{"id":"https://openalex.org/W2007778041","doi":"https://doi.org/10.1145/2047594.2047661","title":"A multi-layer tree model for enterprise vulnerability management","display_name":"A multi-layer tree model for enterprise vulnerability management","publication_year":2011,"publication_date":"2011-10-20","ids":{"openalex":"https://openalex.org/W2007778041","doi":"https://doi.org/10.1145/2047594.2047661","mag":"2007778041"},"language":"en","primary_location":{"id":"doi:10.1145/2047594.2047661","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2047594.2047661","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 conference on Information technology education","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5005167596","display_name":"Bin Wu","orcid":"https://orcid.org/0000-0002-4722-4226"},"institutions":[{"id":"https://openalex.org/I206426949","display_name":"Southern Polytechnic State University","ror":"https://ror.org/00cckeg37","country_code":"US","type":"education","lineage":["https://openalex.org/I206426949"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Bin Wu","raw_affiliation_strings":["Southern Polytechnic State University, Marietta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Southern Polytechnic State University, Marietta, GA, USA","institution_ids":["https://openalex.org/I206426949"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101866501","display_name":"Andy Wang","orcid":"https://orcid.org/0000-0002-5548-2081"},"institutions":[{"id":"https://openalex.org/I206426949","display_name":"Southern Polytechnic State University","ror":"https://ror.org/00cckeg37","country_code":"US","type":"education","lineage":["https://openalex.org/I206426949"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andy Wang","raw_affiliation_strings":["Southern Polytechnic State University, Marietta, GA, USA"],"affiliations":[{"raw_affiliation_string":"Southern Polytechnic State University, Marietta, GA, USA","institution_ids":["https://openalex.org/I206426949"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5005167596"],"corresponding_institution_ids":["https://openalex.org/I206426949"],"apc_list":null,"apc_paid":null,"fwci":0.7389,"has_fulltext":false,"cited_by_count":2,"citation_normalized_percentile":{"value":0.81944387,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"257","last_page":"262"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7392474412918091},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.7170652747154236},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.6971238255500793},{"id":"https://openalex.org/keywords/enterprise-information-system","display_name":"Enterprise information system","score":0.5945613384246826},{"id":"https://openalex.org/keywords/dashboard","display_name":"Dashboard","score":0.5742977857589722},{"id":"https://openalex.org/keywords/enterprise-private-network","display_name":"Enterprise private network","score":0.5691652297973633},{"id":"https://openalex.org/keywords/enterprise-software","display_name":"Enterprise software","score":0.5390457510948181},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5268163681030273},{"id":"https://openalex.org/keywords/enterprise-information-security-architecture","display_name":"Enterprise information security architecture","score":0.5252693891525269},{"id":"https://openalex.org/keywords/enterprise-data-management","display_name":"Enterprise data management","score":0.5009701251983643},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.4429529905319214},{"id":"https://openalex.org/keywords/enterprise-planning-system","display_name":"Enterprise planning system","score":0.438809871673584},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.43090540170669556},{"id":"https://openalex.org/keywords/knowledge-management","display_name":"Knowledge management","score":0.37765881419181824},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.3678065538406372},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3318439722061157},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.2559812068939209},{"id":"https://openalex.org/keywords/systems-engineering","display_name":"Systems engineering","score":0.14487725496292114},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.12049418687820435},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.11303704977035522},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.08756375312805176}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7392474412918091},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.7170652747154236},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.6971238255500793},{"id":"https://openalex.org/C27295321","wikidata":"https://www.wikidata.org/wiki/Q831795","display_name":"Enterprise information system","level":2,"score":0.5945613384246826},{"id":"https://openalex.org/C33499554","wikidata":"https://www.wikidata.org/wiki/Q1417134","display_name":"Dashboard","level":2,"score":0.5742977857589722},{"id":"https://openalex.org/C149859251","wikidata":"https://www.wikidata.org/wiki/Q483426","display_name":"Enterprise private network","level":2,"score":0.5691652297973633},{"id":"https://openalex.org/C185765463","wikidata":"https://www.wikidata.org/wiki/Q1318054","display_name":"Enterprise software","level":2,"score":0.5390457510948181},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5268163681030273},{"id":"https://openalex.org/C31139447","wikidata":"https://www.wikidata.org/wiki/Q5380386","display_name":"Enterprise information security architecture","level":2,"score":0.5252693891525269},{"id":"https://openalex.org/C136227091","wikidata":"https://www.wikidata.org/wiki/Q5380376","display_name":"Enterprise data management","level":3,"score":0.5009701251983643},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.4429529905319214},{"id":"https://openalex.org/C184062371","wikidata":"https://www.wikidata.org/wiki/Q5380399","display_name":"Enterprise planning system","level":2,"score":0.438809871673584},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.43090540170669556},{"id":"https://openalex.org/C56739046","wikidata":"https://www.wikidata.org/wiki/Q192060","display_name":"Knowledge management","level":1,"score":0.37765881419181824},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.3678065538406372},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3318439722061157},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.2559812068939209},{"id":"https://openalex.org/C201995342","wikidata":"https://www.wikidata.org/wiki/Q682496","display_name":"Systems engineering","level":1,"score":0.14487725496292114},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.12049418687820435},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.11303704977035522},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.08756375312805176},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2047594.2047661","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2047594.2047661","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2011 conference on Information technology education","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":13,"referenced_works":["https://openalex.org/W1508753620","https://openalex.org/W2019196986","https://openalex.org/W2023070166","https://openalex.org/W2042229489","https://openalex.org/W2065598226","https://openalex.org/W2074236867","https://openalex.org/W2074629355","https://openalex.org/W2077937403","https://openalex.org/W2100187720","https://openalex.org/W2129804239","https://openalex.org/W2167106766","https://openalex.org/W2302499680","https://openalex.org/W4242824530"],"related_works":["https://openalex.org/W2372122689","https://openalex.org/W2388726590","https://openalex.org/W4229689394","https://openalex.org/W4312536660","https://openalex.org/W2377113563","https://openalex.org/W4285552534","https://openalex.org/W2069471284","https://openalex.org/W2954733240","https://openalex.org/W4241899854","https://openalex.org/W2007778041"],"abstract_inverted_index":{"Conducting":[0],"enterprise-wide":[1],"vulnerability":[2,72,105,115,134],"assessment":[3],"(VA)":[4],"on":[5,163],"a":[6,79,84,97,110,122,132,141,164,169],"regular":[7],"basis":[8],"plays":[9],"an":[10,15,22,51,62,74,151],"important":[11],"role":[12],"in":[13,41],"assessing":[14],"enterprise's":[16],"information":[17,116],"system":[18],"security":[19,56],"status.":[20],"However,":[21],"enterprise":[23,89,104,118],"network":[24],"is":[25,128],"usually":[26],"very":[27],"complex,":[28],"divided":[29],"into":[30],"different":[31],"types":[32],"of":[33,37,39,46,73,124,147,177],"zones,":[34],"and":[35,68,155,168],"consisting":[36],"hundreds":[38],"hosts":[40],"the":[42,70,137,145,174],"networks.":[43],"The":[44],"complexity":[45],"IT":[47,171],"systems":[48],"makes":[49],"VA":[50],"extremely":[52],"time-consuming":[53],"task":[54],"for":[55,61,87,136,180],"professionals.":[57],"They":[58],"are":[59],"seeking":[60],"automated":[63],"tool":[64,179],"that":[65,82],"helps":[66],"monitor":[67],"manage":[69],"overall":[71],"enterprise.":[75,139],"This":[76],"paper":[77],"presents":[78],"novel":[80],"methodology":[81],"provides":[83],"dashboard":[85],"solution":[86],"managing":[88],"level":[90],"vulnerability.":[91],"In":[92],"our":[93,148,160,178],"methodology,":[94,149],"we":[95,108,143],"develop":[96],"multi-layer":[98],"tree":[99],"based":[100],"model":[101],"to":[102,113,130,158],"describe":[103],"topology.":[106],"Then":[107],"apply":[109],"client/server":[111],"structure":[112],"gather":[114],"from":[117],"resources":[119],"automatically.":[120],"Finally":[121],"set":[123],"well-defined":[125],"metric":[126],"formulas":[127],"applied":[129],"produce":[131],"normalized":[133],"score":[135],"whole":[138],"As":[140],"prototype,":[142],"developed":[144],"implementation":[146],"EVMAT,":[150],"Enterprise":[152],"Vulnerability":[153],"Management":[154],"Assessment":[156],"Tool,":[157],"test":[159],"method.":[161],"Experiments":[162],"small":[165,170],"E-commerce":[166],"company":[167,172],"demonstrate":[173],"great":[175],"potentials":[176],"enterprise-level":[181],"security.":[182]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}