{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,24]],"date-time":"2026-03-24T19:24:17Z","timestamp":1774380257942,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":45,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,3,9]],"date-time":"2016-03-09T00:00:00Z","timestamp":1457481600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,3,9]]},"DOI":"10.1145\/2857705.2857750","type":"proceedings-article","created":{"date-parts":[[2016,3,4]],"date-time":"2016-03-04T20:57:50Z","timestamp":1457125070000},"page":"97-104","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":38,"title":["To Fear or Not to Fear That is the Question"],"prefix":"10.1145","author":[{"given":"Awad","family":"Younis","sequence":"first","affiliation":[{"name":"Colorado State University, Fort collins, CO, USA"}]},{"given":"Yashwant","family":"Malaiya","sequence":"additional","affiliation":[{"name":"Colorado State University, Fort collins, CO, USA"}]},{"given":"Charles","family":"Anderson","sequence":"additional","affiliation":[{"name":"Colorado State University, Fort collins, CO, USA"}]},{"given":"Indrajit","family":"Ray","sequence":"additional","affiliation":[{"name":"Colorado State University, Fort collins, CO, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,3,9]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456362.1456372"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/1414004.1414065"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.sysarc.2010.06.003"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICST.2010.32"},{"key":"e_1_3_2_1_5_1","volume-title":"My Software has a Vulnerability, should I worry?,\" arXiv preprint arXiv:1301.1275","author":"Allodi L.","year":"2013","unstructured":"L. Allodi and F. Massacci , \" My Software has a Vulnerability, should I worry?,\" arXiv preprint arXiv:1301.1275 , 2013 . L. Allodi and F. Massacci, \"My Software has a Vulnerability, should I worry?,\" arXiv preprint arXiv:1301.1275, 2013."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/QRS.2015.44"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11379-1_21"},{"key":"e_1_3_2_1_8_1","unstructured":"\"National Vulnerability Database Home.\". Available: http:\/\/nvd.nist.gov\/. {Accessed: 24-May-2015}.  \"National Vulnerability Database Home.\". Available: http:\/\/nvd.nist.gov\/. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_9_1","unstructured":"EDB\n  : Exploits Database by Offensive Security. Available: http:\/\/www.exploit-db.com\/. {Accessed: 24-May-2015}.  EDB: Exploits Database by Offensive Security. Available: http:\/\/www.exploit-db.com\/. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cct.2009.06.007"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1314257.1314261"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4419-6967-5_6"},{"key":"e_1_3_2_1_13_1","volume-title":"Software Metrics: A Rigorous and Practical Approach","author":"Fenton N.E.","year":"1997","unstructured":"N.E. Fenton , S.L. Pfleeger , Software Metrics: A Rigorous and Practical Approach , PWS Publishing Co. , Boston, MA, USA , 1997 . N.E. Fenton, S.L. Pfleeger, Software Metrics: A Rigorous and Practical Approach, PWS Publishing Co., Boston, MA, USA, 1997."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1976.233837"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/947825.947829"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.1981.231113"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1134285.1134349"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11219-015-9274-6"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.5555\/944919.944974"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings 21st Australasian Computer Science Conference","author":"Hall M.","year":"1996","unstructured":"M. Hall and L. Smith . Practical feature subset selection for machine learning . In Proceedings 21st Australasian Computer Science Conference , University of Western Australia, Perth, Australia , February 1996 . M. Hall and L. Smith. Practical feature subset selection for machine learning. In Proceedings 21st Australasian Computer Science Conference, University of Western Australia, Perth, Australia, February 1996."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/S0004-3702(97)00043-X"},{"key":"e_1_3_2_1_22_1","volume-title":"Principal component analysis","author":"Jolliffe I.","year":"2002","unstructured":"I. Jolliffe , Principal component analysis . John Wiley & Sons, Ltd , 2002 . I. Jolliffe, Principal component analysis. John Wiley & Sons, Ltd, 2002."},{"key":"e_1_3_2_1_23_1","volume-title":"Beyond Fear: Thinking Sensibly about Security in an Uncertain World","author":"Schneier B.","year":"2003","unstructured":"B. Schneier , Beyond Fear: Thinking Sensibly about Security in an Uncertain World . Springer-Verlag , 2003 . B. Schneier, Beyond Fear: Thinking Sensibly about Security in an Uncertain World. Springer-Verlag, 2003."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/EDCC.2006.17"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2746194.2746198"},{"key":"e_1_3_2_1_26_1","first-page":"477","volume-title":"ACSAC 2007","author":"Sparks S.","year":"2007","unstructured":"S. Sparks , S. Embleton , R. Cunningham , and C. Zou , \" Automated vulnerability analysis: Leveraging control flow for evolutionary input crafting,\" in Computer Security Applications Conference, 2007 . ACSAC 2007 . Twenty-Third Annual , 2007 , pp. 477 -- 486 . S. Sparks, S. Embleton, R. Cunningham, and C. Zou, \"Automated vulnerability analysis: Leveraging control flow for evolutionary input crafting,\" in Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, 2007, pp. 477--486."},{"key":"e_1_3_2_1_27_1","first-page":"109","volume-title":"Measuring Relative Attack Surfaces,\" in Computer Security in the 21st Century","author":"Howard M.","year":"2005","unstructured":"M. Howard , J. Pincus , and J. Wing , \" Measuring Relative Attack Surfaces,\" in Computer Security in the 21st Century , D. T. Lee, S. P. Shieh, and J. D. Tygar, Eds. Springer US , 2005 , pp. 109 -- 137 . M. Howard, J. Pincus, and J. Wing, \"Measuring Relative Attack Surfaces,\" in Computer Security in the 21st Century, D. T. Lee, S. P. Shieh, and J. D. Tygar, Eds. Springer US, 2005, pp. 109--137."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2010.60"},{"key":"e_1_3_2_1_29_1","volume-title":"IEEE CS","year":"2005","unstructured":"IEEE, \"IEEE Standard for a Software Quality Metrics Methodology,\" IEEE Std 1061--1998 (R2004) , IEEE CS , 2005 . IEEE, \"IEEE Standard for a Software Quality Metrics Methodology,\" IEEE Std 1061--1998 (R2004), IEEE CS, 2005."},{"key":"e_1_3_2_1_30_1","unstructured":"Apache-SVN. The apache software foundation. Available: http:\/\/www.svn.apache.org\/viewvc\/. {Accessed: 24-May-2015}.  Apache-SVN. The apache software foundation. Available: http:\/\/www.svn.apache.org\/viewvc\/. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_31_1","unstructured":"Linux Kernel Archive. Available: https:\/\/www.kernel.org\/ {Accessed: 24-May-2015}.  Linux Kernel Archive. Available: https:\/\/www.kernel.org\/ {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_32_1","unstructured":"Scientific Toolworks Understand. Available: http:\/\/www.scitools.com\/. {Accessed: 24-May-2015}.  Scientific Toolworks Understand. Available: http:\/\/www.scitools.com\/. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_33_1","unstructured":"LocMetrics. Available: http:\/\/www.locmetrics.com\/index.html. {Accessed: 24-May-2015}.  LocMetrics. Available: http:\/\/www.locmetrics.com\/index.html. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_34_1","unstructured":"WEKA Toolkit. Available: http:\/\/www.cs.waikato.ac.nz\/ml\/weka. {Accessed: 24-May-2015}.  WEKA Toolkit. Available: http:\/\/www.cs.waikato.ac.nz\/ml\/weka. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_35_1","volume-title":"Data Mining: Practical Machine Learning Tools and Techniques","author":"Witten I.H.","year":"2005","unstructured":"I.H. Witten , E. Frank , Data Mining: Practical Machine Learning Tools and Techniques ( 2 nd ed.), Morgan Kaufmann , San Francisco , 2005 . I.H. Witten, E. Frank, Data Mining: Practical Machine Learning Tools and Techniques (2nd ed.), Morgan Kaufmann, San Francisco, 2005.","edition":"2"},{"key":"e_1_3_2_1_36_1","unstructured":"Usage Statistics and Market Share of Web Servers for Websites. Available: http:\/\/www.w3techs.com\/technologies\/overview\/web_server\/all. {Accessed: 24-May-2015}.  Usage Statistics and Market Share of Web Servers for Websites. Available: http:\/\/www.w3techs.com\/technologies\/overview\/web_server\/all. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_37_1","unstructured":"Usage Statistics and Market Share of Web Servers for Websites. Available: http:\/\/w3techs.com\/technologies\/details\/os-unix\/all\/all. {Accessed: 24-May-2015}.  Usage Statistics and Market Share of Web Servers for Websites. Available: http:\/\/w3techs.com\/technologies\/details\/os-unix\/all\/all. {Accessed: 24-May-2015}."},{"key":"e_1_3_2_1_38_1","first-page":"1","volume-title":"A complete guide to the common vulnerability scoring system version 2.0,\" in Published by FIRST-Forum of Incident Response and Security Teams","author":"Mell P.","year":"2007","unstructured":"P. Mell , K. Scarfone , and S. Romanosky , \" A complete guide to the common vulnerability scoring system version 2.0,\" in Published by FIRST-Forum of Incident Response and Security Teams , 2007 , pp. 1 -- 23 . P. Mell, K. Scarfone, and S. Romanosky, \"A complete guide to the common vulnerability scoring system version 2.0,\" in Published by FIRST-Forum of Incident Response and Security Teams, 2007, pp.1--23."},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456362.1456370"},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROMISE.2007.10"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/1835804.1835821"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382416.2382427"},{"key":"e_1_3_2_1_43_1","volume-title":"My Software has a Vulnerability, should I worry?","author":"Allodi L.","year":"2013","unstructured":"L. Allodi and F. Massacci , \" My Software has a Vulnerability, should I worry? ,\", 2013 , arXiv preprint arXiv:1301.1275. L. Allodi and F. Massacci, \"My Software has a Vulnerability, should I worry?,\", 2013 , arXiv preprint arXiv:1301.1275."},{"key":"e_1_3_2_1_44_1","first-page":"419","volume-title":"Intl. Conf. on Softw. Eng. (ICSE). ACM","author":"Bhattacharya P.","year":"2012","unstructured":"P. Bhattacharya , M. Iliofotou , I. Neamtiu , and M. Faloutsos , \" Graph-based analysis and prediction for software evolution,\" in Proc . Intl. Conf. on Softw. Eng. (ICSE). ACM , 2012 , pp. 419 -- 429 . P. Bhattacharya, M. Iliofotou, I. Neamtiu, and M. Faloutsos, \"Graph-based analysis and prediction for software evolution,\" in Proc. Intl. Conf. on Softw. Eng. (ICSE). ACM, 2012, pp. 419--429."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2014.2340398"}],"event":{"name":"CODASPY'16: Sixth ACM Conference on Data and Application Security and Privacy","location":"New Orleans Louisiana USA","acronym":"CODASPY'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the Sixth ACM Conference on Data and Application Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2857705.2857750","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2857705.2857750","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:12:43Z","timestamp":1750227163000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2857705.2857750"}},"subtitle":["Code Characteristics of a Vulnerable Functionwith an Existing Exploit"],"short-title":[],"issued":{"date-parts":[[2016,3,9]]},"references-count":45,"alternative-id":["10.1145\/2857705.2857750","10.1145\/2857705"],"URL":"https:\/\/doi.org\/10.1145\/2857705.2857750","relation":{},"subject":[],"published":{"date-parts":[[2016,3,9]]},"assertion":[{"value":"2016-03-09","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}