{"id":"https://openalex.org/W2742172093","doi":"https://doi.org/10.1145/3098954.3098965","title":"Attack Potential in Impact and Complexity","display_name":"Attack Potential in Impact and Complexity","publication_year":2017,"publication_date":"2017-08-10","ids":{"openalex":"https://openalex.org/W2742172093","doi":"https://doi.org/10.1145/3098954.3098965","mag":"2742172093"},"language":"en","primary_location":{"id":"doi:10.1145/3098954.3098965","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3098954.3098965","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/1801.04703","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5047635330","display_name":"Luca Allodi","orcid":"https://orcid.org/0000-0003-1600-0868"},"institutions":[{"id":"https://openalex.org/I83019370","display_name":"Eindhoven University of Technology","ror":"https://ror.org/02c2kyt77","country_code":"NL","type":"education","lineage":["https://openalex.org/I83019370"]}],"countries":["NL"],"is_corresponding":true,"raw_author_name":"Luca Allodi","raw_affiliation_strings":["Eindhoven University of Technology"],"affiliations":[{"raw_affiliation_string":"Eindhoven University of Technology","institution_ids":["https://openalex.org/I83019370"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5085639552","display_name":"Fabio Massacci","orcid":"https://orcid.org/0000-0002-1091-8486"},"institutions":[{"id":"https://openalex.org/I193223587","display_name":"University of Trento","ror":"https://ror.org/05trd4x28","country_code":"IT","type":"education","lineage":["https://openalex.org/I193223587"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Fabio Massacci","raw_affiliation_strings":["University of Trento"],"affiliations":[{"raw_affiliation_string":"University of Trento","institution_ids":["https://openalex.org/I193223587"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5047635330"],"corresponding_institution_ids":["https://openalex.org/I83019370"],"apc_list":null,"apc_paid":null,"fwci":1.1185,"has_fulltext":false,"cited_by_count":9,"citation_normalized_percentile":{"value":0.79080695,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9959999918937683,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.544357180595398}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.544357180595398}],"mesh":[],"locations_count":10,"locations":[{"id":"doi:10.1145/3098954.3098965","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3098954.3098965","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:pure.tue.nl:openaire_cris_publications/477e4322-5e9d-4550-9427-cc96f0f47d32","is_oa":false,"landing_page_url":"https://research.tue.nl/en/publications/477e4322-5e9d-4550-9427-cc96f0f47d32","pdf_url":null,"source":{"id":"https://openalex.org/S4406922641","display_name":"TU/e Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Allodi, L & Massacci, F 2017, Attack potential in impact and complexity. in International Conference on Availability, Reliability and Security, ARES 2017, 29 August - 1 September 2017, Reggio Calabria, Italy., a32, Association for Computing Machinery, Inc., New York, International Conference on Availability, Reliability and Security,ARES2017, 29 August- 1st September 2017, Reggio Calabria, Italy, 29/08/17. https://doi.org/10.1145/3098954.3098965","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:research.vu.nl:openaire_cris_publications/c43b621c-08c0-43a7-a695-1115750b803a","is_oa":false,"landing_page_url":"https://research.vu.nl/en/publications/c43b621c-08c0-43a7-a695-1115750b803a","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Allodi, L & Massacci, F 2017, Attack potential in impact & complexity. in ARES 2017 : Proceedings of the 12th International Conference on Availability, Reliability and Security., a32, ACM International Conference Proceeding Series, vol. Part F130521, Association for Computing Machinery, pp. 1-6, 12th International Conference on Availability, Reliability and Security, ARES 2017, Reggio Calabria, Italy, 29/08/17. https://doi.org/10.1145/3098954.3098965","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:arXiv.org:1801.04703","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1801.04703","pdf_url":"https://arxiv.org/pdf/1801.04703","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"pmh:881215","is_oa":false,"landing_page_url":"http://library.tue.nl/csp/dare/LinkToRepository.csp?recordnumber=881215","pdf_url":null,"source":{"id":"https://openalex.org/S4406923046","display_name":"TU/e Research Portal (Eindhoven University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":""},{"id":"pmh:oai:iris.unitn.it:11572/197806","is_oa":false,"landing_page_url":"http://hdl.handle.net/11572/197806","pdf_url":null,"source":{"id":"https://openalex.org/S4306401913","display_name":"Institutional Research Information System (Universit\u00e0 degli Studi di Trento)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I193223587","host_organization_name":"University of Trento","host_organization_lineage":["https://openalex.org/I193223587"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"info:eu-repo/semantics/conferenceObject"},{"id":"pmh:oai:library.tue.nl:881215","is_oa":false,"landing_page_url":"http://repository.tue.nl/881215","pdf_url":null,"source":{"id":"https://openalex.org/S4406923046","display_name":"TU/e Research Portal (Eindhoven University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":""},{"id":"pmh:oai:pure.tue.nl:publications/477e4322-5e9d-4550-9427-cc96f0f47d32","is_oa":false,"landing_page_url":"http://www.scopus.com/inward/record.url?scp=85030314558&partnerID=8YFLogxK","pdf_url":null,"source":{"id":"https://openalex.org/S4406922641","display_name":"TU/e Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Allodi, L & Massacci, F 2017, Attack potential in impact and complexity. in International Conference on Availability, Reliability and Security, ARES 2017, 29 August - 1 September 2017, Reggio Calabria, Italy., a32, Association for Computing Machinery, Inc., New York, International Conference on Availability, Reliability and Security,ARES2017, 29 August- 1st September 2017, Reggio Calabria, Italy, 29/08/17. https://doi.org/10.1145/3098954.3098965","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:oai:research.vu.nl:publications/c43b621c-08c0-43a7-a695-1115750b803a","is_oa":false,"landing_page_url":"https://hdl.handle.net/1871.1/c43b621c-08c0-43a7-a695-1115750b803a","pdf_url":null,"source":{"id":"https://openalex.org/S4306401107","display_name":"VU Research Portal","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I865915315","host_organization_name":"Vrije Universiteit Amsterdam","host_organization_lineage":["https://openalex.org/I865915315"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Allodi, L & Massacci, F 2017, Attack potential in impact & complexity. in ARES 2017 : Proceedings of the 12th International Conference on Availability, Reliability and Security., a32, ACM International Conference Proceeding Series, vol. Part F130521, Association for Computing Machinery, pp. 1-6, 12th International Conference on Availability, Reliability and Security, ARES 2017, Reggio Calabria, Italy, 29/08/17. https://doi.org/10.1145/3098954.3098965","raw_type":"info:eu-repo/semantics/publishedVersion"},{"id":"pmh:tue:oai:pure.tue.nl:publications/477e4322-5e9d-4550-9427-cc96f0f47d32","is_oa":false,"landing_page_url":"https://research.tue.nl/nl/publications/477e4322-5e9d-4550-9427-cc96f0f47d32","pdf_url":null,"source":{"id":"https://openalex.org/S4306401843","display_name":"Data Archiving and Networked Services (DANS)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I1322597698","host_organization_name":"Royal Netherlands Academy of Arts and Sciences","host_organization_lineage":["https://openalex.org/I1322597698"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"International Conference on Availability, Reliability and Security, ARES 2017, 29 August - 1 September 2017, Reggio Calabria, Italy","raw_type":"info:eu-repo/semantics/conferencepaper"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:1801.04703","is_oa":true,"landing_page_url":"http://arxiv.org/abs/1801.04703","pdf_url":"https://arxiv.org/pdf/1801.04703","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.5299999713897705}],"awards":[{"id":"https://openalex.org/G4909631166","display_name":null,"funder_award_id":"285223","funder_id":"https://openalex.org/F4320334960","funder_display_name":"Seventh Framework Programme"},{"id":"https://openalex.org/G5631504704","display_name":null,"funder_award_id":"628.001.004","funder_id":"https://openalex.org/F4320321800","funder_display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek"}],"funders":[{"id":"https://openalex.org/F4320321800","display_name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","ror":"https://ror.org/04jsz6e67"},{"id":"https://openalex.org/F4320334960","display_name":"Seventh Framework Programme","ror":"https://ror.org/00k4n6c32"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":14,"referenced_works":["https://openalex.org/W61482965","https://openalex.org/W150078352","https://openalex.org/W199832099","https://openalex.org/W384698140","https://openalex.org/W1985324839","https://openalex.org/W2004584049","https://openalex.org/W2011514693","https://openalex.org/W2091540464","https://openalex.org/W2110401754","https://openalex.org/W2148156428","https://openalex.org/W2237954913","https://openalex.org/W2620244897","https://openalex.org/W2733563680","https://openalex.org/W3124584635"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2748952813","https://openalex.org/W2390279801","https://openalex.org/W2358668433","https://openalex.org/W4396701345","https://openalex.org/W2376932109","https://openalex.org/W2001405890","https://openalex.org/W4396696052","https://openalex.org/W4402327032","https://openalex.org/W2382290278"],"abstract_inverted_index":{"Vulnerability":[0],"exploitation":[1],"is":[2,21],"reportedly":[3],"one":[4],"of":[5,23,60,65,79,90,115,140],"the":[6,49,56,80,87,93,113,145],"main":[7],"attack":[8],"vectors":[9],"against":[10,92,100,142],"computer":[11],"systems.":[12],"Yet,":[13],"most":[14],"vulnerabilities":[15,28,116],"remain":[16],"unexploited":[17],"by":[18,104,131],"attackers.":[19],"It":[20],"therefore":[22],"central":[24],"importance":[25],"to":[26,51,118,159],"identify":[27,52],"that":[29,67,84,122],"carry":[30],"a":[31,53,61,75,153],"high":[32],"'potential":[33],"for":[34,156],"attack'.":[35],"In":[36],"this":[37,71],"paper":[38],"we":[39,73],"rely":[40],"on":[41,44,163],"Symantec":[42],"data":[43],"real":[45],"attacks":[46,66,91,107,143],"detected":[47],"in":[48,55,63,144],"wild":[50],"trade-off":[54],"Impact":[57],"and":[58,108],"Complexity":[59],"vulnerability":[62,157],"terms":[64],"it":[68],"generates;":[69],"exploiting":[70],"effect,":[72],"devise":[74],"readily":[76],"computable":[77],"estimator":[78,98,124,148],"vulnerability's":[81],"Attack":[82],"Potential":[83],"reliably":[85],"estimates":[86],"expected":[88],"volume":[89],"vulnerability.":[94],"We":[95,120],"evaluate":[96],"our":[97,123],"performance":[99],"standard":[101,128],"patching":[102,129],"policies":[103,130],"measuring":[105],"foiled":[106],"demanded":[109],"workload":[110],"expressed":[111],"as":[112,152],"number":[114],"entailed":[117],"patch.":[119],"show":[121],"significantly":[125],"improves":[126],"over":[127],"ruling":[132],"out":[133],"low-risk":[134],"vulnerabilities,":[135],"while":[136],"maintaining":[137],"invariant":[138],"levels":[139],"coverage":[141],"wild.":[146],"Our":[147],"can":[149],"be":[150],"used":[151],"first":[154],"aid":[155],"prioritisation":[158],"focus":[160],"assessment":[161],"efforts":[162],"high-potential":[164],"vulnerabilities.":[165]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":2}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}