{"id":"https://openalex.org/W2983519477","doi":"https://doi.org/10.1145/3338501.3357365","title":"Risk Prioritization by Leveraging Latent Vulnerability Features in a Contested Environment","display_name":"Risk Prioritization by Leveraging Latent Vulnerability Features in a Contested Environment","publication_year":2019,"publication_date":"2019-11-08","ids":{"openalex":"https://openalex.org/W2983519477","doi":"https://doi.org/10.1145/3338501.3357365","mag":"2983519477"},"language":"en","primary_location":{"id":"doi:10.1145/3338501.3357365","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338501.3357365","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080322439","display_name":"Kenneth Alperin","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Kenneth Alperin","raw_affiliation_strings":["MIT Lincoln Laboratory, Lexington, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lexington, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044815834","display_name":"Allan Wollaber","orcid":"https://orcid.org/0000-0001-5997-9610"},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Allan Wollaber","raw_affiliation_strings":["MIT Lincoln Laboratory, Lexington, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lexington, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088643497","display_name":"Dennis Ross","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dennis Ross","raw_affiliation_strings":["MIT Lincoln Laboratory, Lexington, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lexington, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002932883","display_name":"P. C. Trepagnier","orcid":null},"institutions":[{"id":"https://openalex.org/I4210122954","display_name":"MIT Lincoln Laboratory","ror":"https://ror.org/022z6jk58","country_code":"US","type":"facility","lineage":["https://openalex.org/I4210122954","https://openalex.org/I63966007"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pierre Trepagnier","raw_affiliation_strings":["MIT Lincoln Laboratory, Lexington, MA, USA"],"affiliations":[{"raw_affiliation_string":"MIT Lincoln Laboratory, Lexington, MA, USA","institution_ids":["https://openalex.org/I4210122954"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000595338","display_name":"Leslie Leonard","orcid":"https://orcid.org/0000-0003-2610-8186"},"institutions":[{"id":"https://openalex.org/I87303767","display_name":"U.S. Army Engineer Research and Development Center","ror":"https://ror.org/027mhn368","country_code":"US","type":"facility","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1306490931","https://openalex.org/I1330347796","https://openalex.org/I87303767"]},{"id":"https://openalex.org/I4210088792","display_name":"United States Army","ror":"https://ror.org/00afsp483","country_code":"US","type":"funder","lineage":["https://openalex.org/I1304082316","https://openalex.org/I1330347796","https://openalex.org/I4210088792"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Leslie Leonard","raw_affiliation_strings":["U.S. Army Engineer Research and Development Center, Vicksburg, MS, USA"],"affiliations":[{"raw_affiliation_string":"U.S. Army Engineer Research and Development Center, Vicksburg, MS, USA","institution_ids":["https://openalex.org/I87303767","https://openalex.org/I4210088792"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5080322439"],"corresponding_institution_ids":["https://openalex.org/I4210122954"],"apc_list":null,"apc_paid":null,"fwci":1.4063,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.87068003,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"49","last_page":"57"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9948999881744385,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.8523427248001099},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.8156110048294067},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7288998365402222},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.6343572735786438},{"id":"https://openalex.org/keywords/prioritization","display_name":"Prioritization","score":0.6238820552825928},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.6124221682548523},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5396552085876465},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.5102777481079102},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.49677926301956177},{"id":"https://openalex.org/keywords/risk-management","display_name":"Risk management","score":0.4879002273082733},{"id":"https://openalex.org/keywords/risk-assessment","display_name":"Risk assessment","score":0.42857879400253296},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.41665270924568176},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.16567003726959229},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.1609228253364563},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.12198829650878906},{"id":"https://openalex.org/keywords/operations-management","display_name":"Operations management","score":0.09289276599884033},{"id":"https://openalex.org/keywords/psychology","display_name":"Psychology","score":0.08237242698669434},{"id":"https://openalex.org/keywords/psychological-resilience","display_name":"Psychological resilience","score":0.07008379697799683}],"concepts":[{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.8523427248001099},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.8156110048294067},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7288998365402222},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.6343572735786438},{"id":"https://openalex.org/C2777615720","wikidata":"https://www.wikidata.org/wiki/Q11888847","display_name":"Prioritization","level":2,"score":0.6238820552825928},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.6124221682548523},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5396552085876465},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.5102777481079102},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.49677926301956177},{"id":"https://openalex.org/C32896092","wikidata":"https://www.wikidata.org/wiki/Q189447","display_name":"Risk management","level":2,"score":0.4879002273082733},{"id":"https://openalex.org/C12174686","wikidata":"https://www.wikidata.org/wiki/Q1058438","display_name":"Risk assessment","level":2,"score":0.42857879400253296},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.41665270924568176},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.16567003726959229},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.1609228253364563},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.12198829650878906},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.09289276599884033},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.08237242698669434},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.07008379697799683},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.0},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3338501.3357365","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3338501.3357365","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W2004228899","https://openalex.org/W2077937403","https://openalex.org/W2095705004","https://openalex.org/W2142141201","https://openalex.org/W2241929320","https://openalex.org/W2294973055","https://openalex.org/W2570094557","https://openalex.org/W2586235276","https://openalex.org/W2603292144","https://openalex.org/W2733563680","https://openalex.org/W2757569564","https://openalex.org/W2766615649","https://openalex.org/W2767521898","https://openalex.org/W2771090858","https://openalex.org/W2787410805","https://openalex.org/W2807143630","https://openalex.org/W2808052182","https://openalex.org/W2906998334","https://openalex.org/W3102673518","https://openalex.org/W3104574898","https://openalex.org/W4299367293"],"related_works":["https://openalex.org/W2393340519","https://openalex.org/W2390459954","https://openalex.org/W4220885008","https://openalex.org/W2057803998","https://openalex.org/W4298219515","https://openalex.org/W1613146948","https://openalex.org/W3118510577","https://openalex.org/W2021298062","https://openalex.org/W2185499427","https://openalex.org/W4388541873"],"abstract_inverted_index":{"Cyber":[0],"network":[1],"defenders":[2],"face":[3],"an":[4,23,111],"overwhelming":[5],"volume":[6],"of":[7,20,29,33,38,67,99,103,128],"software":[8],"vulnerabilities.":[9],"Resource":[10],"limitations":[11],"preclude":[12],"them":[13],"mitigating":[14],"all":[15],"but":[16],"a":[17,88,96,120,125],"small":[18],"number":[19],"vulnerabilities":[21,100],"on":[22],"enterprise":[24],"network,":[25],"so":[26],"proper":[27],"prioritization":[28,40],"defensive":[30],"actions":[31],"are":[32,41,57,73],"paramount":[34],"importance.":[35],"Current":[36],"methods":[37,66],"risk":[39,53,97],"predominantly":[42,89],"expert-based,":[43],"and":[44,116,132],"many":[45],"include":[46],"leveraging":[47],"Common":[48],"Vulnerability":[49,70],"Scoring":[50],"System":[51],"(CVSS)":[52],"scores.":[54],"These":[55],"scores":[56],"assigned":[58],"by":[59],"subject":[60],"matter":[61],"experts":[62],"according":[63],"to":[64,118],"conventional":[65],"qualifying":[68],"risk.":[69,134],"mitigation":[71],"strategies":[72],"then":[74],"often":[75],"applied":[76],"in":[77,85],"CVSS":[78],"score":[79],"order.":[80],"Our":[81,106],"vulnerability":[82],"assessment":[83],"system,":[84],"contrast,":[86],"takes":[87],"data-driven":[90],"approach.":[91],"In":[92],"general,":[93],"we":[94],"associate":[95],"metric":[98],"with":[101],"existence":[102],"corresponding":[104],"exploits.":[105],"assumption":[107],"is":[108,124],"that":[109,129],"if":[110],"entity":[112],"has":[113],"invested":[114],"time":[115],"money":[117],"exploit":[119],"particular":[121],"vulnerability,":[122],"this":[123],"critical":[126],"gauge":[127],"vulnerability's":[130],"importance,":[131],"hence":[133]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":1}],"updated_date":"2026-03-14T08:43:22.919905","created_date":"2025-10-10T00:00:00"}