{"id":"https://openalex.org/W3185585282","doi":"https://doi.org/10.3390/info12080298","title":"Tracing CVE Vulnerability Information to CAPEC Attack Patterns Using Natural Language Processing Techniques","display_name":"Tracing CVE Vulnerability Information to CAPEC Attack Patterns Using Natural Language Processing Techniques","publication_year":2021,"publication_date":"2021-07-26","ids":{"openalex":"https://openalex.org/W3185585282","doi":"https://doi.org/10.3390/info12080298","mag":"3185585282"},"language":"en","primary_location":{"id":"doi:10.3390/info12080298","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info12080298","pdf_url":"https://www.mdpi.com/2078-2489/12/8/298/pdf?version=1627374974","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://www.mdpi.com/2078-2489/12/8/298/pdf?version=1627374974","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5071781171","display_name":"Kenta Kanakogi","orcid":null},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":true,"raw_author_name":"Kenta Kanakogi","raw_affiliation_strings":["Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033111691","display_name":"Hironori Washizaki","orcid":"https://orcid.org/0000-0002-1417-9879"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hironori Washizaki","raw_affiliation_strings":["Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088654194","display_name":"Yoshiaki Fukazawa","orcid":"https://orcid.org/0000-0003-0196-2108"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Yoshiaki Fukazawa","raw_affiliation_strings":["Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan","institution_ids":["https://openalex.org/I150744194"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5018793641","display_name":"Shinpei Ogata","orcid":"https://orcid.org/0000-0001-6996-3073"},"institutions":[{"id":"https://openalex.org/I137975476","display_name":"Shinshu University","ror":"https://ror.org/0244rem06","country_code":"JP","type":"education","lineage":["https://openalex.org/I137975476"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Shinpei Ogata","raw_affiliation_strings":["Institute of Engineering, Academic Assembly, Shinshu University, Nagano City, Nagano 380-8553, Japan"],"affiliations":[{"raw_affiliation_string":"Institute of Engineering, Academic Assembly, Shinshu University, Nagano City, Nagano 380-8553, Japan","institution_ids":["https://openalex.org/I137975476"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043970801","display_name":"Takao Okubo","orcid":"https://orcid.org/0000-0002-4490-1420"},"institutions":[{"id":"https://openalex.org/I4210138172","display_name":"Institute of Information Security","ror":"https://ror.org/03rmfrm44","country_code":"JP","type":"education","lineage":["https://openalex.org/I4210138172"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takao Okubo","raw_affiliation_strings":["Institute of Information Security, Yokohama, Kanagawa 221-0835, Japan"],"affiliations":[{"raw_affiliation_string":"Institute of Information Security, Yokohama, Kanagawa 221-0835, Japan","institution_ids":["https://openalex.org/I4210138172"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5102845630","display_name":"Takehisa Kato","orcid":"https://orcid.org/0000-0003-2194-4230"},"institutions":[{"id":"https://openalex.org/I65143321","display_name":"Hitachi (Japan)","ror":"https://ror.org/02exqgm79","country_code":"JP","type":"company","lineage":["https://openalex.org/I65143321"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Takehisa Kato","raw_affiliation_strings":["Hitachi, Ltd., Chiyoda-ku, Tokyo 100-8280, Japan"],"affiliations":[{"raw_affiliation_string":"Hitachi, Ltd., Chiyoda-ku, Tokyo 100-8280, Japan","institution_ids":["https://openalex.org/I65143321"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5032822998","display_name":"Hideyuki Kanuka","orcid":"https://orcid.org/0000-0002-8560-8714"},"institutions":[{"id":"https://openalex.org/I65143321","display_name":"Hitachi (Japan)","ror":"https://ror.org/02exqgm79","country_code":"JP","type":"company","lineage":["https://openalex.org/I65143321"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Hideyuki Kanuka","raw_affiliation_strings":["Hitachi, Ltd., Chiyoda-ku, Tokyo 100-8280, Japan"],"affiliations":[{"raw_affiliation_string":"Hitachi, Ltd., Chiyoda-ku, Tokyo 100-8280, Japan","institution_ids":["https://openalex.org/I65143321"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5066888821","display_name":"Atsuo Hazeyama","orcid":"https://orcid.org/0000-0002-6583-1521"},"institutions":[{"id":"https://openalex.org/I161107111","display_name":"Tokyo Gakugei University","ror":"https://ror.org/00khh5r84","country_code":"JP","type":"education","lineage":["https://openalex.org/I161107111"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Atsuo Hazeyama","raw_affiliation_strings":["Department of Information Science, Tokyo Gakugei University, Koganei-shi, Tokyo 184-8501, Japan"],"affiliations":[{"raw_affiliation_string":"Department of Information Science, Tokyo Gakugei University, Koganei-shi, Tokyo 184-8501, Japan","institution_ids":["https://openalex.org/I161107111"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018128809","display_name":"Nobukazu Yoshioka","orcid":"https://orcid.org/0000-0002-1986-5675"},"institutions":[{"id":"https://openalex.org/I150744194","display_name":"Waseda University","ror":"https://ror.org/00ntfnx83","country_code":"JP","type":"education","lineage":["https://openalex.org/I150744194"]}],"countries":["JP"],"is_corresponding":false,"raw_author_name":"Nobukazu Yoshioka","raw_affiliation_strings":["Research Institute for Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan"],"affiliations":[{"raw_affiliation_string":"Research Institute for Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan","institution_ids":["https://openalex.org/I150744194"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":9,"corresponding_author_ids":["https://openalex.org/A5071781171"],"corresponding_institution_ids":["https://openalex.org/I150744194"],"apc_list":{"value":1400,"currency":"CHF","value_usd":1515},"apc_paid":{"value":1400,"currency":"CHF","value_usd":1515},"fwci":7.1615,"has_fulltext":false,"cited_by_count":38,"citation_normalized_percentile":{"value":0.97052249,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":100},"biblio":{"volume":"12","issue":"8","first_page":"298","last_page":"298"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9962999820709229,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9958000183105469,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9921000003814697,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7942692041397095},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5408210754394531},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5277591347694397},{"id":"https://openalex.org/keywords/sentence","display_name":"Sentence","score":0.46747729182243347},{"id":"https://openalex.org/keywords/tracing","display_name":"Tracing","score":0.42241576313972473},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.40304452180862427},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.341820627450943},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.23539355397224426}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7942692041397095},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5408210754394531},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5277591347694397},{"id":"https://openalex.org/C2777530160","wikidata":"https://www.wikidata.org/wiki/Q41796","display_name":"Sentence","level":2,"score":0.46747729182243347},{"id":"https://openalex.org/C138673069","wikidata":"https://www.wikidata.org/wiki/Q322229","display_name":"Tracing","level":2,"score":0.42241576313972473},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40304452180862427},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.341820627450943},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.23539355397224426},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.3390/info12080298","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info12080298","pdf_url":"https://www.mdpi.com/2078-2489/12/8/298/pdf?version=1627374974","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:0c5346af1e724bf48a9d297eaa834c32","is_oa":true,"landing_page_url":"https://doaj.org/article/0c5346af1e724bf48a9d297eaa834c32","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information, Vol 12, Iss 8, p 298 (2021)","raw_type":"article"},{"id":"pmh:oai:mdpi.com:/2078-2489/12/8/298/","is_oa":true,"landing_page_url":"https://dx.doi.org/10.3390/info12080298","pdf_url":null,"source":{"id":"https://openalex.org/S4306400947","display_name":"MDPI (MDPI AG)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210097602","host_organization_name":"Multidisciplinary Digital Publishing Institute (Switzerland)","host_organization_lineage":["https://openalex.org/I4210097602"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Information; Volume 12; Issue 8; Pages: 298","raw_type":"Text"}],"best_oa_location":{"id":"doi:10.3390/info12080298","is_oa":true,"landing_page_url":"https://doi.org/10.3390/info12080298","pdf_url":"https://www.mdpi.com/2078-2489/12/8/298/pdf?version=1627374974","source":{"id":"https://openalex.org/S4210219776","display_name":"Information","issn_l":"2078-2489","issn":["2078-2489"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310310987","host_organization_name":"Multidisciplinary Digital Publishing Institute","host_organization_lineage":["https://openalex.org/P4310310987"],"host_organization_lineage_names":["Multidisciplinary Digital Publishing Institute"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Information","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3185585282.pdf","grobid_xml":"https://content.openalex.org/works/W3185585282.grobid-xml"},"referenced_works_count":35,"referenced_works":["https://openalex.org/W1943673337","https://openalex.org/W1970665556","https://openalex.org/W1976782117","https://openalex.org/W2023070166","https://openalex.org/W2026498605","https://openalex.org/W2033742178","https://openalex.org/W2095368471","https://openalex.org/W2106605226","https://openalex.org/W2158924227","https://openalex.org/W2184891156","https://openalex.org/W2199758790","https://openalex.org/W2288926761","https://openalex.org/W2782101021","https://openalex.org/W2786453484","https://openalex.org/W2788153147","https://openalex.org/W2789353435","https://openalex.org/W2798046836","https://openalex.org/W2804575022","https://openalex.org/W2887030713","https://openalex.org/W2891177506","https://openalex.org/W2891239693","https://openalex.org/W2897098357","https://openalex.org/W2953017892","https://openalex.org/W2965629907","https://openalex.org/W2970641574","https://openalex.org/W2979496624","https://openalex.org/W2990865522","https://openalex.org/W3001487619","https://openalex.org/W3020150676","https://openalex.org/W3037506598","https://openalex.org/W3046948557","https://openalex.org/W3116504526","https://openalex.org/W3128039057","https://openalex.org/W3161197673","https://openalex.org/W6753555196"],"related_works":["https://openalex.org/W2331043530","https://openalex.org/W3122267592","https://openalex.org/W2042616262","https://openalex.org/W17195039","https://openalex.org/W2779961139","https://openalex.org/W3015380456","https://openalex.org/W2053293719","https://openalex.org/W4313255991","https://openalex.org/W102412348","https://openalex.org/W2974974307"],"abstract_inverted_index":{"For":[0],"effective":[1],"vulnerability":[2,4,81],"management,":[3],"and":[5,12,25,39,51,128,133],"attack":[6,43,77],"information":[7,66,78,82],"must":[8],"be":[9,90],"collected":[10],"quickly":[11],"efficiently.":[13],"A":[14],"security":[15],"knowledge":[16],"repository":[17],"can":[18,89],"collect":[19],"such":[20],"information.":[21],"The":[22],"Common":[23,35,96],"Vulnerabilities":[24],"Exposures":[26],"(CVE)":[27],"provides":[28],"known":[29,58],"vulnerabilities":[30],"of":[31,48,152,171],"products,":[32],"while":[33],"the":[34,62,65,86,93,114,153,163,172,176],"Attack":[36],"Pattern":[37],"Enumeration":[38,98],"Classification":[40],"(CAPEC)":[41],"stores":[42],"patterns,":[44],"which":[45],"are":[46,71],"descriptions":[47],"common":[49],"attributes":[50],"approaches":[52],"employed":[53],"by":[54],"adversaries":[55],"to":[56,61,111,150,175],"exploit":[57],"weaknesses.":[59],"Due":[60],"fact":[63],"that":[64,160],"in":[67,100],"these":[68],"two":[69],"repositories":[70],"not":[72,103],"linked,":[73],"identifying":[74],"related":[75,87,115,149,177],"CAPEC":[76],"from":[79,92,117],"CVE":[80],"is":[83,162],"challenging.":[84],"Currently,":[85],"CAPEC-ID":[88],"traced":[91,169],"CVE-ID":[94,118],"using":[95,119],"Weakness":[97],"(CWE)":[99],"some":[101],"but":[102],"all":[104],"cases.":[105],"Here,":[106],"we":[107,142,145,157],"propose":[108],"a":[109],"method":[110],"automatically":[112],"trace":[113,147],"CAPEC-IDs":[116,148],"three":[120],"similarity":[121,165],"measures:":[122],"TF\u2013IDF,":[123],"Universal":[124],"Sentence":[125],"Encoder":[126],"(USE),":[127],"Sentence-BERT":[129],"(SBERT).":[130],"We":[131],"prepared":[132],"used":[134],"58":[135,154,173],"CVE-IDs":[136,174],"as":[137,167],"test":[138],"input":[139],"data.":[140],"Then,":[141],"tested":[143],"whether":[144],"could":[146],"each":[151],"CVE-IDs.":[155],"Additionally,":[156],"experimentally":[158],"confirm":[159],"TF\u2013IDF":[161],"best":[164],"measure,":[166],"it":[168],"48":[170],"CAPEC-ID.":[178]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":10},{"year":2024,"cited_by_count":10},{"year":2023,"cited_by_count":8},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":1}],"updated_date":"2026-02-27T16:54:17.756197","created_date":"2025-10-10T00:00:00"}