{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T05:04:44Z","timestamp":1743138284944,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":17,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819980239"},{"type":"electronic","value":"9789819980246"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-981-99-8024-6_10","type":"book-chapter","created":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T05:02:11Z","timestamp":1704862931000},"page":"119-130","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Vulnerability Assessment Framework Based on In-The-Wild Exploitability for Prioritizing Patch Application in Control System"],"prefix":"10.1007","author":[{"given":"Seong-Su","family":"Yoon","sequence":"first","affiliation":[]},{"given":"Do-Yeon","family":"Kim","sequence":"additional","affiliation":[]},{"given":"Ga-Gyeong","family":"Kim","sequence":"additional","affiliation":[]},{"given":"Ieck-Chae","family":"Euom","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,1,11]]},"reference":[{"unstructured":"Bulut, M.F., et al.: Vulnerability prioritization: an offensive security approach. arXiv preprint arXiv:2206.11182 (2022)","key":"10_CR1"},{"issue":"7","key":"10_CR2","doi-asserted-by":"publisher","first-page":"2555","DOI":"10.3390\/app10072555","volume":"10","author":"H Yang","year":"2020","unstructured":"Yang, H., et al.: Better not to use vulnerability\u2019s reference for exploitability prediction. Appl. Sci. 10(7), 2555 (2020)","journal-title":"Appl. Sci."},{"unstructured":"FIRST CVSS Documentation. https:\/\/www.first.org\/cvss\/specification-document. Accessed 18 June 2023","key":"10_CR3"},{"unstructured":"FIRST EPSS Model. https:\/\/www.first.org\/epss\/model.Accessed 18 June 2023","key":"10_CR4"},{"key":"10_CR5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102639","volume":"116","author":"B Jung","year":"2022","unstructured":"Jung, B., Li, Y., Bechor, T.: CAVP: a context-aware vulnerability prioritization model. Comput. Secur. 116, 102639 (2022)","journal-title":"Comput. Secur."},{"unstructured":"Singh, U.K., Joshi, C.: Quantitative security risk evaluation using CVSS metrics by estimation of frequency and maturity of exploit. In: Proceedings of the World Congress on Engineering and Computer Science, vol. 1, pp. 19\u201321 (2016)","key":"10_CR6"},{"unstructured":"NVD CVE. https:\/\/nvd.nist.gov\/. Accessed 18 June 2023","key":"10_CR7"},{"unstructured":"NVD CPE. https:\/\/nvd.nist.gov\/products\/cpe. Accessed 18 June 2023","key":"10_CR8"},{"unstructured":"MITRE CWE. https:\/\/cwe.mitre.org\/. Accessed 18 June 2023","key":"10_CR9"},{"unstructured":"NVD CAPEC. https:\/\/capec.mitre.org\/. Accessed 18 June 2023","key":"10_CR10"},{"unstructured":"CISA ICS-CERT Advisories. https:\/\/www.cisa.gov\/uscert\/ics\/advisories?items_per_page=All. Accessed 18 June 2023","key":"10_CR11"},{"unstructured":"Exploit-DB. https:\/\/exploit-db.com. Accessed 18 June 2023","key":"10_CR12"},{"unstructured":"Github. https:\/\/github.com\/nomi-sec\/PoC-in-GitHub\/. Accessed 18 June 2023","key":"10_CR13"},{"unstructured":"CISA. https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\/. Accessed 18 June 2023","key":"10_CR14"},{"unstructured":"CISA. https:\/\/www.cisa.gov\/uscert\/ncas\/alerts\/. Accessed 18 June 2023","key":"10_CR15"},{"unstructured":"Rapid7. https:\/\/rapid7.com\/. Accessed 18 June 2023","key":"10_CR16"},{"unstructured":"MITRE. https:\/\/www.cve.org\/Program Organization\/CNA s. Accessed 18 June 2023","key":"10_CR17"}],"container-title":["Lecture Notes in Computer Science","Information Security Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-8024-6_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,1,10]],"date-time":"2024-01-10T05:03:03Z","timestamp":1704862983000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-8024-6_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9789819980239","9789819980246"],"references-count":17,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-8024-6_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"11 January 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"WISA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Jeju Island","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Korea (Republic of)","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"wisa2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/wisa.or.kr\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easy Chair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"52","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"50% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}