{"id":"https://openalex.org/W2938063707","doi":"https://doi.org/10.1145/3319008.3319033","title":"A Conceptual Replication on Predicting the Severity of Software Vulnerabilities","display_name":"A Conceptual Replication on Predicting the Severity of Software Vulnerabilities","publication_year":2019,"publication_date":"2019-04-10","ids":{"openalex":"https://openalex.org/W2938063707","doi":"https://doi.org/10.1145/3319008.3319033","mag":"2938063707"},"language":"en","primary_location":{"id":"doi:10.1145/3319008.3319033","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3319008.3319033","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Evaluation and Assessment on Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102954715","display_name":"Sefa Eren \u015eahin","orcid":"https://orcid.org/0000-0001-6617-7341"},"institutions":[{"id":"https://openalex.org/I48912391","display_name":"Istanbul Technical University","ror":"https://ror.org/059636586","country_code":"TR","type":"education","lineage":["https://openalex.org/I48912391"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Sefa Eren Sahin","raw_affiliation_strings":["Istanbul Technical University, Istanbul, Turkey"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Istanbul Technical University, Istanbul, Turkey","institution_ids":["https://openalex.org/I48912391"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5089239701","display_name":"Ay\u015fe Tosun","orcid":"https://orcid.org/0000-0003-1859-7872"},"institutions":[{"id":"https://openalex.org/I48912391","display_name":"Istanbul Technical University","ror":"https://ror.org/059636586","country_code":"TR","type":"education","lineage":["https://openalex.org/I48912391"]}],"countries":["TR"],"is_corresponding":false,"raw_author_name":"Ayse Tosun","raw_affiliation_strings":["Istanbul Technical University, Istanbul, Turkey"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Istanbul Technical University, Istanbul, Turkey","institution_ids":["https://openalex.org/I48912391"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":5.9954,"has_fulltext":false,"cited_by_count":38,"citation_normalized_percentile":{"value":0.96348047,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"244","last_page":"250"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12423","display_name":"Software Reliability and Analysis Research","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1712","display_name":"Software"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7628741264343262},{"id":"https://openalex.org/keywords/convolutional-neural-network","display_name":"Convolutional neural network","score":0.577933669090271},{"id":"https://openalex.org/keywords/prioritization","display_name":"Prioritization","score":0.5126191973686218},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.49586161971092224},{"id":"https://openalex.org/keywords/replication","display_name":"Replication (statistics)","score":0.4864778220653534},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4756619334220886},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.4701286256313324},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.44147148728370667},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.4397057592868805},{"id":"https://openalex.org/keywords/f1-score","display_name":"F1 score","score":0.412956178188324},{"id":"https://openalex.org/keywords/statistics","display_name":"Statistics","score":0.1298903226852417}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7628741264343262},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.577933669090271},{"id":"https://openalex.org/C2777615720","wikidata":"https://www.wikidata.org/wiki/Q11888847","display_name":"Prioritization","level":2,"score":0.5126191973686218},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.49586161971092224},{"id":"https://openalex.org/C12590798","wikidata":"https://www.wikidata.org/wiki/Q3933199","display_name":"Replication (statistics)","level":2,"score":0.4864778220653534},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4756619334220886},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.4701286256313324},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.44147148728370667},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.4397057592868805},{"id":"https://openalex.org/C148524875","wikidata":"https://www.wikidata.org/wiki/Q6975395","display_name":"F1 score","level":2,"score":0.412956178188324},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.1298903226852417},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C539667460","wikidata":"https://www.wikidata.org/wiki/Q2414942","display_name":"Management science","level":1,"score":0.0},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3319008.3319033","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3319008.3319033","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Evaluation and Assessment on Software Engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:polen.itu.edu.tr:11527/34044","is_oa":false,"landing_page_url":"https://hdl.handle.net/11527/34044","pdf_url":null,"source":{"id":"https://openalex.org/S4306400460","display_name":"Istanbul Technical University Academic Open Archive (Istanbul Technical University)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I48912391","host_organization_name":"Istanbul Technical University","host_organization_lineage":["https://openalex.org/I48912391"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.5}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":10,"referenced_works":["https://openalex.org/W2022695357","https://openalex.org/W2043837581","https://openalex.org/W2079753286","https://openalex.org/W2166336492","https://openalex.org/W2295598076","https://openalex.org/W2499226778","https://openalex.org/W2767521898","https://openalex.org/W2771090858","https://openalex.org/W2950577311","https://openalex.org/W3102476541"],"related_works":["https://openalex.org/W2506292322","https://openalex.org/W4283209547","https://openalex.org/W4367627632","https://openalex.org/W2184980933","https://openalex.org/W4205713785","https://openalex.org/W4293226380","https://openalex.org/W653452717","https://openalex.org/W3016766501","https://openalex.org/W2901033488","https://openalex.org/W2554445088"],"abstract_inverted_index":{"Software":[0],"vulnerabilities":[1,15,28,51,54],"may":[2],"lead":[3],"to":[4,45,101],"crucial":[5],"security":[6,21],"risks":[7],"in":[8],"software":[9,50],"systems.":[10],"Thus,":[11],"prioritization":[12],"of":[13,49,120,139],"the":[14,27,47,96,125,148],"is":[16],"an":[17,136],"important":[18],"task":[19],"for":[20,113],"teams,":[22],"and":[23,35,69,85,117,130,143,153],"assessing":[24],"how":[25],"severe":[26],"are":[29,91],"would":[30],"help":[31],"teams":[32],"during":[33],"fixing":[34],"maintenance":[36],"activities.":[37],"We":[38,59,93,108],"replicated":[39,97],"a":[40],"prior":[41],"work":[42,98],"which":[43],"aims":[44],"predict":[46,102],"severity":[48,57,103,115,118,126,149],"by":[52,99],"grouping":[53],"into":[55],"different":[56],"levels.":[58,107],"follow":[60],"their":[61],"approach":[62],"on":[63,70],"feature":[64],"extraction":[65],"using":[66,73],"word":[67],"embeddings,":[68],"prediction":[71],"model":[72],"Convolutional":[74],"Neural":[75],"Networks":[76],"(CNNs).":[77],"In":[78],"addition,":[79],"Long":[80],"Short":[81],"Term":[82],"Memory":[83],"(LSTM)":[84],"Extreme":[86],"Gradient":[87],"Boosting":[88],"(XGBoost)":[89],"models":[90,132,155],"used.":[92],"also":[94],"extend":[95],"aiming":[100],"scores":[104,119],"rather":[105],"than":[106],"carried":[109],"out":[110],"two":[111],"experiments":[112],"predicting":[114,124,147],"levels":[116],"82,974":[121],"vulnerabilities.":[122],"On":[123,146],"levels,":[127],"our":[128],"LSTM":[129],"CNN":[131,152],"perform":[133,156],"similarly":[134],"with":[135],"F1":[137,141],"score":[138,142],"0.756":[140],"0.752,":[144],"respectively.":[145,162],"scores,":[150],"LSTM,":[151],"XGBoost":[154],"16.14%,":[157],"17.03%,":[158],"18.91%":[159],"MAPE":[160],"values,":[161]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":9},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":5},{"year":2020,"cited_by_count":5},{"year":2019,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}