{"id":"https://openalex.org/W4235101189","doi":"https://doi.org/10.1504/ijics.2016.10001267","title":"Application of quantitative security measurement model for prioritisation of vulnerability mitigation: a real case study","display_name":"Application of quantitative security measurement model for prioritisation of vulnerability mitigation: a real case study","publication_year":2016,"publication_date":"2016-01-01","ids":{"openalex":"https://openalex.org/W4235101189","doi":"https://doi.org/10.1504/ijics.2016.10001267"},"language":"en","primary_location":{"id":"doi:10.1504/ijics.2016.10001267","is_oa":false,"landing_page_url":"https://doi.org/10.1504/ijics.2016.10001267","pdf_url":null,"source":{"id":"https://openalex.org/S85012289","display_name":"International Journal of Information and Computer Security","issn_l":"1744-1765","issn":["1744-1765","1744-1773"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310317825","host_organization_name":"Inderscience Publishers","host_organization_lineage":["https://openalex.org/P4310317825"],"host_organization_lineage_names":["Inderscience Publishers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information and Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002948459","display_name":"Anshu Tripathi","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Anshu Tripathi","raw_affiliation_strings":["Department of Information Technology, Mahakal Institute of Technology, Behind Air Strip, Dewas Road, Ujjain, India"],"affiliations":[{"raw_affiliation_string":"Department of Information Technology, Mahakal Institute of Technology, Behind Air Strip, Dewas Road, Ujjain, India","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5072674054","display_name":"Umesh Kumar Singh","orcid":"https://orcid.org/0000-0001-9120-4428"},"institutions":[{"id":"https://openalex.org/I86381314","display_name":"Vikram University","ror":"https://ror.org/002k8gm39","country_code":"IN","type":"education","lineage":["https://openalex.org/I86381314"]}],"countries":["IN"],"is_corresponding":false,"raw_author_name":"Umesh Kumar Singh","raw_affiliation_strings":["Institute of Computer Science, Vikram University, Ujjain, India"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, Vikram University, Ujjain, India","institution_ids":["https://openalex.org/I86381314"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5002948459"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.37709726,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"8","issue":"4","first_page":"309","last_page":"309"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.987500011920929,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8035940527915955},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.7930545806884766},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.7112791538238525},{"id":"https://openalex.org/keywords/testbed","display_name":"Testbed","score":0.7027406692504883},{"id":"https://openalex.org/keywords/metric","display_name":"Metric (unit)","score":0.581132709980011},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5169229507446289},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.5094969868659973},{"id":"https://openalex.org/keywords/sophistication","display_name":"Sophistication","score":0.4900568723678589},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4507007598876953},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.4490066170692444},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.4412791430950165},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.09767624735832214}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8035940527915955},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.7930545806884766},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.7112791538238525},{"id":"https://openalex.org/C31395832","wikidata":"https://www.wikidata.org/wiki/Q1318674","display_name":"Testbed","level":2,"score":0.7027406692504883},{"id":"https://openalex.org/C176217482","wikidata":"https://www.wikidata.org/wiki/Q860554","display_name":"Metric (unit)","level":2,"score":0.581132709980011},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5169229507446289},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5094969868659973},{"id":"https://openalex.org/C168725872","wikidata":"https://www.wikidata.org/wiki/Q991663","display_name":"Sophistication","level":2,"score":0.4900568723678589},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4507007598876953},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.4490066170692444},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4412791430950165},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.09767624735832214},{"id":"https://openalex.org/C21547014","wikidata":"https://www.wikidata.org/wiki/Q1423657","display_name":"Operations management","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C144024400","wikidata":"https://www.wikidata.org/wiki/Q21201","display_name":"Sociology","level":0,"score":0.0},{"id":"https://openalex.org/C36289849","wikidata":"https://www.wikidata.org/wiki/Q34749","display_name":"Social science","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1504/ijics.2016.10001267","is_oa":false,"landing_page_url":"https://doi.org/10.1504/ijics.2016.10001267","pdf_url":null,"source":{"id":"https://openalex.org/S85012289","display_name":"International Journal of Information and Computer Security","issn_l":"1744-1765","issn":["1744-1765","1744-1773"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310317825","host_organization_name":"Inderscience Publishers","host_organization_lineage":["https://openalex.org/P4310317825"],"host_organization_lineage_names":["Inderscience Publishers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"International Journal of Information and Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.800000011920929,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2393340519","https://openalex.org/W2390459954","https://openalex.org/W4220885008","https://openalex.org/W2057803998","https://openalex.org/W4298219515","https://openalex.org/W1613146948","https://openalex.org/W2993489091","https://openalex.org/W2366522092","https://openalex.org/W4360997342","https://openalex.org/W2358649166"],"abstract_inverted_index":{"Vulnerability":[0],"mitigation":[1,79],"is":[2,67],"one":[3],"of":[4,8,15,20,26,31,56,64,80,94,107,122,130],"the":[5,65,90,95,101,116,120],"key":[6],"processes":[7],"proactive":[9],"security":[10,40],"management.":[11],"Increase":[12],"in":[13,46,60,72,83,98,105],"complexity":[14],"IT":[16],"systems":[17],"and":[18,48,58,74,92,135],"sophistication":[19],"attacks":[21],"accompanied":[22],"with":[23],"rising":[24],"rate":[25],"vulnerability":[27,32],"evolution":[28],"necessitate":[29],"prioritisation":[30],"mitigation.":[33],"In":[34,86],"this":[35,131],"direction,":[36],"a":[37,61,84,127],"metric-based":[38],"quantitative":[39],"measurement":[41],"model":[42,66,97,102],"(QSMM)":[43],"was":[44,103,113],"proposed":[45,96],"Tripathi":[47],"Singh":[49],"(2013)":[50],"that":[51],"measures":[52],"relative":[53],"risk":[54],"level":[55],"vulnerabilities":[57,81],"hosts":[59],"network.":[62,85],"Objective":[63],"to":[68,88,118],"assist":[69],"system":[70],"administrator":[71],"automated":[73],"reasonable":[75],"decision":[76],"making":[77],"for":[78],"present":[82],"order":[87],"evaluate":[89],"performance":[91],"effectiveness":[93],"realistic":[99],"network,":[100],"applied":[104],"network":[106,112],"MIT":[108,110],"campus.":[109],"campus":[111],"used":[114],"as":[115],"testbed":[117],"demonstrate":[119],"efficacy":[121],"model.":[123],"This":[124],"work":[125],"presents":[126],"detailed":[128],"account":[129],"real":[132],"case":[133],"study":[134],"further,":[136],"results":[137],"are":[138],"analysed.":[139]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}