{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,5]],"date-time":"2026-02-05T22:43:35Z","timestamp":1770331415990,"version":"3.49.0"},"reference-count":25,"publisher":"IEEE","license":[{"start":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T00:00:00Z","timestamp":1732665600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2024,11,27]],"date-time":"2024-11-27T00:00:00Z","timestamp":1732665600000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,11,27]]},"DOI":"10.1109\/cloudnet62863.2024.10815757","type":"proceedings-article","created":{"date-parts":[[2024,12,31]],"date-time":"2024-12-31T19:24:26Z","timestamp":1735673066000},"page":"1-6","source":"Crossref","is-referenced-by-count":1,"title":["A Statistical Approach to Severity Aware Vulnerability Prioritization"],"prefix":"10.1109","author":[{"given":"Miguel","family":"Bicudo","sequence":"first","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cain\u00e3","family":"Pereira","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lucas","family":"Miranda","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lucas","family":"Senos","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Carlos Eduardo","family":"Banjar","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniel","family":"Menasch\u00e9","sequence":"additional","affiliation":[{"name":"Federal University of Rio de Janeiro"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gaurav","family":"Srivastava","sequence":"additional","affiliation":[{"name":"Siemens Technology,Princeton,NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Enrico","family":"Lovat","sequence":"additional","affiliation":[{"name":"Siemens Technology,Princeton,NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anton","family":"Kocheturov","sequence":"additional","affiliation":[{"name":"Siemens Technology,Princeton,NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matheus","family":"Martins","sequence":"additional","affiliation":[{"name":"Siemens Technology,Princeton,NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Leandro Pfleger","family":"De Aguiar","sequence":"additional","affiliation":[{"name":"Siemens Technology,Princeton,NJ"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1111\/risa.13732"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1016\/j.entcs.2014.12.010"},{"key":"ref3","doi-asserted-by":"publisher","DOI":"10.1145\/3013520"},{"key":"ref4","article-title":"A Statistical Approach to Assess Temporal CVSS","author":"Bicudo","year":"2024","journal-title":"Tech. rep., UFRJ"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/3041008.3041009"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1287\/mnsc.1070.0794"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1109\/CSCloud.2015.56"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1145\/3407023.3407038"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/1162666.1162671"},{"issue":"2","key":"ref10","first-page":"134","article-title":"When trust fails: Examining systemic risk in the digital economy from the 2024 crowdstrike outage","volume":"1","author":"George","year":"2024","journal-title":"Partners Universal Multi-disciplinary Research Journal"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1016\/j.ejor.2011.05.050"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.08.004"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.3241"},{"key":"ref14","volume-title":"National Institute of Standards and Technology: Common vulnerability scoring system version 4.0","year":"2023"},{"key":"ref15","volume-title":"Ics security patching: Never, next, now","author":"Paterson","year":"2019"},{"key":"ref16","volume-title":"Patch management for industrial control systems","author":"Pfleger","year":"2017"},{"key":"ref17","article-title":"New risks in ransomware: Supply chain attacks and cryptocurrency","volume-title":"Science, Technology, and Public Policy Program Reports","author":"Robinson","year":"2022"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.07.001"},{"key":"ref19","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-39564-7_20"},{"key":"ref20","article-title":"SecScore: Enhancing the CVSS Threat Metric Group with Empirical Evidences","author":"Santana","year":"2024","journal-title":"arXiv preprint"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.1109\/ICMLA52953.2021.00256"},{"key":"ref22","first-page":"377","article-title":"Expected exploitability: Predicting the development of functional vulnerability exploits","author":"Suciu","year":"2022","journal-title":"USENIX Security"},{"key":"ref23","volume-title":"2015 data breach investigations report","author":"Team","year":"2015"},{"key":"ref24","first-page":"17","article-title":"Capturing the security effects of network segmentation via a continuous-time markov chain model","volume-title":"Simulation Symposium","author":"Wagner","year":"2017"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/3084455"}],"event":{"name":"2024 IEEE 13th International Conference on Cloud Networking (CloudNet)","location":"Rio de Janeiro, Brazil","start":{"date-parts":[[2024,11,27]]},"end":{"date-parts":[[2024,11,29]]}},"container-title":["2024 IEEE 13th International Conference on Cloud Networking (CloudNet)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx8\/10815719\/10815701\/10815757.pdf?arnumber=10815757","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T07:46:09Z","timestamp":1735717569000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10815757\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,27]]},"references-count":25,"URL":"https:\/\/doi.org\/10.1109\/cloudnet62863.2024.10815757","relation":{},"subject":[],"published":{"date-parts":[[2024,11,27]]}}}