{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T19:07:50Z","timestamp":1757617670388,"version":"3.44.0"},"publisher-location":"Singapore","reference-count":33,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819624164"},{"type":"electronic","value":"9789819624171"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-2417-1_8","type":"book-chapter","created":{"date-parts":[[2025,3,3]],"date-time":"2025-03-03T09:51:25Z","timestamp":1740995485000},"page":"138-157","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Graph-Based Profiling of\u00a0Dependency Vulnerability Remediation"],"prefix":"10.1007","author":[{"given":"Fernando Vera","family":"Buschmann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Palina","family":"Pauliuchenka","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ethan","family":"Oh","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bai Chien","family":"Kao","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Louis","family":"DiValentin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"David A.","family":"Bader","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,3,4]]},"reference":[{"key":"8_CR1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.103028","volume":"125","author":"M Alanazi","year":"2023","unstructured":"Alanazi, M., Mahmood, A., Chowdhury, M.J.M.: SCADA vulnerabilities and attacks: a review of the state-of-the-art and open issues. Comput. Secur. 125, 103028 (2023)","journal-title":"Comput. Secur."},{"issue":"3","key":"8_CR2","doi-asserted-by":"publisher","first-page":"59","DOI":"10.1007\/s10664-022-10278-4","volume":"28","author":"M Alfadel","year":"2023","unstructured":"Alfadel, M., Costa, D.E., Shihab, E.: Empirical analysis of security vulnerabilities in python packages. Empirical Softw. Eng. 28(3), 59 (2023)","journal-title":"Empirical Softw. Eng."},{"key":"8_CR3","doi-asserted-by":"publisher","first-page":"90597","DOI":"10.1109\/ACCESS.2022.3185069","volume":"10","author":"RR Althar","year":"2022","unstructured":"Althar, R.R., Samanta, D., Kaur, M., Singh, D., Lee, H.N.: Automated risk management based software security vulnerabilities management. IEEE Access 10, 90597\u201390608 (2022)","journal-title":"IEEE Access"},{"issue":"7","key":"8_CR4","doi-asserted-by":"publisher","first-page":"2193","DOI":"10.1016\/j.cor.2008.08.016","volume":"36","author":"A Arulselvan","year":"2009","unstructured":"Arulselvan, A., Commander, C.W., Elefteriadou, L., Pardalos, P.M.: Detecting critical nodes in sparse graphs. Comput. Oper. Res. 36(7), 2193\u20132200 (2009)","journal-title":"Comput. Oper. Res."},{"key":"8_CR5","doi-asserted-by":"crossref","unstructured":"Bader, D.A., Madduri, K.: Parallel algorithms for evaluating centrality indices in real-world networks. In: 2006 International Conference on Parallel Processing (ICPP 2006), pp. 539\u2013550 (2006)","DOI":"10.1109\/ICPP.2006.57"},{"issue":"6","key":"8_CR6","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1109\/MS.2016.147","volume":"33","author":"C Ebert","year":"2016","unstructured":"Ebert, C., Cain, J., Antoniol, G., Counsell, S., Laplante, P.: Cyclomatic complexity. IEEE Softw. 33(6), 27\u201329 (2016)","journal-title":"IEEE Softw."},{"key":"8_CR7","doi-asserted-by":"publisher","unstructured":"Fan, J., Li, Y., Wang, S., Nguyen, T.N.: A C\/C++ code vulnerability dataset with code changes and CVE summaries. In: Proceedings of the 17th International Conference on Mining Software Repositories, MSR 2020, pp. 508\u2013512. Association for Computing Machinery, New York (2020). https:\/\/doi.org\/10.1145\/3379597.3387501. ISBN 9781450375177","DOI":"10.1145\/3379597.3387501"},{"key":"8_CR8","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2021.111031","volume":"180","author":"G Giray","year":"2021","unstructured":"Giray, G.: A software engineering perspective on engineering machine learning systems: State of the art and challenges. J. Syst. Softw. 180, 111031 (2021)","journal-title":"J. Syst. Softw."},{"key":"8_CR9","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1016\/j.infsof.2015.08.002","volume":"68","author":"K Goseva-Popstojanova","year":"2015","unstructured":"Goseva-Popstojanova, K., Perhinschi, A.: On the capability of static code analysis to detect security vulnerabilities. Inf. Softw. Technol. 68, 18\u201333 (2015)","journal-title":"Inf. Softw. Technol."},{"key":"8_CR10","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1016\/j.patcog.2017.04.018","volume":"70","author":"L He","year":"2017","unstructured":"He, L., Ren, X., Gao, Q., Zhao, X., Yao, B., Chao, Y.: The connected-component labeling problem: a review of state-of-the-art algorithms. Pattern Recogn. 70, 25\u201343 (2017)","journal-title":"Pattern Recogn."},{"issue":"4","key":"8_CR11","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3447772","volume":"54","author":"A Hogan","year":"2021","unstructured":"Hogan, A., et al.: Knowledge graphs. ACM Comput. Surv. 54(4), 1\u201337 (2021)","journal-title":"ACM Comput. Surv."},{"key":"8_CR12","doi-asserted-by":"crossref","unstructured":"Imtiaz, N., Thorn, S., Williams, L.: A comparative study of vulnerability reporting by software composition analysis tools. In: Proceedings of the 15th ACM\/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), pp. 1\u201311 (2021)","DOI":"10.1145\/3475716.3475769"},{"issue":"1","key":"8_CR13","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1016\/j.eng.2018.01.004","volume":"4","author":"Y Jia","year":"2018","unstructured":"Jia, Y., Qi, Y., Shang, H., Jiang, R., Li, A.: A practical approach to constructing a Knowledge Graph for cybersecurity. Engineering 4(1), 53\u201360 (2018)","journal-title":"Engineering"},{"issue":"15","key":"8_CR14","doi-asserted-by":"publisher","first-page":"2287","DOI":"10.3390\/electronics11152287","volume":"11","author":"K Liu","year":"2022","unstructured":"Liu, K., Wang, F., Ding, Z., Liang, S., Zhengfei, Yu., Zhou, Y.: Recent progress of using knowledge graph for cybersecurity. Electronics 11(15), 2287 (2022)","journal-title":"Electronics"},{"key":"8_CR15","unstructured":"Liu, K., Wang, F., Ding, Z., Liang, S., Yu, Z., Zhou, Y.: A review of knowledge graph application scenarios in cybersecurity. arXiv preprintarXiv:2204.04769 (2022)"},{"key":"8_CR16","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1109\/TSE.1976.233837","volume":"4","author":"TJ McCabe","year":"1976","unstructured":"McCabe, T.J.: A complexity measure. IEEE Trans. Softw. Eng. 4, 308\u2013320 (1976)","journal-title":"IEEE Trans. Softw. Eng."},{"issue":"2","key":"8_CR17","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.67.026126","volume":"67","author":"MEJ Newman","year":"2003","unstructured":"Newman, M.E.J.: Mixing patterns in networks. Phys. Rev. E 67(2), 026126 (2003)","journal-title":"Phys. Rev. E"},{"issue":"4","key":"8_CR18","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1016\/0049-089X(73)90010-0","volume":"2","author":"UJ Nieminen","year":"1973","unstructured":"Nieminen, U.J.: On the centrality in a directed graph. Soc. Sci. Res. 2(4), 371\u2013378 (1973)","journal-title":"Soc. Sci. Res."},{"key":"8_CR19","doi-asserted-by":"crossref","unstructured":"Park, N., Kan, A., Dong, X.L., Zhao, T., Faloutsos, C.: Estimating node importance in knowledge graphs using graph neural networks. In: Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery Data Mining, pp. 596\u2013606 (2019)","DOI":"10.1145\/3292500.3330855"},{"key":"8_CR20","unstructured":"Platt, E.L.: Network Science with Python and NetworkX Quick Start Guide: Explore and Visualize Network Data Effectively. Packt Publishing Ltd (2019)"},{"key":"8_CR21","doi-asserted-by":"crossref","unstructured":"Rodriguez, O.A., Du, Z., Patchett, J., Li, F., Bader, D.A.: Arachne: an arkouda package for large-scale graph analytics. In: 2022 IEEE High Performance Extreme Computing Conference (HPEC), pp. 1\u20137. IEEE (2022)","DOI":"10.1109\/HPEC55821.2022.9991947"},{"issue":"2","key":"8_CR22","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevE.75.027105","volume":"75","author":"J Saram\u00e4ki","year":"2007","unstructured":"Saram\u00e4ki, J., Kivel\u00e4, M., Onnela, J.-P., Kaski, K., Kertesz, J.: Generalizations of the clustering coefficient to weighted complex networks. Phys. Rev. E 75(2), 027105 (2007)","journal-title":"Phys. Rev. E"},{"key":"8_CR23","doi-asserted-by":"crossref","unstructured":"Sarwar, M.M.S., Shahzad, S., Ahmad, I.: Cyclomatic complexity: the nesting problem. In: Eighth International Conference on Digital Information Management (ICDIM 2013), pp. 274\u2013279. IEEE (2013)","DOI":"10.1109\/ICDIM.2013.6693981"},{"key":"8_CR24","doi-asserted-by":"crossref","unstructured":"Sikos, L.F.: Cybersecurity knowledge graphs. Knowl. Inf. Syst. 1\u201321 (2023)","DOI":"10.1007\/s10115-023-01860-3"},{"key":"8_CR25","doi-asserted-by":"crossref","unstructured":"Sparks, S., Embleton, S., Cunningham, R., Zou, C.: Automated vulnerability analysis: Leveraging control flow for evolutionary input crafting. In: Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007), pp. 477\u2013486. IEEE (2007)","DOI":"10.1109\/ACSAC.2007.27"},{"key":"8_CR26","doi-asserted-by":"crossref","unstructured":"Szab\u00f3, T.: Incrementalizing production CodeQL analyses. arXiv preprintarXiv:2308.09660 (2023)","DOI":"10.1145\/3611643.3613860"},{"key":"8_CR27","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2022.111541","volume":"195","author":"\u00c1J Varela-Vaca","year":"2023","unstructured":"Varela-Vaca, \u00c1.J., Borrego, D., G\u00f3mez-L\u00f3pez, M.T., Gasca, R.M., M\u00e1rquez, A.G.: Feature models to boost the vulnerability management process. J. Syst. Softw 195, 111541 (2023)","journal-title":"J. Syst. Softw"},{"key":"8_CR28","unstructured":"Veli\u010dkovi\u0107, P., Cucurull, G., Casanova, A., Romero, A., Lio, P., Bengio, Y.: Graph attention networks. arXiv preprintarXiv:1710.10903 (2017)"},{"key":"8_CR29","doi-asserted-by":"crossref","unstructured":"Xia, B., Bi, T., Xing, Z., Lu, Q., Zhu, L.: An empirical study on software bill of materials: where we stand and the road ahead. arXiv preprintarXiv:2301.05362 (2023)","DOI":"10.1109\/ICSE48619.2023.00219"},{"key":"8_CR30","doi-asserted-by":"crossref","unstructured":"Xia, F., Chen, X., Yu, S., Hou, M., Liu, M., You, L.: Coupled attention networks for multivariate time series anomaly detection. IEEE Trans. Emerg. Top. Comput. (2023)","DOI":"10.1109\/TETC.2023.3280577"},{"key":"8_CR31","doi-asserted-by":"crossref","unstructured":"Yan, Z., Liu, J.: A review on application of Knowledge Graph in cybersecurity. In: 2020 International Signal Processing, Communications and Engineering Management Conference (ISPCEM), pp. 240\u2013243. IEEE (2020)","DOI":"10.1109\/ISPCEM52197.2020.00055"},{"issue":"3","key":"8_CR32","doi-asserted-by":"publisher","first-page":"1351","DOI":"10.3390\/app11031351","volume":"11","author":"K Zhu","year":"2021","unstructured":"Zhu, K., Yuliang, L., Hui Huang, L.Y., Zhao, J.: Constructing more complete control flow graphs utilizing directed gray-box fuzzing. Appl. Sci. 11(3), 1351 (2021)","journal-title":"Appl. Sci."},{"key":"8_CR33","doi-asserted-by":"crossref","unstructured":"Zomorodian, A.: Computational topology. Algorithms and Theory of Computation Handbook, vol. 2, no. 3 (2009)","DOI":"10.1201\/9781584888215-c3"}],"container-title":["Lecture Notes in Computer Science","Science of Cyber Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-2417-1_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,6]],"date-time":"2025-09-06T07:06:04Z","timestamp":1757142364000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-2417-1_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819624164","9789819624171"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-2417-1_8","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"4 March 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SciSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Science of Cyber Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 August 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 August 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"6","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"scisec2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.scisec.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}