{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,15]],"date-time":"2026-07-15T16:05:42Z","timestamp":1784131542739,"version":"3.55.0"},"publisher-location":"New York, NY, USA","reference-count":48,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,8,17]],"date-time":"2021-08-17T00:00:00Z","timestamp":1629158400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,8,17]]},"DOI":"10.1145\/3465481.3465758","type":"proceedings-article","created":{"date-parts":[[2021,8,16]],"date-time":"2021-08-16T18:07:25Z","timestamp":1629137245000},"page":"1-12","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":66,"title":["Linking CVE\u2019s to MITRE ATT&amp;CK Techniques"],"prefix":"10.1145","author":[{"given":"Aditya","family":"Kuppa","sequence":"first","affiliation":[{"name":"UCD, Ireland"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Lamine","family":"Aouad","sequence":"additional","affiliation":[{"name":"Tenable Corporation, France"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Nhien-An","family":"Le-Khac","sequence":"additional","affiliation":[{"name":"UCD, Ireland"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2021,8,17]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Fabio Massacci Comparing vulnerability severity and exploits using case-control studies ACM Transaction on Information and System Security (TISSEC)","author":"Allodi Luca","year":"2014","unstructured":"[1] Luca Allodi, Fabio Massacci Comparing vulnerability severity and exploits using case-control studies ACM Transaction on Information and System Security (TISSEC) volume 17 , 2014."},{"key":"e_1_3_2_1_2_1","unstructured":"[2] M Hutchins Eric & J Cloppert Michael & M Amin Rohan Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. Leading Issues in Information Warfare & Security Research. 1."},{"key":"e_1_3_2_1_3_1","volume-title":"et al. ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads Proceedings of the 20th International Conference on World Wide Web WWW \u201911","author":"Junjie Z.","unstructured":"[3] Z. Junjie, et al. ARROW: GenerAting SignatuRes to Detect DRive-By DOWnloads Proceedings of the 20th International Conference on World Wide Web WWW \u201911"},{"key":"e_1_3_2_1_4_1","volume-title":"SIGCHI Conference on Human Factors in Computing Systems, CHI\u201906","author":"Rachna D.","unstructured":"[4] D. Rachna, J.D. Tygar, and M. Hearst Why Phishing Works, SIGCHI Conference on Human Factors in Computing Systems, CHI\u201906"},{"key":"e_1_3_2_1_5_1","volume-title":"In Proc. of IWCC\u201913","author":"Allodi Luca","unstructured":"[5]Luca Allodi, Shim Woohyun, and Fabio Massacci Quantitative assessment of risk reduction with cybercrime black market monitoring.. In In Proc. of IWCC\u201913."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"[6] He K.; Zhang X.; Ren S.; and Sun J. 2016. Deep residual learning for image recognition. In CVPR.","DOI":"10.1109\/CVPR.2016.90"},{"key":"e_1_3_2_1_7_1","volume-title":"Published in WEIS","author":"Allodi Luca","year":"2017","unstructured":"[7] Luca Allodi, Fabio Massacci and Julian Williams The Work-Averse Cyber Attacker Model. Evidence from two million attack signatures. In Published in WEIS 2017. ."},{"key":"e_1_3_2_1_8_1","unstructured":"[8] Vaswani A.; Shazeer N.; Parmar N.; Uszkoreit J.; Jones L.; Gomez A.\u00a0N.; Kaiser \u0141.; and Polosukhin I. 2017. Attention is all you need. In NIPS."},{"key":"e_1_3_2_1_9_1","volume-title":"\u00a0E","year":"2016","unstructured":"[9] Lei\u00a0Ba, J.; Kiros, J.\u00a0R.; and Hinton, G.\u00a0E. 2016. Layer normalization. arXiv preprint arXiv:1607.06450."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"[10]Allodi L. & Etalle S. Towards realistic threat modeling: attack commodification irrelevant vulnerabilities and unrealistic assumptions. (2017)","DOI":"10.1145\/3140368.3140372"},{"key":"e_1_3_2_1_11_1","first-page":"0944","volume-title":"Design and Philosophy. Mitre Product Mp","author":"Thomas A.","year":"2018","unstructured":"[11]Strom, B., Applebaum, A., Miller, D., Nickels, K., Pennington, A. & Thomas, C. MITRE ATT&CK: Design and Philosophy. Mitre Product Mp. pp. 18\u20130944 (2018)"},{"key":"e_1_3_2_1_12_1","first-page":"3119","volume-title":"Advances in neural information processing systems","author":"Corrado S.","year":"2013","unstructured":"[12] T.\u00a0Mikolov, I.\u00a0Sutskever, K.\u00a0Chen, G.\u00a0S. Corrado, and J.\u00a0Dean, \u201cDistributed representations of words and phrases and their compositionality,\u201d in Advances in neural information processing systems, 2013, pp. 3111\u20133119."},{"key":"e_1_3_2_1_13_1","unstructured":"[13] Ronan Collobert Jason Weston L\u00e9on Bottou Michael Karlen Koray Kavukcuoglu and Pavel Kuksa. 2011. Natural language processing (almost) from scratch. Journal of Machine Learning Research 12:2493\u20132537."},{"key":"e_1_3_2_1_14_1","first-page":"1196","volume-title":"Proceedings of The 31st International Conference on Machine Learning","author":"V.","unstructured":"[14] Quoc\u00a0V. Le and Tomas Mikolov. 2014. Distributed representations of sentences and documents. In Proceedings of The 31st International Conference on Machine Learning, pages 1188\u2013\u20131196, Beijing, China."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/D14-1181"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.3115\/v1\/N15-1011"},{"key":"e_1_3_2_1_17_1","first-page":"657","volume-title":"Advances in Neural Information Processing Systems 28","author":"Zhang Xiang","year":"2015","unstructured":"[17] Xiang Zhang, Junbo Zhao, and Yann LeCun. 2015. Character-level convolutional networks for text classification. In Advances in Neural Information Processing Systems 28, pages 649\u2013657, Montreal, Canada."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D15-1167"},{"key":"e_1_3_2_1_19_1","first-page":"1025","volume-title":"Proceedings of the Eighth International Joint Conference on Natural Language Processing (Volume 1: Long Papers)","author":"Pappas Nikolaos","year":"2017","unstructured":"[19] Nikolaos Pappas and Andrei Popescu-Belis. 2017. Multilingual hierarchical attention networks for document classification. In Proceedings of the Eighth International Joint Conference on Natural Language Processing (Volume 1: Long Papers), pages 1015\u20131025."},{"key":"e_1_3_2_1_20_1","first-page":"3274","volume-title":"Proceedings of the 27th International Conference on Neural Information Processing Systems -","volume":"2","author":"Srikumar Vivek","year":"2014","unstructured":"[20] Vivek Srikumar and Christopher\u00a0D. Manning. 2014. Learning distributed representations for structured output prediction. In Proceedings of the 27th International Conference on Neural Information Processing Systems - Volume 2, NIPS\u201914, pages 3266\u20133274, Cambridge, MA, USA. MIT Press."},{"key":"e_1_3_2_1_21_1","volume-title":"In Proceedings of the 32nd AAAI Conference on Artificial Intelligence","author":"Yeh Chih-Kuan","year":"2018","unstructured":"[21] Chih-Kuan Yeh, Wei-Chieh Wu, Wei-Jen Ko, and Yu-Chiang\u00a0Frank Wang. 2018. Learning deep latent spaces for multi-label classification. In In Proceedings of the 32nd AAAI Conference on Artificial Intelligence, New Orleans, USA."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/N18-1172"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/P18-1216"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D15-1027"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"[25]Xiao L. Huang X. Chen B. & Jing L. Label-Specific Document Representation for Multi-Label Text Classification. (2019)","DOI":"10.18653\/v1\/D19-1044"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"[26]Du C. Chen Z. Feng F. Zhu L. Gan T. & Nie L. Explicit interaction model towards text classification. (2019)","DOI":"10.1609\/aaai.v33i01.33016359"},{"key":"e_1_3_2_1_27_1","unstructured":"[27] Towards the detection of inconsistencies in public security vulnerability reports Dong Ying and Guo Wenbo and Chen Yueqi and Xing Xinyu and Zhang Yuqing and Wang Gang 28th {USENIX} Security Symposium ({USENIX} Security 19) 869\u2013885 2019"},{"key":"e_1_3_2_1_28_1","unstructured":"[28] Understanding the reproducibility of crowd-reported security vulnerabilities Mu Dongliang and Cuevas Alejandro and Yang Limin and Hu Hang and Xing Xinyu and Mao Bing and Wang Gang 27th {USENIX} Security Symposium ({USENIX} Security 18) 919\u2013936 2018"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1162\/tacl_a_00259"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"crossref","unstructured":"[30]Neuhaus S. & Zimmermann T. Security trend analysis with cve topic models. (2010)","DOI":"10.1109\/ISSRE.2010.53"},{"key":"e_1_3_2_1_31_1","unstructured":"[31]Urbanska M. Ray I. Howe A. & Roberts M. Structuring a vulnerability description for comprehensive single system security analysis. Rocky Mountain Celebration Of Women In Computing Fort Collins Co Usa. (2012)"},{"key":"e_1_3_2_1_32_1","volume-title":"Nhien-An International Conference on Information Systems Security 88\u2013106","author":"Riskwriter","year":"2018","unstructured":"[32] Riskwriter: Predicting cyber risk of an enterprise Aditya, K and Grzonkowski, Slawomir and Le-Khac, Nhien-An International Conference on Information Systems Security 88\u2013106, 2018 ,Springer"},{"key":"e_1_3_2_1_33_1","volume-title":"Nhien-An Proceedings of the 14th International Conference on Availability, Reliability and Security, 1\u201310","year":"2019","unstructured":"[33] Black box attacks on deep anomaly detectors Kuppa, Aditya and Grzonkowski, Slawomir and Asghar, Muhammad Rizwan and Le-Khac, Nhien-An Proceedings of the 14th International Conference on Availability, Reliability and Security, 1\u201310, 2019"},{"key":"e_1_3_2_1_34_1","volume-title":"International Joint Conference on Neural Networks (IJCNN) 2020","author":"Explainable Artificial Black Box","unstructured":"[34] Black Box Attacks on Explainable Artificial Intelligence (XAI) methods in Cyber Security Kuppa, Aditya and Le-Khac, Nhien-An, International Joint Conference on Neural Networks (IJCNN) 2020"},{"key":"e_1_3_2_1_35_1","volume-title":"Nhien-An Annual Computer Security Applications Conference 556\u2013566 2020","author":"Security Effect","unstructured":"[35] Effect of Security Controls on Patching Window: A Causal Inference based Approach Kuppa, Aditya and Aouad, Lamine and Le-Khac, Nhien-An Annual Computer Security Applications Conference 556\u2013566 2020"},{"key":"e_1_3_2_1_36_1","unstructured":"[36]Gretton A. Borgwardt K. Rasch M. Sch\u201dolkopf B. & Smola A. A kernel two-sample test. Jmlr. (2012)"},{"key":"e_1_3_2_1_37_1","volume-title":"The elements of statistical learning","author":"Tibshirani T.","year":"2001","unstructured":"[37]Friedman, J., Hastie, T. & Tibshirani, R. The elements of statistical learning. (Springer,2001)"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"crossref","unstructured":"[38]Tavabi N. Goyal P. Almukaynizi M. Shakarian P. & Lerman K. Darkembed: Exploit prediction with neural language models. (2018)","DOI":"10.1609\/aaai.v32i1.11428"},{"key":"e_1_3_2_1_39_1","first-page":"89","article-title":"An automatic method for CVSS score prediction using vulnerabilities description","volume":"30","author":"Derhami M.","year":"2016","unstructured":"[39]Khazaei, A., Ghasemzadeh, M. & Derhami, V. An automatic method for CVSS score prediction using vulnerabilities description. Journal Of Intelligent & Fuzzy Systems. 30, 89\u201396 (2016)","journal-title":"Journal Of Intelligent & Fuzzy Systems."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"crossref","unstructured":"[40]Williams M. Dey S. Barranco R. Naim S. Hossain M. & Akbar M. Analyzing Evolving Trends of Vulnerabilities in National Vulnerability Database. (2018)","DOI":"10.1109\/BigData.2018.8622299"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2016.02.048"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"crossref","unstructured":"[42]Bullough B. Yanchenko A. Smith C. & Zipkin J. Predicting exploitation of disclosed software vulnerabilities using open-source data. (2017)","DOI":"10.1145\/3041008.3041009"},{"key":"e_1_3_2_1_43_1","volume-title":"Patch Before Exploited: An Approach to Identify Targeted Software Vulnerabilities","author":"Shakarian J.","year":"2019","unstructured":"[43]Almukaynizi, M., Nunes, E., Dharaiya, K., Senguttuvan, M., Shakarian, J. & Shakarian, P. Patch Before Exploited: An Approach to Identify Targeted Software Vulnerabilities. (Springer,2019)"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"crossref","unstructured":"[44]Bozorgi M. Saul L. Savage S. & Voelker G. Beyond heuristics: learning to classify vulnerabilities and predict exploits. (2010)","DOI":"10.1145\/1835804.1835821"},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2018.09.039"},{"key":"e_1_3_2_1_46_1","unstructured":"[46]Luong M. Sutskever I. Le Q. Vinyals O. & Zaremba W. Addressing the rare word problem in neural machine translation. Arxiv Preprint Arxiv:1410.8206. (2014)"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"crossref","unstructured":"[47]Huang C. Yen H. Yang P. Huang S. & Chang J. Using sublexical translations to handle the OOV problem in machine translation. Acm Transactions On Asian Language Information Processing (talip). 10 16 (2011)","DOI":"10.1145\/2002980.2002986"},{"key":"e_1_3_2_1_48_1","unstructured":"[48]Liu A. & Kirchhoff K. Context models for oov word translation in low-resource languages. Arxiv Preprint Arxiv:1801.08660. (2018)"}],"event":{"name":"ARES 2021: The 16th International Conference on Availability, Reliability and Security","location":"Vienna Austria","acronym":"ARES 2021"},"container-title":["Proceedings of the 16th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3465481.3465758","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3465481.3465758","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T20:17:29Z","timestamp":1750191449000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3465481.3465758"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,17]]},"references-count":48,"alternative-id":["10.1145\/3465481.3465758","10.1145\/3465481"],"URL":"https:\/\/doi.org\/10.1145\/3465481.3465758","relation":{},"subject":[],"published":{"date-parts":[[2021,8,17]]},"assertion":[{"value":"2021-08-17","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}