{"id":"https://openalex.org/W2297096600","doi":"https://doi.org/10.1145/2857705.2857750","title":"To Fear or Not to Fear That is the Question","display_name":"To Fear or Not to Fear That is the Question","publication_year":2016,"publication_date":"2016-03-04","ids":{"openalex":"https://openalex.org/W2297096600","doi":"https://doi.org/10.1145/2857705.2857750","mag":"2297096600"},"language":"en","primary_location":{"id":"doi:10.1145/2857705.2857750","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2857705.2857750","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078482005","display_name":"Awad A. Younis","orcid":null},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Awad Younis","raw_affiliation_strings":["Colorado State University, Fort collins, CO, USA"],"affiliations":[{"raw_affiliation_string":"Colorado State University, Fort collins, CO, USA","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5025456381","display_name":"Yashwant K. Malaiya","orcid":"https://orcid.org/0000-0002-1825-1671"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yashwant Malaiya","raw_affiliation_strings":["Colorado State University, Fort collins, CO, USA"],"affiliations":[{"raw_affiliation_string":"Colorado State University, Fort collins, CO, USA","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036335957","display_name":"Charles W. Anderson","orcid":"https://orcid.org/0000-0001-7392-3840"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Charles Anderson","raw_affiliation_strings":["Colorado State University, Fort collins, CO, USA"],"affiliations":[{"raw_affiliation_string":"Colorado State University, Fort collins, CO, USA","institution_ids":["https://openalex.org/I92446798"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5102938076","display_name":"Indrajit Ray","orcid":"https://orcid.org/0000-0002-3612-7738"},"institutions":[{"id":"https://openalex.org/I92446798","display_name":"Colorado State University","ror":"https://ror.org/03k1gpj17","country_code":"US","type":"education","lineage":["https://openalex.org/I92446798"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Indrajit Ray","raw_affiliation_strings":["Colorado State University, Fort collins, CO, USA"],"affiliations":[{"raw_affiliation_string":"Colorado State University, Fort collins, CO, USA","institution_ids":["https://openalex.org/I92446798"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5078482005"],"corresponding_institution_ids":["https://openalex.org/I92446798"],"apc_list":null,"apc_paid":null,"fwci":10.3976,"has_fulltext":false,"cited_by_count":48,"citation_normalized_percentile":{"value":0.9797964,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"97","last_page":"104"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9984999895095825,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.9843478798866272},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7862859964370728},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.762458086013794},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.7167683839797974},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.6617021560668945},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.6310029029846191},{"id":"https://openalex.org/keywords/predictability","display_name":"Predictability","score":0.5817934274673462},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5590801239013672},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4544033706188202},{"id":"https://openalex.org/keywords/domain","display_name":"Domain (mathematical analysis)","score":0.43361184000968933},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.26528191566467285},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.26329243183135986},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.1829964518547058},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.0964476466178894},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.08114171028137207},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.06572350859642029}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.9843478798866272},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7862859964370728},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.762458086013794},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.7167683839797974},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.6617021560668945},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.6310029029846191},{"id":"https://openalex.org/C197640229","wikidata":"https://www.wikidata.org/wiki/Q2534066","display_name":"Predictability","level":2,"score":0.5817934274673462},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5590801239013672},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4544033706188202},{"id":"https://openalex.org/C36503486","wikidata":"https://www.wikidata.org/wiki/Q11235244","display_name":"Domain (mathematical analysis)","level":2,"score":0.43361184000968933},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.26528191566467285},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.26329243183135986},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.1829964518547058},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0964476466178894},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.08114171028137207},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.06572350859642029},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2857705.2857750","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2857705.2857750","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.4699999988079071,"id":"https://metadata.un.org/sdg/10","display_name":"Reduced inequalities"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":41,"referenced_works":["https://openalex.org/W1895087","https://openalex.org/W199832099","https://openalex.org/W1485955713","https://openalex.org/W1487646227","https://openalex.org/W1570448133","https://openalex.org/W1587970460","https://openalex.org/W1603939896","https://openalex.org/W1633140981","https://openalex.org/W1840884391","https://openalex.org/W1964962870","https://openalex.org/W1971733255","https://openalex.org/W1982950099","https://openalex.org/W1997646511","https://openalex.org/W2004208113","https://openalex.org/W2004758929","https://openalex.org/W2017337590","https://openalex.org/W2025043404","https://openalex.org/W2056878746","https://openalex.org/W2063770056","https://openalex.org/W2069205948","https://openalex.org/W2069910799","https://openalex.org/W2079753286","https://openalex.org/W2103333826","https://openalex.org/W2105300539","https://openalex.org/W2108246235","https://openalex.org/W2128006558","https://openalex.org/W2128939007","https://openalex.org/W2129586531","https://openalex.org/W2137789775","https://openalex.org/W2141087303","https://openalex.org/W2142481192","https://openalex.org/W2154398797","https://openalex.org/W2966207845","https://openalex.org/W3005526988","https://openalex.org/W3099514962","https://openalex.org/W3124584635","https://openalex.org/W4238266904","https://openalex.org/W4250857377","https://openalex.org/W4300866472","https://openalex.org/W6635240798","https://openalex.org/W6789574396"],"related_works":["https://openalex.org/W2098721272","https://openalex.org/W16869370","https://openalex.org/W2297096600","https://openalex.org/W4206646452","https://openalex.org/W3122267592","https://openalex.org/W2430357810","https://openalex.org/W595242097","https://openalex.org/W3085047896","https://openalex.org/W2363852314","https://openalex.org/W3015380456"],"abstract_inverted_index":{"Not":[0],"all":[1],"vulnerabilities":[2,16,30,80,96,162,172],"are":[3],"equal.":[4],"Some":[5],"recent":[6],"studies":[7],"have":[8,18,98,102,116,123],"shown":[9],"that":[10,17,48,68,97,115,122,132,138,145,180],"only":[11],"a":[12,32,66,136],"small":[13],"fraction":[14],"of":[15,62,161,171,189],"been":[19,23,43,99],"reported":[20],"has":[21,42,139,146],"actually":[22],"exploited.":[24,76],"Since":[25],"finding":[26],"and":[27,38,89,119,142,173],"addressing":[28],"potential":[29],"in":[31],"program":[33],"can":[34,149],"take":[35],"considerable":[36],"time":[37],"effort,":[39],"recently":[40],"effort":[41],"made":[44],"to":[45,52,58,74,101,106],"identify":[46,59],"code":[47,64,71],"is":[49,163,176],"more":[50,72,164],"likely":[51,73],"be":[53,75,151],"vulnerable.":[54],"This":[55],"paper":[56],"tries":[57],"the":[60,63,70,82,107,112,120,133,143,154,169,187],"attributes":[61],"containing":[65],"vulnerability":[67,137,190],"makes":[69],"We":[77,110],"examine":[78],"183":[79],"from":[81],"National":[83],"Vulnerability":[84],"Database":[85],"for":[86,185],"Linux":[87],"Kernel":[88],"Apache":[90],"HTTP":[91],"server.":[92],"These":[93],"include":[94],"eighty-two":[95],"found":[100],"an":[103,124,147],"exploit":[104,118,125,141,148],"according":[105],"Exploit":[108],"Database.":[109],"characterize":[111],"vulnerable":[113],"functions":[114],"no":[117,140],"ones":[121],"using":[126,153,178],"eight":[127],"metrics.":[128,157],"The":[129],"results":[130],"show":[131],"difference":[134],"between":[135],"one":[144],"potentially":[150],"characterized":[152],"chosen":[155],"software":[156],"However,":[158],"predicting":[159,167],"exploitation":[160],"complex":[165],"than":[166],"just":[168],"presence":[170],"further":[174],"research":[175],"needed":[177],"metrics":[179],"consider":[181],"security":[182],"domain":[183],"knowledge":[184],"enhancing":[186],"predictability":[188],"exploits.":[191]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":7},{"year":2022,"cited_by_count":4},{"year":2021,"cited_by_count":8},{"year":2020,"cited_by_count":7},{"year":2019,"cited_by_count":5},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":5}],"updated_date":"2026-03-25T14:56:36.534964","created_date":"2025-10-10T00:00:00"}