{"id":"https://openalex.org/W4400976724","doi":"https://doi.org/10.1145/3664476.3670915","title":"Evaluating Cybersecurity Risk: A Comprehensive Comparison of Vulnerability Scoring Methodologies","display_name":"Evaluating Cybersecurity Risk: A Comprehensive Comparison of Vulnerability Scoring Methodologies","publication_year":2024,"publication_date":"2024-07-25","ids":{"openalex":"https://openalex.org/W4400976724","doi":"https://doi.org/10.1145/3664476.3670915"},"language":"en","primary_location":{"id":"doi:10.1145/3664476.3670915","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3664476.3670915","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5105080887","display_name":"Konstantina Milousi","orcid":"https://orcid.org/0009-0008-9976-0814"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Konstantina Milousi","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0009-0008-9976-0814","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105080888","display_name":"Prodromos Kiriakidis","orcid":"https://orcid.org/0009-0005-8336-8955"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Prodromos Kiriakidis","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0009-0005-8336-8955","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5049268790","display_name":"Notis Mengidis","orcid":"https://orcid.org/0000-0003-3588-1007"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Notis Mengidis","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0000-0003-3588-1007","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5070025135","display_name":"Georgios Rizos","orcid":"https://orcid.org/0009-0008-6470-5401"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Georgios Rizos","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0009-0008-6470-5401","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5105094234","display_name":"Mariana S. Mazi","orcid":"https://orcid.org/0009-0001-0899-7736"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Mariana S. Mazi","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0009-0001-0899-7736","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000407766","display_name":"Antonis Voulgaridis","orcid":"https://orcid.org/0000-0003-4012-8511"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Antonis Voulgaridis","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0000-0003-4012-8511","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064307246","display_name":"Konstantinos Votis","orcid":"https://orcid.org/0000-0001-6381-8326"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Konstantinos Votis","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0000-0001-6381-8326","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5087452615","display_name":"Dimitrios Tzovaras","orcid":"https://orcid.org/0000-0001-6915-6722"},"institutions":[{"id":"https://openalex.org/I4210093649","display_name":"Information Technologies Institute","ror":"https://ror.org/0069akp70","country_code":"GR","type":"nonprofit","lineage":["https://openalex.org/I4210093649"]},{"id":"https://openalex.org/I4210134249","display_name":"Centre for Research and Technology Hellas","ror":"https://ror.org/03bndpq63","country_code":"GR","type":"facility","lineage":["https://openalex.org/I4210134249"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Dimitrios Tzovaras","raw_affiliation_strings":["Visual Analytics Lab, CERTH-ITI, Greece"],"raw_orcid":"https://orcid.org/0000-0001-6915-6722","affiliations":[{"raw_affiliation_string":"Visual Analytics Lab, CERTH-ITI, Greece","institution_ids":["https://openalex.org/I4210093649","https://openalex.org/I4210134249"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":4.1372,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.94487678,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9962000250816345,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.753960371017456},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.66391921043396},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6196230053901672},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.6088832020759583},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3756566047668457},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.11574727296829224},{"id":"https://openalex.org/keywords/medicine","display_name":"Medicine","score":0.053396522998809814}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.753960371017456},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.66391921043396},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6196230053901672},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.6088832020759583},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3756566047668457},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.11574727296829224},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.053396522998809814},{"id":"https://openalex.org/C118552586","wikidata":"https://www.wikidata.org/wiki/Q7867","display_name":"Psychiatry","level":1,"score":0.0},{"id":"https://openalex.org/C27415008","wikidata":"https://www.wikidata.org/wiki/Q7256382","display_name":"Psychological intervention","level":2,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3664476.3670915","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3664476.3670915","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 19th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G4644827041","display_name":null,"funder_award_id":"101128024","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"},{"id":"https://openalex.org/G837836669","display_name":null,"funder_award_id":"T2EDK-03093","funder_id":"https://openalex.org/F4320323817","funder_display_name":"Universitas Brawijaya"}],"funders":[{"id":"https://openalex.org/F4320323817","display_name":"Universitas Brawijaya","ror":"https://ror.org/01wk3d929"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W1510900750","https://openalex.org/W1587258003","https://openalex.org/W1683889830","https://openalex.org/W1812288645","https://openalex.org/W1983758807","https://openalex.org/W1993558273","https://openalex.org/W2002750511","https://openalex.org/W2044625105","https://openalex.org/W2076418638","https://openalex.org/W2145151298","https://openalex.org/W2162142914","https://openalex.org/W2336683339","https://openalex.org/W2605477064","https://openalex.org/W2617899096","https://openalex.org/W2890144868","https://openalex.org/W2953777406","https://openalex.org/W3014543108","https://openalex.org/W3023951208","https://openalex.org/W3048739080","https://openalex.org/W3190378155","https://openalex.org/W4293235203","https://openalex.org/W4363675776","https://openalex.org/W6651576082","https://openalex.org/W6744438715"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W1756374135","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W2280562859","https://openalex.org/W230721595","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522"],"abstract_inverted_index":{"In":[0],"the":[1,16,48,78,85,92,106,134,199,206,209,221,232],"continuously":[2],"evolving":[3],"digital":[4,28],"landscape,":[5,89],"risk":[6,82,100,173,246],"assessment":[7,83],"represents":[8],"an":[9,148],"essential":[10,202],"cornerstone":[11],"in":[12,37,84,99,171,231,242],"cybersecurity,":[13,235],"crucial":[14],"for":[15,105,229],"identification,":[17],"evaluation":[18,157,219],"and":[19,24,46,50,70,122,144,168,177,245],"prioritization":[20],"of":[21,52,60,77,81,95,133,151,158,179,193,208,220,234],"potential":[22],"threats":[23],"vulnerabilities":[25],"within":[26],"complex":[27],"ecosystems.":[29],"Vulnerability":[30],"scoring":[31,63,97,108,137,182,211,224],"systems":[32,64,98,109,138,160],"play":[33],"a":[34,57,75,155,188,217],"pivotal":[35],"role":[36,80],"this":[38,194,214],"process":[39],"by":[40],"providing":[41,147],"structured":[42,218],"methodologies":[43],"to":[44,186],"quantify":[45],"qualify":[47],"severity":[49],"impact":[51],"vulnerabilities.":[53],"This":[54],"paper":[55,215],"presents":[56],"comprehensive":[58,189],"comparison":[59],"various":[61],"vulnerability":[62,96,107,136,181,210,223,243],"approaches,":[65],"examining":[66],"their":[67,128,152,164],"structures,":[68],"methodologies,":[69,142],"unique":[71],"attributes.":[72],"Beginning":[73],"with":[74],"review":[76],"critical":[79],"dynamic":[86],"cyber":[87],"threat":[88],"it":[90],"emphasizes":[91],"fundamental":[93],"significance":[94,123],"evaluation.":[101],"The":[102,191],"selection":[103],"criteria":[104],"that":[110],"are":[111,113,184],"analyzed":[112],"clarified,":[114],"focusing":[115],"on":[116,120],"justifying":[117],"choices":[118],"based":[119],"relevance":[121],"while":[124,175],"considering":[125],"parameters":[126],"guiding":[127],"selection.":[129],"A":[130],"detailed":[131],"analysis":[132,207],"selected":[135],"follows,":[139],"delving":[140],"into":[141],"metrics,":[143],"distinct":[145],"characteristics,":[146],"in-depth":[149],"understanding":[150],"functionalities.":[153],"Subsequently,":[154],"comparative":[156,195],"these":[159],"is":[161],"conducted,":[162],"highlighting":[163],"respective":[165],"strengths,":[166],"weaknesses,":[167],"overall":[169],"effectiveness":[170],"cybersecurity":[172],"assessment,":[174],"benefits":[176],"drawbacks":[178],"each":[180],"system":[183],"examined":[185],"offer":[187],"perspective.":[190],"conclusions":[192],"study":[196],"bring":[197],"together":[198],"results,":[200],"summarizing":[201],"insights":[203,228],"gathered":[204],"through":[205],"systems.":[212],"Overall,":[213],"provides":[216],"available":[222],"systems,":[225],"offering":[226],"valuable":[227],"professionals":[230],"field":[233],"as":[236,238],"well":[237],"future":[239],"research":[240],"involved":[241],"management":[244],"assessment.":[247]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":4}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}