{"id":"https://openalex.org/W2805717920","doi":"https://doi.org/10.1145/3205977.3208948","title":"Toward A Code Pattern Based Vulnerability Measurement Model","display_name":"Toward A Code Pattern Based Vulnerability Measurement Model","publication_year":2018,"publication_date":"2018-06-07","ids":{"openalex":"https://openalex.org/W2805717920","doi":"https://doi.org/10.1145/3205977.3208948","mag":"2805717920"},"language":"en","primary_location":{"id":"doi:10.1145/3205977.3208948","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3205977.3208948","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103039077","display_name":"John Heaps","orcid":"https://orcid.org/0000-0002-4038-4278"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"John Heaps","raw_affiliation_strings":["University of Texas at San Antonio, San Antonio, TX, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049810765","display_name":"Rocky Slavin","orcid":"https://orcid.org/0000-0003-1283-2595"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Rocky Slavin","raw_affiliation_strings":["University of Texas at San Antonio, San Antonio, TX, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101558050","display_name":"Xiaoyin Wang","orcid":"https://orcid.org/0000-0002-9079-5534"},"institutions":[{"id":"https://openalex.org/I45438204","display_name":"The University of Texas at San Antonio","ror":"https://ror.org/01kd65564","country_code":"US","type":"education","lineage":["https://openalex.org/I45438204"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xiaoyin Wang","raw_affiliation_strings":["University of Texas at San Antonio, San Antonio, TX, USA"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Texas at San Antonio, San Antonio, TX, USA","institution_ids":["https://openalex.org/I45438204"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I45438204"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":1,"citation_normalized_percentile":{"value":0.06103764,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":94},"biblio":{"volume":null,"issue":null,"first_page":"209","last_page":"211"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7774209976196289},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.5621790885925293},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.559980571269989},{"id":"https://openalex.org/keywords/software-bug","display_name":"Software bug","score":0.5323830842971802},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5093814134597778},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.4646897315979004},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.4093722999095917},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.32784271240234375},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.24134323000907898},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.20547908544540405},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.20234569907188416}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7774209976196289},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.5621790885925293},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.559980571269989},{"id":"https://openalex.org/C1009929","wikidata":"https://www.wikidata.org/wiki/Q179550","display_name":"Software bug","level":3,"score":0.5323830842971802},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5093814134597778},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.4646897315979004},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.4093722999095917},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.32784271240234375},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.24134323000907898},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.20547908544540405},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.20234569907188416},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3205977.3208948","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3205977.3208948","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, Justice and strong institutions","score":0.7699999809265137,"id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":5,"referenced_works":["https://openalex.org/W1964249199","https://openalex.org/W1989657183","https://openalex.org/W2077937403","https://openalex.org/W2138756793","https://openalex.org/W2363172845"],"related_works":["https://openalex.org/W2787993192","https://openalex.org/W2901729341","https://openalex.org/W2158269427","https://openalex.org/W4381280689","https://openalex.org/W2847365777","https://openalex.org/W3166545041","https://openalex.org/W3128025644","https://openalex.org/W2355048207","https://openalex.org/W4246289931","https://openalex.org/W2621101275"],"abstract_inverted_index":{"Many":[0,34],"access":[1,29,42,65,126],"control":[2,30,43,66,127],"patterns,":[3,80],"both":[4],"positive":[5],"and":[6,39,50,54,77,86,106],"negative,":[7],"have":[8],"been":[9],"identified":[10],"in":[11,32,84,110],"the":[12,26,99,104,123],"past.":[13],"However,":[14],"there":[15],"is":[16],"little":[17],"research":[18],"describing":[19],"how":[20],"to":[21,63],"leverage":[22],"those":[23,82],"patterns":[24,83],"for":[25,41,103],"detection":[27,37,105],"of":[28,47,91,108,115,122],"bugs":[31,67,109],"code.":[33],"software":[35],"bug":[36,79],"models":[38],"frameworks":[40],"exist,":[44],"however":[45],"most":[46],"these":[48],"approaches":[49],"tools":[51],"are":[52,98],"process-based":[53],"suffer":[55],"from":[56],"many":[57],"limitations.":[58],"We":[59],"propose":[60],"a":[61,88,113,119],"framework":[62,74],"detect":[64,81],"based":[68],"on":[69,94],"code":[70],"pattern":[71,128],"detection.":[72],"Our":[73],"will":[75],"mine":[76],"generate":[78],"code,":[85],"calculate":[87],"vulnerability":[89],"measure":[90],"software.":[92,111],"Based":[93],"our":[95],"knowledge":[96],"we":[97,117],"first":[100],"pattern-based":[101],"model":[102],"measurement":[107],"As":[112],"proof":[114],"concept,":[116],"perform":[118],"case":[120],"study":[121],"relational":[124],"database":[125],"\"Improper":[129],"Authorization''.":[130]},"counts_by_year":[{"year":2024,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}
