{"id":"https://openalex.org/W2121558310","doi":"https://doi.org/10.3217/jucs-018-06-0732","title":"Success Rate of Remote Code Execution Attacks - Expert Assessments and Observations","display_name":"Success Rate of Remote Code Execution Attacks - Expert Assessments and Observations","publication_year":2020,"publication_date":"2020-04-07","ids":{"openalex":"https://openalex.org/W2121558310","doi":"https://doi.org/10.3217/jucs-018-06-0732","mag":"2121558310"},"language":"en","primary_location":{"id":"pmh:oai:zenodo.org:5505179","is_oa":true,"landing_page_url":"https://zenodo.org/record/5505179","pdf_url":"https://zenodo.org/record/5505179","source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"JUCS - Journal of Universal Computer Science 18((6)) 732-749","raw_type":"info:eu-repo/semantics/article"},"type":"article","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://zenodo.org/record/5505179","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5103165985","display_name":"Hannes Holm","orcid":null},"institutions":[{"id":"https://openalex.org/I86987016","display_name":"KTH Royal Institute of Technology","ror":"https://ror.org/026vcq606","country_code":"SE","type":"education","lineage":["https://openalex.org/I86987016"]}],"countries":["SE"],"is_corresponding":true,"raw_author_name":"Hannes Holm","raw_affiliation_strings":["Royal Inst. of Technology"],"affiliations":[{"raw_affiliation_string":"Royal Inst. of Technology","institution_ids":["https://openalex.org/I86987016"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102842661","display_name":"Mathias Ekstedt","orcid":"https://orcid.org/0000-0003-3922-9606"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mathias Ekstedt","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5091355367","display_name":"Teodor Sommestad","orcid":"https://orcid.org/0000-0002-2606-4139"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Teodor Sommestad","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5037374855","display_name":"Ulrik Franke","orcid":"https://orcid.org/0000-0003-2017-7914"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ulrik Franke","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5103165985"],"corresponding_institution_ids":["https://openalex.org/I86987016"],"apc_list":null,"apc_paid":null,"fwci":1.9471,"has_fulltext":false,"cited_by_count":21,"citation_normalized_percentile":{"value":0.89145907,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"18","issue":"6","first_page":"732","last_page":"749"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9933000206947327,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8873218297958374},{"id":"https://openalex.org/keywords/executable","display_name":"Executable","score":0.838596522808075},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.7795907258987427},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.680745542049408},{"id":"https://openalex.org/keywords/variable","display_name":"Variable (mathematics)","score":0.5385255813598633},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5301146507263184},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.5169684290885925},{"id":"https://openalex.org/keywords/abstraction","display_name":"Abstraction","score":0.49218931794166565},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.4312014877796173},{"id":"https://openalex.org/keywords/set","display_name":"Set (abstract data type)","score":0.26515644788742065},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.14909058809280396}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8873218297958374},{"id":"https://openalex.org/C160145156","wikidata":"https://www.wikidata.org/wiki/Q778586","display_name":"Executable","level":2,"score":0.838596522808075},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.7795907258987427},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.680745542049408},{"id":"https://openalex.org/C182365436","wikidata":"https://www.wikidata.org/wiki/Q50701","display_name":"Variable (mathematics)","level":2,"score":0.5385255813598633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5301146507263184},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.5169684290885925},{"id":"https://openalex.org/C124304363","wikidata":"https://www.wikidata.org/wiki/Q673661","display_name":"Abstraction","level":2,"score":0.49218931794166565},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.4312014877796173},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.26515644788742065},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.14909058809280396},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C134306372","wikidata":"https://www.wikidata.org/wiki/Q7754","display_name":"Mathematical analysis","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0}],"mesh":[],"locations_count":4,"locations":[{"id":"pmh:oai:zenodo.org:5505179","is_oa":true,"landing_page_url":"https://zenodo.org/record/5505179","pdf_url":"https://zenodo.org/record/5505179","source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"JUCS - Journal of Universal Computer Science 18((6)) 732-749","raw_type":"info:eu-repo/semantics/article"},{"id":"pmh:oai:DiVA.org:kth-91649","is_oa":true,"landing_page_url":"http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-91649","pdf_url":null,"source":{"id":"https://openalex.org/S4306401559","display_name":"KTH Publication Database DiVA (KTH Royal Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Article in journal"},{"id":"doi:10.3217/jucs-018-06-0732","is_oa":true,"landing_page_url":"https://doi.org/10.3217/jucs-018-06-0732","pdf_url":null,"source":{"id":"https://openalex.org/S4306400660","display_name":"TUGraz OPEN Library (Graz University of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4092182","host_organization_name":"Graz University of Technology","host_organization_lineage":["https://openalex.org/I4092182"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"},{"id":"mag:2121558310","is_oa":true,"landing_page_url":"http://kth.diva-portal.org/smash/get/diva2:510940/fulltext02.pdf","pdf_url":null,"source":{"id":"https://openalex.org/S58563349","display_name":"JUCS - Journal of Universal Computer Science","issn_l":"0948-695X","issn":["0948-695X","0948-6968"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310317875","host_organization_name":"Verlag der Technischen Universit\u00e4t Graz","host_organization_lineage":["https://openalex.org/P4310317875"],"host_organization_lineage_names":["Verlag der Technischen Universit\u00e4t Graz"],"type":"journal"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":"JUCS - Journal of Universal Computer Science","raw_type":null}],"best_oa_location":{"id":"pmh:oai:zenodo.org:5505179","is_oa":true,"landing_page_url":"https://zenodo.org/record/5505179","pdf_url":"https://zenodo.org/record/5505179","source":{"id":"https://openalex.org/S4306400562","display_name":"Zenodo (CERN European Organization for Nuclear Research)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I67311998","host_organization_name":"European Organization for Nuclear Research","host_organization_lineage":["https://openalex.org/I67311998"],"host_organization_lineage_names":[],"type":"repository"},"license":"other-oa","license_id":"https://openalex.org/licenses/other-oa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"JUCS - Journal of Universal Computer Science 18((6)) 732-749","raw_type":"info:eu-repo/semantics/article"},"sustainable_development_goals":[{"score":0.6399999856948853,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2121558310.pdf"},"referenced_works_count":36,"referenced_works":["https://openalex.org/W1501321335","https://openalex.org/W1502612012","https://openalex.org/W1546149892","https://openalex.org/W1551571370","https://openalex.org/W1567552421","https://openalex.org/W1587981097","https://openalex.org/W1655226010","https://openalex.org/W1825457006","https://openalex.org/W1831066781","https://openalex.org/W1863670505","https://openalex.org/W1975482862","https://openalex.org/W1989060313","https://openalex.org/W1990653630","https://openalex.org/W1991766488","https://openalex.org/W2006611045","https://openalex.org/W2039691436","https://openalex.org/W2053945117","https://openalex.org/W2063431930","https://openalex.org/W2079025608","https://openalex.org/W2090649853","https://openalex.org/W2098010707","https://openalex.org/W2098683983","https://openalex.org/W2101699859","https://openalex.org/W2102970979","https://openalex.org/W2108376255","https://openalex.org/W2111284364","https://openalex.org/W2115281393","https://openalex.org/W2119852587","https://openalex.org/W2128217000","https://openalex.org/W2132811257","https://openalex.org/W2150277819","https://openalex.org/W2150847526","https://openalex.org/W2225446114","https://openalex.org/W2334230100","https://openalex.org/W2479612266","https://openalex.org/W2978757628"],"related_works":["https://openalex.org/W1996080364","https://openalex.org/W83876155","https://openalex.org/W2121141821","https://openalex.org/W2098010707","https://openalex.org/W2026347877","https://openalex.org/W1982950099","https://openalex.org/W2903302155","https://openalex.org/W1969339582","https://openalex.org/W2120437267","https://openalex.org/W1986569464","https://openalex.org/W2978690576","https://openalex.org/W2585324360","https://openalex.org/W2899970165","https://openalex.org/W2286062407","https://openalex.org/W3020788524","https://openalex.org/W2792865563","https://openalex.org/W3111758516","https://openalex.org/W3017785638","https://openalex.org/W2015633796","https://openalex.org/W1496810197"],"abstract_inverted_index":{"This":[0],"paper":[1],"describes":[2],"a":[3,59,147],"study":[4],"on":[5,133],"how":[6],"cyber":[7,60,119],"security":[8],"experts":[9,76,107],"assess":[10],"the":[11,18,42,50,56,64,80,106,118,140,160],"importance":[12],"of":[13,20,49,58,86,112,156],"three":[14],"variables":[15,52],"related":[16],"to":[17,110,166],"probability":[19],"successful":[21],"remote":[22],"code":[23],"execution":[24],"attacks:":[25],"(i)":[26],"non-executable":[27],"memory,":[28],"(ii)":[29],"access":[30,78],"and":[31,84],"(iii)":[32],"exploits":[33,87],"for":[34,88],"High":[35,89],"or":[36],"Medium":[37,95],"vulnerabilities":[38,90],"as":[39,79,91,102,138],"defined":[40],"by":[41,55,72,105],"Common":[43],"Vulnerability":[44],"Scoring":[45],"System.":[46],"The":[47,67],"rest":[48],"relevant":[51],"were":[53],"fixed":[54],"environment":[57],"defense":[61,120],"exercise":[62],"where":[63],"respondents":[65],"participated.":[66],"questionnaire":[68],"was":[69,99],"fully":[70],"completed":[71],"fifteen":[73],"experts.":[74],"These":[75,122],"perceived":[77],"most":[81],"important":[82,93],"variable":[83],"availability":[85],"more":[92],"than":[94],"vulnerabilities.":[96],"Non-executable":[97],"memory":[98],"not":[100],"seen":[101],"significant.":[103],"Estimates":[104],"are":[108,163],"compared":[109],"observations":[111],"actual":[113],"attacks":[114],"carried":[115],"out":[116],"during":[117],"exercise.":[121],"comparisons":[123],"show":[124,146],"that":[125],"experts'":[126,161],"in":[127,139],"general":[128],"provide":[129],"fairly":[130],"inaccurate":[131],"advice":[132],"an":[134],"abstraction":[135],"level":[136],"such":[137],"present":[141],"study.":[142],"However,":[143],"results":[144],"also":[145],"prediction":[148],"model":[149],"constructed":[150],"through":[151],"expert":[152],"judgment":[153],"likely":[154],"is":[155],"better":[157],"quality":[158],"if":[159],"estimates":[162],"weighted":[164],"according":[165],"their":[167],"expertise.":[168]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1},{"year":2019,"cited_by_count":2},{"year":2017,"cited_by_count":1},{"year":2016,"cited_by_count":2},{"year":2014,"cited_by_count":1},{"year":2013,"cited_by_count":5},{"year":2012,"cited_by_count":2}],"updated_date":"2026-03-25T23:56:10.502304","created_date":"2025-10-10T00:00:00"}