{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T22:10:53Z","timestamp":1773439853768,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2019,11,11]],"date-time":"2019-11-11T00:00:00Z","timestamp":1573430400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2019,11,11]]},"DOI":"10.1145\/3338501.3357365","type":"proceedings-article","created":{"date-parts":[[2019,11,8]],"date-time":"2019-11-08T13:40:33Z","timestamp":1573220433000},"page":"49-57","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Risk Prioritization by Leveraging Latent Vulnerability Features in a Contested Environment"],"prefix":"10.1145","author":[{"given":"Kenneth","family":"Alperin","sequence":"first","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Allan","family":"Wollaber","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Dennis","family":"Ross","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Pierre","family":"Trepagnier","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Leslie","family":"Leonard","sequence":"additional","affiliation":[{"name":"U.S. Army Engineer Research and Development Center, Vicksburg, MS, USA"}]}],"member":"320","published-online":{"date-parts":[[2019,11,11]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/www2.fireeye.com\/rs\/848-DID-242\/images\/APT28-Center-of-Storm-2017.pdf","year":"2017","unstructured":"2017. ( 2017 ). https:\/\/www2.fireeye.com\/rs\/848-DID-242\/images\/APT28-Center-of-Storm-2017.pdf 2017. (2017). https:\/\/www2.fireeye.com\/rs\/848-DID-242\/images\/APT28-Center-of-Storm-2017.pdf"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133960"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3140368.3140372"},{"key":"e_1_3_2_1_4_1","volume-title":"Comparing vulnerability severity and exploits using case-control studies.ACM Transactions on Information and System Security (TISSEC)17, 1","author":"Allodi Luca","year":"2014","unstructured":"Luca Allodi and Fabio Massacci . 2014. Comparing vulnerability severity and exploits using case-control studies.ACM Transactions on Information and System Security (TISSEC)17, 1 ( 2014 ), 1. Luca Allodi and Fabio Massacci. 2014. Comparing vulnerability severity and exploits using case-control studies.ACM Transactions on Information and System Security (TISSEC)17, 1 (2014), 1."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"crossref","unstructured":"Luca Allodi Fabio Massacci and Julian M Williams. 2017. The work-averse cyber attacker model: Theory and evidence from two million attack signatures. Available at SSRN 2862299(2017).  Luca Allodi Fabio Massacci and Julian M Williams. 2017. The work-averse cyber attacker model: Theory and evidence from two million attack signatures. Available at SSRN 2862299(2017).","DOI":"10.2139\/ssrn.2862299"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/3041008.3041009"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSCloud.2015.56"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196884"},{"key":"e_1_3_2_1_9_1","volume-title":"Fixing the #1 Problem in Computer Security: A Data-Driven Defense. (Jan","author":"Grimes Roger A","year":"2016","unstructured":"Roger A Grimes . 2016. Fixing the #1 Problem in Computer Security: A Data-Driven Defense. (Jan 2016 ). https:\/\/gallery.technet.microsoft.com\/Fixing-the-1-Problem-in-2e58ac4a Roger A Grimes. 2016. Fixing the #1 Problem in Computer Security: A Data-Driven Defense. (Jan 2016). https:\/\/gallery.technet.microsoft.com\/Fixing-the-1-Problem-in-2e58ac4a"},{"key":"e_1_3_2_1_10_1","volume-title":"2017 IEEE International Conference on Software Maintenance and Evolution (ICSME). IEEE, 125--136","author":"Han Zhuobing","unstructured":"Zhuobing Han , Xiaohong Li , Zhenchang Xing , Hongtao Liu , and Zhiyong Feng .2017. Learning to predict severity of software vulnerability using only vulnerability description . In 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME). IEEE, 125--136 . Zhuobing Han, Xiaohong Li, Zhenchang Xing, Hongtao Liu, and Zhiyong Feng.2017. Learning to predict severity of software vulnerability using only vulnerability description. In 2017 IEEE International Conference on Software Maintenance and Evolution (ICSME). IEEE, 125--136."},{"key":"e_1_3_2_1_11_1","volume-title":"Improving Vulnerability Remediation Through Better Exploit Prediction.2019 Workshop on the Economics of Information Security(2019)","author":"Jacobs Jay","year":"2019","unstructured":"Jay Jacobs , Sasha Romanosky , Idris Adjerid , and Wade Baker . 2019 . Improving Vulnerability Remediation Through Better Exploit Prediction.2019 Workshop on the Economics of Information Security(2019) . Jay Jacobs, Sasha Romanosky, Idris Adjerid, and Wade Baker. 2019. Improving Vulnerability Remediation Through Better Exploit Prediction.2019 Workshop on the Economics of Information Security(2019)."},{"key":"e_1_3_2_1_12_1","first-page":"89","article-title":"An automatic method for CVSS score prediction using vulnerabilities description","volume":"1","author":"Khazaei Atefeh","year":"2016","unstructured":"Atefeh Khazaei , Mohammad Ghasemzadeh , and Vali Derhami . 2016 . An automatic method for CVSS score prediction using vulnerabilities description . Journal of Intelligent & Fuzzy Systems30 , 1 (2016), 89 -- 96 . Atefeh Khazaei, Mohammad Ghasemzadeh, and Vali Derhami. 2016. An automatic method for CVSS score prediction using vulnerabilities description. Journal of Intelligent & Fuzzy Systems30, 1 (2016), 89--96.","journal-title":"Journal of Intelligent & Fuzzy Systems30"},{"key":"e_1_3_2_1_13_1","unstructured":"Fireeye Labs. 2015. Operation Russian Doll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia's APT28 in Highly-Targeted Attack \u00c2? Operation Russian Doll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia's APT28 in Highly-Targeted Attack. (Apr 2015). https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/04\/probable_apt28_useo.html  Fireeye Labs. 2015. Operation Russian Doll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia's APT28 in Highly-Targeted Attack \u00c2? Operation Russian Doll: Adobe & Windows Zero-Day Exploits Likely Leveraged by Russia's APT28 in Highly-Targeted Attack. (Apr 2015). https:\/\/www.fireeye.com\/blog\/threat-research\/2015\/04\/probable_apt28_useo.html"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISCID.2017.24"},{"key":"e_1_3_2_1_15_1","volume-title":"Managing vulnerabilities in networked systems.Computer34, 11","author":"Martin Robert A","year":"2001","unstructured":"Robert A Martin . 2001. Managing vulnerabilities in networked systems.Computer34, 11 ( 2001 ), 32--38. Robert A Martin. 2001. Managing vulnerabilities in networked systems.Computer34, 11 (2001), 32--38."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2006.145"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSRE.2010.53"},{"key":"e_1_3_2_1_18_1","unstructured":"Office of the Deputy Assistant Secretary of Defense for Systems Engineering. 2017. Department of Defense Risk Issue and Opportunity Management Guide for Defense Acquisition Programs. Department of Defense(2017).  Office of the Deputy Assistant Secretary of Defense for Systems Engineering. 2017. Department of Defense Risk Issue and Opportunity Management Guide for Defense Acquisition Programs. Department of Defense(2017)."},{"key":"e_1_3_2_1_19_1","volume-title":"Ehab Al-Shaer, and Bei-Tseng Chu.","author":"Qamar Sara","year":"2017","unstructured":"Sara Qamar , Zahid Anwar , Mohammad Ashiqur Rahman , Ehab Al-Shaer, and Bei-Tseng Chu. 2017 . Data-driven analytics for cyber-threat intelligence and information sharing. Computers & Security 67 (2017), 35--58. Sara Qamar, Zahid Anwar, Mohammad Ashiqur Rahman, Ehab Al-Shaer, and Bei-Tseng Chu. 2017. Data-driven analytics for cyber-threat intelligence and information sharing. Computers & Security67 (2017), 35--58."},{"key":"e_1_3_2_1_20_1","unstructured":"Dennis M Ross Allan B Wollaber and Pierre C Trepagnier. [n. d.]. Vulnerability Ranking by Exploit Association in a Latent Feature Space. Journal of Defnse Modeling and Simulation(Revision Submitted) ([n. d.]).  Dennis M Ross Allan B Wollaber and Pierre C Trepagnier. [n. d.]. Vulnerability Ranking by Exploit Association in a Latent Feature Space. Journal of Defnse Modeling and Simulation(Revision Submitted) ([n. d.])."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.5555\/3140065.3140084"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/3139367.3139390"},{"key":"e_1_3_2_1_23_1","first-page":"1929","article-title":"Dropout: a simple way to prevent neural networks from overfitting","volume":"1","author":"Srivastava Nitish","year":"2014","unstructured":"Nitish Srivastava , Geoffrey Hinton , Alex Krizhevsky , Ilya Sutskever , and Ruslan Salakhutdinov . 2014 . Dropout: a simple way to prevent neural networks from overfitting . The Journal of Machine Learning Research15 , 1 (2014), 1929 -- 1958 . Nitish Srivastava, Geoffrey Hinton, Alex Krizhevsky, Ilya Sutskever, and Ruslan Salakhutdinov. 2014. Dropout: a simple way to prevent neural networks from overfitting. The Journal of Machine Learning Research15, 1 (2014), 1929--1958.","journal-title":"The Journal of Machine Learning Research15"},{"key":"e_1_3_2_1_24_1","volume-title":"Thirty-Second AAAI Conference on Artificial Intelligence.","author":"Tavabi Nazgol","year":"2018","unstructured":"Nazgol Tavabi , Palash Goyal , Mohammed Almukaynizi , Paulo Shakarian , and Kristina Lerman . 2018 . Darkembed: Exploit prediction with neural language models . In Thirty-Second AAAI Conference on Artificial Intelligence. Nazgol Tavabi, Palash Goyal, Mohammed Almukaynizi, Paulo Shakarian, and Kristina Lerman. 2018. Darkembed: Exploit prediction with neural language models. In Thirty-Second AAAI Conference on Artificial Intelligence."},{"key":"e_1_3_2_1_25_1","volume-title":"Structuring a vulnerability description for comprehensive single system security analysis. Rocky Mountain Celebration of Women in Computing","author":"Urbanska Malgorzata","year":"2012","unstructured":"Malgorzata Urbanska , Indrajit Ray , Adele E Howe , and Mark Roberts . 2012. Structuring a vulnerability description for comprehensive single system security analysis. Rocky Mountain Celebration of Women in Computing , Fort Collins, CO , USA( 2012 ). Malgorzata Urbanska, Indrajit Ray, Adele E Howe, and Mark Roberts. 2012. Structuring a vulnerability description for comprehensive single system security analysis. Rocky Mountain Celebration of Women in Computing, Fort Collins, CO, USA(2012)."},{"key":"e_1_3_2_1_26_1","volume-title":"On Detecting Manifestation of Adversary Characteristics. In MILCOM2018--2018 IEEE Military Communications Conference (MILCOM). IEEE, 431--437","author":"Venkatesan Sridhar","year":"2018","unstructured":"Sridhar Venkatesan , Shridatt Sugrim , Rauf Izmailov , Cho-Yu J Chiang , Ritu Chadha , Bharat Doshi , Blaine Hoffman , E Allison Newcomb , and Norbou Buchler . 2018 . On Detecting Manifestation of Adversary Characteristics. In MILCOM2018--2018 IEEE Military Communications Conference (MILCOM). IEEE, 431--437 . Sridhar Venkatesan, Shridatt Sugrim, Rauf Izmailov, Cho-Yu J Chiang, Ritu Chadha, Bharat Doshi, Blaine Hoffman, E Allison Newcomb, and Norbou Buchler. 2018. On Detecting Manifestation of Adversary Characteristics. In MILCOM2018--2018 IEEE Military Communications Conference (MILCOM). IEEE, 431--437."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/BADGERS.2015.018"}],"event":{"name":"CCS '19: 2019 ACM SIGSAC Conference on Computer and Communications Security","location":"London United Kingdom","acronym":"CCS '19","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 12th ACM Workshop on Artificial Intelligence and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338501.3357365","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3338501.3357365","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:12:49Z","timestamp":1750201969000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3338501.3357365"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,11]]},"references-count":27,"alternative-id":["10.1145\/3338501.3357365","10.1145\/3338501"],"URL":"https:\/\/doi.org\/10.1145\/3338501.3357365","relation":{},"subject":[],"published":{"date-parts":[[2019,11,11]]},"assertion":[{"value":"2019-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}