{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T03:52:23Z","timestamp":1725594743015},"publisher-location":"Berlin, Heidelberg","reference-count":14,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642225765"},{"type":"electronic","value":"9783642225772"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-22577-2_38","type":"book-chapter","created":{"date-parts":[[2011,7,6]],"date-time":"2011-07-06T08:41:43Z","timestamp":1309941703000},"page":"282-287","source":"Crossref","is-referenced-by-count":1,"title":["A Framework for Vulnerability Analysis during Software Maintenance"],"prefix":"10.1007","author":[{"given":"Jitender Kumar","family":"Chhabra","sequence":"first","affiliation":[]},{"given":"Amarjeet","family":"Prajapati","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"38_CR1","volume-title":"Building Secure Software","author":"J. Viega","year":"2005","unstructured":"Viega, J., McGraw, G.: Building Secure Software. Addition Wesley, Reading (2005)"},{"key":"38_CR2","unstructured":"SANS, http:\/\/www.sans.org\/"},{"key":"38_CR3","unstructured":"Common Weakness Enumeration, http:\/\/www.cwe.mitre.org"},{"key":"38_CR4","unstructured":"Common Vulnerability Scoring System, http:\/\/www.first.org.cvss"},{"key":"38_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/11555827_14","volume-title":"Computer Security \u2013 ESORICS 2005","author":"I. Ray","year":"2005","unstructured":"Ray, I., Nayot, P.: Using Attack Trees to Identify Malicious Attacks from Authorized Insiders. In: di Vimercati, S.C., Syverson, P.F., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol.\u00a03679, pp. 231\u2013246. Springer, Heidelberg (2005)"},{"key":"38_CR6","doi-asserted-by":"crossref","unstructured":"Byers, D., Shahmehri, N.: A Cause-Based Approach to Preventing Software Vulnerabilities. In: The Third International Conference on Availability, Reliability and Security, pp. 276\u2013283 (2008)","DOI":"10.1109\/ARES.2008.12"},{"key":"38_CR7","doi-asserted-by":"crossref","unstructured":"Kloos, J., Elberzgager, F., Eschbach, R.: Systmatic Construction of Goal Indicator Trees for Indicator-Based Dependability Inspections. In: 36th Conference on Software Engineering and Advanced Applications (SEAA), pp. 279\u2013282 (2010)","DOI":"10.1109\/SEAA.2010.28"},{"key":"38_CR8","volume-title":"Workshop on Software Engineering for Secure Systems (SESS)","author":"D. Byers","year":"2010","unstructured":"Byers, D., Shahmehri, N.: Unified modeling of attacks, vulnerabilities and security Activities. In: Workshop on Software Engineering for Secure Systems (SESS). ACM, Cape Town (2010)"},{"key":"38_CR9","unstructured":"Incident handling analysis CERT\/CSIRT style Hand-on training. Cyber Security Malaysia (2010)"},{"key":"38_CR10","doi-asserted-by":"crossref","unstructured":"Byers, D., Ardi, S., Shahmehri, N., Duma, C.: Modeling Software Vulnerabilities With Vulnerability Cause Graphs. In: 22nd IEEE International Conference on Software Maintenance, pp. 411\u2013422 (2006)","DOI":"10.1109\/ICSM.2006.40"},{"key":"38_CR11","doi-asserted-by":"crossref","unstructured":"Ardi, S., Shahmehri, N.: A Post-Mortem Incident Modeling Method. International Conference on Availability, Reliability and Security, 1018\u20131023 (2009)","DOI":"10.1109\/ARES.2009.108"},{"key":"38_CR12","unstructured":"http:\/\/www.valvesoftware.com\/games\/"},{"key":"38_CR13","unstructured":"http:\/\/www.cvedetails.com\/cve-details\/"},{"key":"38_CR14","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1109\/MSP.2006.145","volume":"4","author":"M. Mell","year":"2006","unstructured":"Mell, M., Scarfone, K., Romanosky, S.: Common Vulnerability Scoring System. IEEE Security & Privacy\u00a04, 85\u201389 (2006)","journal-title":"IEEE Security & Privacy"}],"container-title":["Communications in Computer and Information Science","High Performance Architecture and Grid Computing"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-22577-2_38","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,12]],"date-time":"2019-06-12T15:50:22Z","timestamp":1560354622000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-22577-2_38"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642225765","9783642225772"],"references-count":14,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-22577-2_38","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2011]]}}}