{"id":"https://openalex.org/W4416549357","doi":"https://doi.org/10.1145/3719027.3760723","title":"Poster: Computer Security Researchers' Experiences with Vulnerability Disclosures","display_name":"Poster: Computer Security Researchers' Experiences with Vulnerability Disclosures","publication_year":2025,"publication_date":"2025-11-19","ids":{"openalex":"https://openalex.org/W4416549357","doi":"https://doi.org/10.1145/3719027.3760723"},"language":null,"primary_location":{"id":"doi:10.1145/3719027.3760723","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760723","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760723","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760723","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5074142826","display_name":"Harshini Sri Ramulu","orcid":"https://orcid.org/0000-0002-0000-5843"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Harshini Sri Ramulu","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0000-0002-0000-5843","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5114708588","display_name":"Anna Lena Rotthaler","orcid":"https://orcid.org/0009-0009-7785-7110"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Anna Lena Rotthaler","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0009-0009-7785-7110","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007354859","display_name":"J. Rossel","orcid":"https://orcid.org/0000-0002-3182-4059"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jost Rossel","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0000-0002-3182-4059","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5109367825","display_name":"Rachel Rodriguez","orcid":"https://orcid.org/0009-0004-9800-4006"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Rachel Gonzalez Rodriguez","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0009-0004-9800-4006","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5004650891","display_name":"Dominik Wermke","orcid":"https://orcid.org/0009-0008-2921-1254"},"institutions":[{"id":"https://openalex.org/I137902535","display_name":"North Carolina State University","ror":"https://ror.org/04tj63d06","country_code":"US","type":"education","lineage":["https://openalex.org/I137902535"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dominik Wermke","raw_affiliation_strings":["North Carolina State University, Raleigh, North Carolina, USA"],"raw_orcid":"https://orcid.org/0009-0008-2921-1254","affiliations":[{"raw_affiliation_string":"North Carolina State University, Raleigh, North Carolina, USA","institution_ids":["https://openalex.org/I137902535"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5087356408","display_name":"Sascha Fahl","orcid":"https://orcid.org/0000-0002-5644-3316"},"institutions":[{"id":"https://openalex.org/I4210128801","display_name":"Helmholtz Center for Information Security","ror":"https://ror.org/02njgxr09","country_code":"DE","type":"facility","lineage":["https://openalex.org/I1305996414","https://openalex.org/I4210128801"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sascha Fahl","raw_affiliation_strings":["CISPA Helmholtz Center for Information Security, Hannover, Germany"],"raw_orcid":"https://orcid.org/0000-0002-5644-3316","affiliations":[{"raw_affiliation_string":"CISPA Helmholtz Center for Information Security, Hannover, Germany","institution_ids":["https://openalex.org/I4210128801"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5026130910","display_name":"Tadayoshi Kohno","orcid":"https://orcid.org/0000-0002-4899-226X"},"institutions":[{"id":"https://openalex.org/I184565670","display_name":"Georgetown University","ror":"https://ror.org/05vzafd60","country_code":"US","type":"education","lineage":["https://openalex.org/I184565670"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Tadayoshi Kohno","raw_affiliation_strings":["Georgetown University, Washington, D.C., USA"],"raw_orcid":"https://orcid.org/0000-0002-4899-226X","affiliations":[{"raw_affiliation_string":"Georgetown University, Washington, D.C., USA","institution_ids":["https://openalex.org/I184565670"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091741421","display_name":"Juraj Somorovsky","orcid":"https://orcid.org/0000-0002-3593-7720"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Juraj Somorovsky","raw_affiliation_strings":["Paderborn University, Paderborn, Germany"],"raw_orcid":"https://orcid.org/0000-0002-3593-7720","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany","institution_ids":["https://openalex.org/I206945453"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5074668699","display_name":"Yasemin Acar","orcid":"https://orcid.org/0000-0001-7167-7383"},"institutions":[{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Yasemin Acar","raw_affiliation_strings":["Paderborn University, Paderborn, Germany and The George Washington University, Washington D.C., USA"],"raw_orcid":"https://orcid.org/0000-0001-7167-7383","affiliations":[{"raw_affiliation_string":"Paderborn University, Paderborn, Germany and The George Washington University, Washington D.C., USA","institution_ids":["https://openalex.org/I206945453"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":9,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":{"value":0.4515836,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"4779","last_page":"4781"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.6155999898910522,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.6155999898910522,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.06989999860525131,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.046300001442432404,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.8500999808311462},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5144000053405762},{"id":"https://openalex.org/keywords/data-breach","display_name":"Data breach","score":0.46140000224113464},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.4507000148296356},{"id":"https://openalex.org/keywords/face","display_name":"Face (sociological concept)","score":0.41769999265670776},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.39800000190734863}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.8500999808311462},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.6208000183105469},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5734000205993652},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5144000053405762},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.4620000123977661},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.46140000224113464},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.4507000148296356},{"id":"https://openalex.org/C2779304628","wikidata":"https://www.wikidata.org/wiki/Q3503480","display_name":"Face (sociological concept)","level":2,"score":0.41769999265670776},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.39800000190734863},{"id":"https://openalex.org/C39549134","wikidata":"https://www.wikidata.org/wiki/Q133080","display_name":"Public relations","level":1,"score":0.3456000089645386},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3409999907016754},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.33640000224113464},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3260999917984009},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.28870001435279846},{"id":"https://openalex.org/C2776035688","wikidata":"https://www.wikidata.org/wiki/Q1606558","display_name":"Affect (linguistics)","level":2,"score":0.28450000286102295},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.27469998598098755},{"id":"https://openalex.org/C107101626","wikidata":"https://www.wikidata.org/wiki/Q842234","display_name":"Full disclosure","level":2,"score":0.2538999915122986}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3719027.3760723","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760723","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760723","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3719027.3760723","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3719027.3760723","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3719027.3760723","source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G3398555191","display_name":null,"funder_award_id":"2206865 & CNS-2207008","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4416549357.pdf","grobid_xml":"https://content.openalex.org/works/W4416549357.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W2021348304","https://openalex.org/W2134646643","https://openalex.org/W2295069226","https://openalex.org/W2513442265","https://openalex.org/W2621759135","https://openalex.org/W2794659749","https://openalex.org/W2966983806","https://openalex.org/W3153627577","https://openalex.org/W3160990928","https://openalex.org/W4367047162","https://openalex.org/W4385208580"],"related_works":[],"abstract_inverted_index":{"Vulnerability":[0],"disclosures":[1],"are":[2],"necessary":[3],"to":[4,24,35,70],"improve":[5],"the":[6,28],"security":[7],"of":[8],"our":[9],"digital":[10],"ecosystem.":[11],"However,":[12],"they":[13],"can":[14],"also":[15],"be":[16,22,40],"challenging":[17],"for":[18,61],"researchers:":[19],"it":[20],"may":[21,39],"hard":[23],"find":[25],"out":[26],"who":[27],"affected":[29],"parties":[30],"even":[31],"are,":[32],"or":[33,42],"how":[34],"contact":[36],"them.":[37],"Researchers":[38],"ignored":[41],"face":[43],"adversity":[44],"when":[45],"disclosing":[46],"vulnerabilities.":[47],"We":[48],"investigate":[49],"researchers'":[50],"experiences":[51],"with":[52],"vulnerability":[53,73],"disclosures,":[54],"extract":[55],"best":[56],"practices,":[57],"and":[58,68],"make":[59],"recommendations":[60],"researchers,":[62],"institutions":[63],"that":[64],"employ":[65],"them,":[66],"industry,":[67],"regulators":[69],"enable":[71],"effective":[72],"disclosures.":[74]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-11-23T00:00:00"}