{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,23]],"date-time":"2025-12-23T00:29:31Z","timestamp":1766449771864,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":36,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,10,25]],"date-time":"2021-10-25T00:00:00Z","timestamp":1635120000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2021,10,25]]},"DOI":"10.1145\/3498891.3501259","type":"proceedings-article","created":{"date-parts":[[2021,12,27]],"date-time":"2021-12-27T15:25:52Z","timestamp":1640618752000},"page":"59-69","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["Beyond NVD: Cybersecurity meets the Semantic Web."],"prefix":"10.1145","author":[{"given":"Ra\u00fal","family":"Aranovich","sequence":"first","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Muting","family":"Wu","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dian","family":"Yu","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Katya","family":"Katsy","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Benyamin","family":"Ahmadnia","sequence":"additional","affiliation":[{"name":"Harvard University, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Matthew","family":"Bishop","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vladimir","family":"Filkov","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kenji","family":"Sagae","sequence":"additional","affiliation":[{"name":"University of California, Davis, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2021,12,27]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Afsah Anwar Ahmed Abusnaina Songqing Chen Frank Li and David\u00a0A. Mohaisen. 2020. Cleaning the NVD: Comprehensive Quality Assessment Improvements and Analyses. CoRR abs\/2006.15074(2020). arXiv:2006.15074https:\/\/arxiv.org\/abs\/2006.15074  Afsah Anwar Ahmed Abusnaina Songqing Chen Frank Li and David\u00a0A. Mohaisen. 2020. Cleaning the NVD: Comprehensive Quality Assessment Improvements and Analyses. CoRR abs\/2006.15074(2020). arXiv:2006.15074https:\/\/arxiv.org\/abs\/2006.15074"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-31863-9_14"},{"volume-title":"Collaborative Vulnerability Metadata Acceptance Process","author":"Byers Robert","key":"e_1_3_2_1_4_1","unstructured":"Robert Byers , David Waltermire , Christopher Turner , 2020. Collaborative Vulnerability Metadata Acceptance Process ( CVMAP) for CVE Numbering Authorities (CNAs) and Authorized Data Publishers . Technical Report. National Institute of Standards and Technology. Robert Byers, David Waltermire, Christopher Turner, 2020. Collaborative Vulnerability Metadata Acceptance Process (CVMAP) for CVE Numbering Authorities (CNAs) and Authorized Data Publishers. Technical Report. National Institute of Standards and Technology."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196401"},{"key":"e_1_3_2_1_6_1","first-page":"19","volume-title":"Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies","volume":"1","author":"Devlin Jacob","year":"2019","unstructured":"Jacob Devlin , Ming-Wei Chang , Kenton Lee , and Kristina Toutanova . 2019 . BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding . In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies , Volume 1 (Long and Short Papers). Association for Computational Linguistics, Minneapolis, Minnesota, 4171\u20134186. https:\/\/doi.org\/10. 18653\/v1\/N 19 - 1423 10.18653\/v1 Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2019. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers). Association for Computational Linguistics, Minneapolis, Minnesota, 4171\u20134186. https:\/\/doi.org\/10.18653\/v1\/N19-1423"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/IJCNN.2019.8852475"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2663716.2663755"},{"volume-title":"WordNet: An Electronic Lexical Database","author":"Fellbaum Christiane","key":"e_1_3_2_1_9_1","unstructured":"Christiane Fellbaum . 1998. WordNet: An Electronic Lexical Database . MIT Press , Cambridge, MA . Christiane Fellbaum. 1998. WordNet: An Electronic Lexical Database. MIT Press, Cambridge, MA."},{"volume-title":"Computer Security Incident Response Team (CSIRT) Services Framework Version 2.1. https:\/\/www.first.org\/standards\/frameworks\/csirts\/FIRST_CSIRT_Services_Framework_v2.1.0.pdf\/ [Online","year":"2019","key":"e_1_3_2_1_10_1","unstructured":"First.org. 2019. Computer Security Incident Response Team (CSIRT) Services Framework Version 2.1. https:\/\/www.first.org\/standards\/frameworks\/csirts\/FIRST_CSIRT_Services_Framework_v2.1.0.pdf\/ [Online ; posted November- 2019 ]. First.org. 2019. Computer Security Incident Response Team (CSIRT) Services Framework Version 2.1. https:\/\/www.first.org\/standards\/frameworks\/csirts\/FIRST_CSIRT_Services_Framework_v2.1.0.pdf\/ [Online; posted November-2019]."},{"key":"e_1_3_2_1_11_1","unstructured":"Assane Gueye and Peter Mell. 2021. A Historical and Statistical Studyof the Software Vulnerability Landscape. arXiv preprint arXiv:2102.01722(2021).  Assane Gueye and Peter Mell. 2021. A Historical and Statistical Studyof the Software Vulnerability Landscape. arXiv preprint arXiv:2102.01722(2021)."},{"key":"e_1_3_2_1_12_1","volume-title":"ASEE Southest Section Conference.","author":"Guo Minzhe","year":"2009","unstructured":"Minzhe Guo and Ju\u00a0An Wang . 2009 . An ontology-based approach to model common vulnerabilities and exposures in information security . In ASEE Southest Section Conference. Minzhe Guo and Ju\u00a0An Wang. 2009. An ontology-based approach to model common vulnerabilities and exposures in information security. In ASEE Southest Section Conference."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.4018\/jisp.2007100101"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3397512"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2015.04.012"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1409360.1409377"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec\/tyaa015"},{"key":"e_1_3_2_1_18_1","volume-title":"Evaluating the Data Inconsistency of Open-Source Vulnerability Repositories. The 16th International Conference on Availability, Reliability and Security","author":"Jiang Yuning","year":"2021","unstructured":"Yuning Jiang , Manfred\u00a0 A. Jeusfeld , and Jianguo Ding . 2021 . Evaluating the Data Inconsistency of Open-Source Vulnerability Repositories. The 16th International Conference on Availability, Reliability and Security (2021). Yuning Jiang, Manfred\u00a0A. Jeusfeld, and Jianguo Ding. 2021. Evaluating the Data Inconsistency of Open-Source Vulnerability Repositories. The 16th International Conference on Availability, Reliability and Security (2021)."},{"key":"e_1_3_2_1_19_1","volume-title":"AAAI Workshops.","author":"Lippman P","year":"2017","unstructured":"Richard\u00a0 P Lippman , David\u00a0 J Weller-Fahy , Alyssa\u00a0 C Mensch , William\u00a0 M Campbell , Joseph\u00a0 P Campbell , William\u00a0 W Streilein , and Kevin\u00a0 M Carter . 2017 . Toward finding malicious cyber discussions in social media . In AAAI Workshops. Richard\u00a0P Lippman, David\u00a0J Weller-Fahy, Alyssa\u00a0C Mensch, William\u00a0M Campbell, Joseph\u00a0P Campbell, William\u00a0W Streilein, and Kevin\u00a0M Carter. 2017. Toward finding malicious cyber discussions in social media. In AAAI Workshops."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/219717.219748"},{"key":"e_1_3_2_1_22_1","unstructured":"\u00c9amonn\u00a0\u00d3 Muir\u00ed. 2019. Framing software component transparency: Establishing a common software bill of material (SBOM). (2019).  \u00c9amonn\u00a0\u00d3 Muir\u00ed. 2019. Framing software component transparency: Establishing a common software bill of material (SBOM). (2019)."},{"key":"#cr-split#-e_1_3_2_1_23_1.1","doi-asserted-by":"crossref","unstructured":"Tayyaba Nafees Natalie Coull Ian Ferguson and Adam Sampson. 2017. Idea-Caution Before Exploitation: The Use of Cybersecurity Domain Knowledge to Educate Software Engineers Against Software Vulnerabilities. 133-142. https:\/\/doi.org\/10.1007\/978-3-319-62105-0_9 10.1007\/978-3-319-62105-0_9","DOI":"10.1007\/978-3-319-62105-0_9"},{"key":"#cr-split#-e_1_3_2_1_23_1.2","doi-asserted-by":"crossref","unstructured":"Tayyaba Nafees Natalie Coull Ian Ferguson and Adam Sampson. 2017. Idea-Caution Before Exploitation: The Use of Cybersecurity Domain Knowledge to Educate Software Engineers Against Software Vulnerabilities. 133-142. https:\/\/doi.org\/10.1007\/978-3-319-62105-0_9","DOI":"10.1007\/978-3-319-62105-0_9"},{"key":"e_1_3_2_1_24_1","first-page":"1","article-title":"Out of sight, out of mind? How vulnerable dependencies affect open-source projects","volume":"26","author":"Artha\u00a0Azriadi Prana Gede","year":"2021","unstructured":"Gede Artha\u00a0Azriadi Prana , Abhishek Sharma , Lwin\u00a0Khin Shar , Darius Foo , Andrew\u00a0 E Santosa , Asankhaya Sharma , and David Lo . 2021 . Out of sight, out of mind? How vulnerable dependencies affect open-source projects . Empirical Software Engineering 26 , 4 (2021), 1 \u2013 34 . Gede Artha\u00a0Azriadi Prana, Abhishek Sharma, Lwin\u00a0Khin Shar, Darius Foo, Andrew\u00a0E Santosa, Asankhaya Sharma, and David Lo. 2021. Out of sight, out of mind? How vulnerable dependencies affect open-source projects. Empirical Software Engineering 26, 4 (2021), 1\u201334.","journal-title":"Empirical Software Engineering"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/D16-1264"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2014.05.005"},{"key":"e_1_3_2_1_27_1","unstructured":"Victor Sanh Lysandre Debut Julien Chaumond and Thomas Wolf. 2019. DistilBERT a distilled version of BERT: smaller faster cheaper and lighter. CoRR abs\/1910.01108(2019). arxiv:1910.01108http:\/\/arxiv.org\/abs\/1910.01108  Victor Sanh Lysandre Debut Julien Chaumond and Thomas Wolf. 2019. DistilBERT a distilled version of BERT: smaller faster cheaper and lighter. CoRR abs\/1910.01108(2019). arxiv:1910.01108http:\/\/arxiv.org\/abs\/1910.01108"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-99828-2_15"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.5555\/1620092.1620110"},{"key":"e_1_3_2_1_30_1","volume-title":"Madison Oliver, Vijay Sarvapalli, Laurie Tyzenhaus, and Charles Yarbrough.","author":"Spring M","year":"2021","unstructured":"Jonathan\u00a0 M Spring , Allen Householder , Eric Hatleback , Art Manion , Madison Oliver, Vijay Sarvapalli, Laurie Tyzenhaus, and Charles Yarbrough. 2021 . Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0). Technical Report. CARNEGIE-MELLON UNIV PITTSBURGH PA. Jonathan\u00a0M Spring, Allen Householder, Eric Hatleback, Art Manion, Madison Oliver, Vijay Sarvapalli, Laurie Tyzenhaus, and Charles Yarbrough. 2021. Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0). Technical Report. CARNEGIE-MELLON UNIV PITTSBURGH PA."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-020-00060-8"},{"key":"e_1_3_2_1_33_1","unstructured":"Jeff Williams and Arshan Dabirsiaghi. 2012. The Unfortunate Reality of Insecure Libraries. (2012). https:\/\/www.scribd.com\/document\/175866686\/Aspect-Security-the-Unfortunate-Reality-of-Insecure-Libraries  Jeff Williams and Arshan Dabirsiaghi. 2012. The Unfortunate Reality of Insecure Libraries. (2012). https:\/\/www.scribd.com\/document\/175866686\/Aspect-Security-the-Unfortunate-Reality-of-Insecure-Libraries"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/2020.emnlp-demos.6"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/s11390-016-1672-0"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101610"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1080\/19393555.2015.1111961"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.18653\/v1\/N19-1140"}],"event":{"name":"NSPW '21: New Security Paradigms Workshop","acronym":"NSPW '21","location":"Virtual Event USA"},"container-title":["New Security Paradigms Workshop"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3498891.3501259","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3498891.3501259","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:30:37Z","timestamp":1750188637000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3498891.3501259"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,10,25]]},"references-count":36,"alternative-id":["10.1145\/3498891.3501259","10.1145\/3498891"],"URL":"https:\/\/doi.org\/10.1145\/3498891.3501259","relation":{},"subject":[],"published":{"date-parts":[[2021,10,25]]},"assertion":[{"value":"2021-12-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}