FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W4308648311> ?p ?o ?g. }

• W4308648311 abstract "The coordinated vulnerability disclosure (CVD) process is commonly adopted for open source software (OSS) vulnerability management, which suggests to privately report the discovered vulnerabilities and keep relevant information secret until the official disclosure. However, in practice, due to various reasons (e.g., lacking security domain expertise or the sense of security management), many vulnerabilities are first reported via public issue reports (IRs) before its official disclosure. Such IRs are dangerous IRs, since attackers can take advantages of the leaked vulnerability information to launch zero-day attacks. It is crucial to identify such dangerous IRs at an early stage, such that OSS users can start the vulnerability remediation process earlier and OSS maintainers can timely manage the dangerous IRs. In this paper, we propose and evaluate a deep learning based approach, namely MemVul, to automatically identify dangerous IRs at the time they are reported. MemVul augments the neural networks with a memory component, which stores the external vulnerability knowledge from Common Weakness Enumeration (CWE). We rely on publicly accessible CVE-referred IRs (CIRs) to operationalize the concept of dangerous IR. We mine 3,937 CIRs distributed across 1,390 OSS projects hosted on GitHub. Evaluated under a practical scenario of high data imbalance, MemVul achieves the best trade-off between precision and recall among all baselines. In particular, the F1-score of MemVul (i.e., 0.49) improves the best performing baseline by 44%. For IRs that are predicted as CIRs but not reported to CVE, we conduct a user study to investigate their usefulness to OSS stakeholders. We observe that 82% (41 out of 50) of these IRs are security-related and 28 of them are suggested by security experts to be publicly disclosed, indicating MemVul is capable of identifying undisclosed dangerous IRs." @default.
• W4308648311 created "2022-11-13" @default.
• W4308648311 creator A5001026491 @default.
• W4308648311 creator A5006669765 @default.
• W4308648311 creator A5007075465 @default.
• W4308648311 creator A5010426195 @default.
• W4308648311 creator A5012386754 @default.
• W4308648311 creator A5032675988 @default.
• W4308648311 creator A5074936634 @default.
• W4308648311 creator A5091586373 @default.
• W4308648311 date "2022-11-07" @default.
• W4308648311 modified "2023-10-06" @default.
• W4308648311 title "Automated unearthing of dangerous issue reports" @default.
• W4308648311 cites W1553724776 @default.
• W4308648311 cites W1832693441 @default.
• W4308648311 cites W1966716734 @default.
• W4308648311 cites W1971733255 @default.
• W4308648311 cites W1976526581 @default.
• W4308648311 cites W1978301647 @default.
• W4308648311 cites W2003125472 @default.
• W4308648311 cites W2010985317 @default.
• W4308648311 cites W2065890363 @default.
• W4308648311 cites W2079317829 @default.
• W4308648311 cites W2101726875 @default.
• W4308648311 cites W2123493477 @default.
• W4308648311 cites W2127589108 @default.
• W4308648311 cites W2148615889 @default.
• W4308648311 cites W2510940142 @default.
• W4308648311 cites W2740329368 @default.
• W4308648311 cites W2766078311 @default.
• W4308648311 cites W2766411424 @default.
• W4308648311 cites W2766521509 @default.
• W4308648311 cites W2781021471 @default.
• W4308648311 cites W2809528855 @default.
• W4308648311 cites W2886714101 @default.
• W4308648311 cites W2896373185 @default.
• W4308648311 cites W2977587678 @default.
• W4308648311 cites W3034942609 @default.
• W4308648311 cites W3046453918 @default.
• W4308648311 cites W3089437400 @default.
• W4308648311 cites W3089756992 @default.
• W4308648311 cites W3089785161 @default.
• W4308648311 cites W3094525800 @default.
• W4308648311 cites W3098598077 @default.
• W4308648311 cites W3125205154 @default.
• W4308648311 cites W3134770171 @default.
• W4308648311 cites W3145506869 @default.
• W4308648311 cites W3162044134 @default.
• W4308648311 cites W3168865857 @default.
• W4308648311 cites W4232736849 @default.
• W4308648311 cites W4234367654 @default.
• W4308648311 doi "https://doi.org/10.1145/3540250.3549156" @default.
• W4308648311 hasPublicationYear "2022" @default.
• W4308648311 type Work @default.
• W4308648311 citedByCount "1" @default.
• W4308648311 countsByYear W43086483112023 @default.
• W4308648311 crossrefType "proceedings-article" @default.
• W4308648311 hasAuthorship W4308648311A5001026491 @default.
• W4308648311 hasAuthorship W4308648311A5006669765 @default.
• W4308648311 hasAuthorship W4308648311A5007075465 @default.
• W4308648311 hasAuthorship W4308648311A5010426195 @default.
• W4308648311 hasAuthorship W4308648311A5012386754 @default.
• W4308648311 hasAuthorship W4308648311A5032675988 @default.
• W4308648311 hasAuthorship W4308648311A5074936634 @default.
• W4308648311 hasAuthorship W4308648311A5091586373 @default.
• W4308648311 hasConcept C108827166 @default.
• W4308648311 hasConcept C111472728 @default.
• W4308648311 hasConcept C111919701 @default.
• W4308648311 hasConcept C137176749 @default.
• W4308648311 hasConcept C138885662 @default.
• W4308648311 hasConcept C15744967 @default.
• W4308648311 hasConcept C167063184 @default.
• W4308648311 hasConcept C17744445 @default.
• W4308648311 hasConcept C184356942 @default.
• W4308648311 hasConcept C199539241 @default.
• W4308648311 hasConcept C38652104 @default.
• W4308648311 hasConcept C41008148 @default.
• W4308648311 hasConcept C542102704 @default.
• W4308648311 hasConcept C9354725 @default.
• W4308648311 hasConcept C95713431 @default.
• W4308648311 hasConcept C98045186 @default.
• W4308648311 hasConceptScore W4308648311C108827166 @default.
• W4308648311 hasConceptScore W4308648311C111472728 @default.
• W4308648311 hasConceptScore W4308648311C111919701 @default.
• W4308648311 hasConceptScore W4308648311C137176749 @default.
• W4308648311 hasConceptScore W4308648311C138885662 @default.
• W4308648311 hasConceptScore W4308648311C15744967 @default.
• W4308648311 hasConceptScore W4308648311C167063184 @default.
• W4308648311 hasConceptScore W4308648311C17744445 @default.
• W4308648311 hasConceptScore W4308648311C184356942 @default.
• W4308648311 hasConceptScore W4308648311C199539241 @default.
• W4308648311 hasConceptScore W4308648311C38652104 @default.
• W4308648311 hasConceptScore W4308648311C41008148 @default.
• W4308648311 hasConceptScore W4308648311C542102704 @default.
• W4308648311 hasConceptScore W4308648311C9354725 @default.
• W4308648311 hasConceptScore W4308648311C95713431 @default.
• W4308648311 hasConceptScore W4308648311C98045186 @default.
• W4308648311 hasFunder F4320335787 @default.
• W4308648311 hasLocation W43086483111 @default.
• W4308648311 hasOpenAccess W4308648311 @default.

• next