97],"security":[7,14],"is":[8,48,86],"lack":[10],"knowledge":[12,24],"about":[13,25,36],"among":[15],"developers.":[17],"Even":[18],"if":[19],"a":[20,75],"developer":[21],"has":[22],"good":[23],"current":[26,78,93],"vulnerabilities,":[28],"they":[29],"generally":[30],"have":[31],"little":[32],"or":[33],"no":[34],"idea":[35],"causes":[38],"and":[39,83,101],"measures":[40],"that":[41,51,116],"can":[42],"avoid":[43],"those":[44],"vulnerabilities.":[45],"Now":[46],"it":[47],"established":[49],"fact":[50],"most":[52],"vulnerabilities":[55,82,100],"arise":[56],"design":[58,72,80,98],"phase":[59],"development":[63],"lifecycle.":[64],"Keeping":[65],"view":[67],"importance":[69],"level":[73,81],"security,":[74],"study":[76],"their":[84],"cause":[85],"conducted.":[87],"In":[88],"this":[89],"paper,":[90],"we":[91],"discuss":[92],"practices":[94],"specific":[96],"tasks,":[99],"mitigation":[102],"mechanism.":[103],"On":[104],"basis":[106],"critical":[109],"review,":[110],"areas":[111],"research":[113],"are":[114],"identified":[115],"warrant":[117],"further":[118],"investigation.":[119]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2015,"cited_by_count":1},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":2},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}