{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,28]],"date-time":"2025-08-28T12:35:08Z","timestamp":1756384508755,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":16,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,8,29]],"date-time":"2017-08-29T00:00:00Z","timestamp":1503964800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100003246","name":"Nederlandse Organisatie voor Wetenschappelijk Onderzoek","doi-asserted-by":"publisher","award":["628.001.004"],"award-info":[{"award-number":["628.001.004"]}],"id":[{"id":"10.13039\/501100003246","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100004963","name":"Seventh Framework Programme","doi-asserted-by":"publisher","award":["285223"],"award-info":[{"award-number":["285223"]}],"id":[{"id":"10.13039\/501100004963","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,8,29]]},"DOI":"10.1145\/3098954.3098965","type":"proceedings-article","created":{"date-parts":[[2017,8,10]],"date-time":"2017-08-10T12:12:36Z","timestamp":1502367156000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Attack Potential in Impact and Complexity"],"prefix":"10.1145","author":[{"given":"Luca","family":"Allodi","sequence":"first","affiliation":[{"name":"Eindhoven University of Technology"}]},{"given":"Fabio","family":"Massacci","sequence":"additional","affiliation":[{"name":"University of Trento"}]}],"member":"320","published-online":{"date-parts":[[2017,8,29]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-15618-7_11"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2630069"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.2139\/ssrn.2862299"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/SPW.2013.16"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2462096.2462100"},{"key":"e_1_3_2_1_6_1","volume-title":"July","author":"Christey S.","year":"2013","unstructured":"S. Christey and B. Martin . Buying into the bias: why vulnerability statistics suck. https:\/\/www.blackhat.com\/us-13\/archives.html#Martin , July 2013 . S. Christey and B. Martin. Buying into the bias: why vulnerability statistics suck. https:\/\/www.blackhat.com\/us-13\/archives.html#Martin, July 2013."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/1978672.1978683"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1016\/0001-4575(86)90007-2"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1162666.1162671"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.04.012"},{"key":"e_1_3_2_1_11_1","volume-title":"FIRST,","author":"Mell P.","year":"2007","unstructured":"P. Mell , K. Scarfone , and S. Romanosky . A complete guide to the common vulnerability scoring system version 2.0. Technical report , FIRST, Available at http:\/\/www.first.org\/cvss, 2007 . P. Mell, K. Scarfone, and S. Romanosky. A complete guide to the common vulnerability scoring system version 2.0. Technical report, FIRST, Available at http:\/\/www.first.org\/cvss, 2007."},{"key":"e_1_3_2_1_12_1","first-page":"426","volume-title":"Proc. of RAID'14","author":"Nayak K.","year":"2014","unstructured":"K. Nayak , D. Marino , P. Efstathopoulos , and T. Dumitra\u015f ,. Some vulnerabilities are different than others . In Proc. of RAID'14 , pages 426 -- 446 . Springer , 2014 . K. Nayak, D. Marino, P. Efstathopoulos, and T. Dumitra\u015f,. Some vulnerabilities are different than others. In Proc. of RAID'14, pages 426--446. Springer, 2014."},{"key":"e_1_3_2_1_13_1","volume-title":"version 2.0. https:\/\/www.pcisecuritystandards.org\/documents\/pci_dss_v2.pdf","author":"CI.","year":"2010","unstructured":"P CI. Pci dss requirements and security assessment procedures , version 2.0. https:\/\/www.pcisecuritystandards.org\/documents\/pci_dss_v2.pdf , 2010 . PCI. Pci dss requirements and security assessment procedures, version 2.0. https:\/\/www.pcisecuritystandards.org\/documents\/pci_dss_v2.pdf, 2010."},{"key":"e_1_3_2_1_14_1","volume-title":"NIST","author":"Quinn S. D.","year":"2010","unstructured":"S. D. Quinn , K. A. Scarfone , M. Barrett , and C. S. Johnson . Sp 800-117. guide to adopting and using the security content automation protocol (scap) version 1.0. Technical report , NIST , 2010 . S. D. Quinn, K. A. Scarfone, M. Barrett, and C. S. Johnson. Sp 800-117. guide to adopting and using the security content automation protocol (scap) version 1.0. Technical report, NIST, 2010."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/ESEM.2009.5314220"},{"volume-title":"Verizon Enterprise","year":"2014","key":"e_1_3_2_1_16_1","unstructured":"Verizon. Verizon 2014 pci compliance report. Technical report , Verizon Enterprise , 2014. Verizon. Verizon 2014 pci compliance report. Technical report, Verizon Enterprise, 2014."}],"event":{"name":"ARES '17: International Conference on Availability, Reliability and Security","acronym":"ARES '17","location":"Reggio Calabria Italy"},"container-title":["Proceedings of the 12th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3098954.3098965","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3098954.3098965","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T19:07:22Z","timestamp":1750273642000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3098954.3098965"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,8,29]]},"references-count":16,"alternative-id":["10.1145\/3098954.3098965","10.1145\/3098954"],"URL":"https:\/\/doi.org\/10.1145\/3098954.3098965","relation":{},"subject":[],"published":{"date-parts":[[2017,8,29]]},"assertion":[{"value":"2017-08-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}