Causes, classification, and criticality of information system software vulnerabilities
Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the concept of software vulnerability criticality. Method . Analysis of existing approaches to the assessment, classification, and identification...
Saved in:
| Published in | Vestnik Dagestanskogo gosudarstvennogo tehničeskogo universiteta. Tehničeskie nauki (Online) Vol. 52; no. 2; pp. 98 - 106 |
|---|---|
| Main Author | |
| Format | Journal Article |
| Language | English |
| Published |
10.08.2025
|
| Online Access | Get full text |
| ISSN | 2073-6185 2542-095X 2542-095X |
| DOI | 10.21822/2073-6185-2025-52-2-98-106 |
Cover
| Abstract | Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the concept of software vulnerability criticality. Method . Analysis of existing approaches to the assessment, classification, and identification of software vulnerabilities. Modeling, building a UML model, and describing an algorithm. Result. A definition of the criticality of a software vulnerability is proposed. The causes of the software are partially described, and the existing classification of software vulnerabilities is expanded. An example of assessing the criticality of software vulnerabilities based on calculated metrics is given. An example of vulnerability metrics evaluation and prioritization is given. The UML model and vulnerability assessment algorithm are presented. Conclusion . The results of the conducted research expand the list of indicators and the subject area of the description of software vulnerabilities. |
|---|---|
| AbstractList | Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the concept of software vulnerability criticality. Method . Analysis of existing approaches to the assessment, classification, and identification of software vulnerabilities. Modeling, building a UML model, and describing an algorithm. Result. A definition of the criticality of a software vulnerability is proposed. The causes of the software are partially described, and the existing classification of software vulnerabilities is expanded. An example of assessing the criticality of software vulnerabilities based on calculated metrics is given. An example of vulnerability metrics evaluation and prioritization is given. The UML model and vulnerability assessment algorithm are presented. Conclusion . The results of the conducted research expand the list of indicators and the subject area of the description of software vulnerabilities. |
| Author | Efimov, A. O. |
| Author_xml | – sequence: 1 givenname: A. O. surname: Efimov fullname: Efimov, A. O. organization: Voronezh Institute of the Ministry of Internal Affairs of Russia |
| BookMark | eNqVkF9LwzAUxYNMcM59h4Cviya3SZuiL1L8BwNfVHwLaZpAoEtH0jn67c02_QA-3cs953fhnEs0C0OwCF0zegNMAtwCrQpSMikIUBBEAAFSS8JoeYbmIDgQWouvWd7_jBdomZJvacYrWlZ0jj4bvUs2rbDpdZacN3r0Q1hhHTpsoh_zoffjhAeHfXBD3Bx1nKY02g1Ogxv3Olr8veuDjbr12extukLnTvfJLn_nAn08Pb43L2T99vzaPKyJYVSURNe8lQXU2jhKi1YDh1JyBkZ0XPBKGtsZzuuqcLYQ2dIKxjlnQnfSMO6KYoHuT393Yaunve57tY1-o-OkGFXHmtQhvTqkV4ealMgXVcuslxm_O-EmDilF6_5F_wD8FHAz |
| Cites_doi | 10.1109/JPROC.2020.2993293 10.1109/ICMLA.2018.00120 10.15622/sp.2019.18.6.1301-1332 10.15217/issn1684-8853.2017.6.76 10.26583/bit.2023.2.04 10.15622/sp.2020.19.2.6 10.1109/SP.2010.37 |
| ContentType | Journal Article |
| DBID | AAYXX CITATION ADTOC UNPAY |
| DOI | 10.21822/2073-6185-2025-52-2-98-106 |
| DatabaseName | CrossRef Unpaywall for CDI: Periodical Content Unpaywall |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: UNPAY name: Unpaywall url: https://proxy.k.utb.cz/login?url=https://unpaywall.org/ sourceTypes: Open Access Repository |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Engineering |
| EISSN | 2542-095X |
| EndPage | 106 |
| ExternalDocumentID | 10.21822/2073-6185-2025-52-2-98-106 10_21822_2073_6185_2025_52_2_98_106 |
| GroupedDBID | AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ ADTOC IPNFZ RIG UNPAY |
| ID | FETCH-LOGICAL-c1056-a94b8329acf003ba24268412c5d45478cedc44973fe35f00b5144415ad8c14f33 |
| IEDL.DBID | UNPAY |
| ISSN | 2073-6185 2542-095X |
| IngestDate | Mon Sep 15 08:16:56 EDT 2025 Wed Oct 01 05:40:29 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| License | https://vestnik.dgtu.ru/jour/about/editorialPolicies#openAccessPolicy cc-by |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c1056-a94b8329acf003ba24268412c5d45478cedc44973fe35f00b5144415ad8c14f33 |
| OpenAccessLink | https://proxy.k.utb.cz/login?url=https://doi.org/10.21822/2073-6185-2025-52-2-98-106 |
| PageCount | 9 |
| ParticipantIDs | unpaywall_primary_10_21822_2073_6185_2025_52_2_98_106 crossref_primary_10_21822_2073_6185_2025_52_2_98_106 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2025-08-10 |
| PublicationDateYYYYMMDD | 2025-08-10 |
| PublicationDate_xml | – month: 08 year: 2025 text: 2025-08-10 day: 10 |
| PublicationDecade | 2020 |
| PublicationTitle | Vestnik Dagestanskogo gosudarstvennogo tehničeskogo universiteta. Tehničeskie nauki (Online) |
| PublicationYear | 2025 |
| References | ref13 ref12 ref15 ref14 ref20 ref11 ref10 ref2 ref1 ref17 ref16 ref19 ref18 ref8 ref7 ref9 ref4 ref3 ref6 ref5 |
| References_xml | – ident: ref15 doi: 10.1109/JPROC.2020.2993293 – ident: ref1 – ident: ref4 – ident: ref3 – ident: ref13 doi: 10.1109/ICMLA.2018.00120 – ident: ref20 doi: 10.15622/sp.2019.18.6.1301-1332 – ident: ref5 – ident: ref6 – ident: ref7 – ident: ref2 doi: 10.15217/issn1684-8853.2017.6.76 – ident: ref11 doi: 10.26583/bit.2023.2.04 – ident: ref18 doi: 10.15622/sp.2020.19.2.6 – ident: ref9 – ident: ref8 – ident: ref19 – ident: ref16 – ident: ref10 – ident: ref17 – ident: ref12 – ident: ref14 doi: 10.1109/SP.2010.37 |
| SSID | ssib018270670 ssib044764369 ssj0002774599 |
| Score | 2.3023617 |
| Snippet | Objective . The purpose of this paper is to describe the causes of software vulnerabilities, as well as their classification. Eliminating the ambiguity of the... |
| SourceID | unpaywall crossref |
| SourceType | Open Access Repository Index Database |
| StartPage | 98 |
| Title | Causes, classification, and criticality of information system software vulnerabilities |
| URI | https://doi.org/10.21822/2073-6185-2025-52-2-98-106 |
| UnpaywallVersion | publishedVersion |
| Volume | 52 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: DOAJ : Directory of Open Access Journals [open access] customDbUrl: eissn: 2542-095X dateEnd: 99991231 omitProxy: true ssIdentifier: ssj0002774599 issn: 2542-095X databaseCode: DOA dateStart: 20130101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2542-095X dateEnd: 99991231 omitProxy: true ssIdentifier: ssib044764369 issn: 2073-6185 databaseCode: M~E dateStart: 20130101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LS8NAEB60BcWDb7GiZUGPbrGb3TQ5FqmI0OKhlXoK-8rFEkvbWPTgb3cmTaV6sl5CyO6GZPYx35fsfANwZUVLeE_BMcgdOBEIHqVOcC8oUtM4ZyQFOHd74f1APgzVsIzjpliYlf_3pC0u6AtIgPwmUtifQiFv4oLHpEgabkI1VAjAK1Ad9B7bz5RGblmZzpUUHAHEcAsu_3C3H35pO8_G-n2uR6MVZ3O3B_3lYy72mLw08plp2I9fCo5rvsc-7Jbgk7UXo-UANnx2CDsrkoRH8HSr86mfXjNLsJr2ERVdd8105pgt8yIgcmevKStFV6mcLRSh2RRX9bmeePaWj0jPuth6i2T8GAZ3nf7tPS9zL3CLiCvkOpYGJ3usbYrz3mjy5JFsCqtcIQFmvbNSxq0g9YHCKgaBF1Ez7SLblGkQnEAle838KTAfOKOdDGk5kVZGRiMhd63AuGbq5U1UA7m0fDJeSGwkSE0KsyVktoTMlpDZEoVXkjjC8rAG6ruX1ml39s9251CZTXJ_gRhkZuoFd8dj97NTL8ffF3j5zek |
| linkProvider | Unpaywall |
| linkToUnpaywall | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1LT8JAEJ4oJBoPvo0YNZvokSWy3S3tkRCJMZF4AIOnZl-9SAoBKtFf7wwtBj2Jt6a727Szj_m-7c43ALdWtIT3FByD3IETgeBR6gT3giI1jXNGUoDzUy98GMjHoRqWcdwUC7P2_560xQXtgATIbyKF_SkU8iYueEyKpOE2VEOFALwC1UHvuf1KaeRWlelaScERQAx34OYPT_vhl3bzbKI_Fno0WnM23QPor16zOGPy1sjnpmE_fyk4bvgdh7Bfgk_WLkbLEWz57Bj21iQJT-Clo_OZn9WZJVhN54iWXVdnOnPMlnkRELmzccpK0VUqZ4UiNJvhqr7QU8_e8xHpWS-P3iIZP4VB977feeBl7gVuEXGFXMfS4GSPtU1x3htNnjySTWGVW0qAWe-slHErSH2gsIpB4EXUTLvINmUaBGdQycaZPwfmA2e0kyEtJ9LKyGgk5K4VGNdMvbyLaiBXlk8mhcRGgtRkabaEzJaQ2RIyW6LwThJHWB7WQH330ibtLv7Z7hIq82nurxCDzM11Oea-AOM-y8M |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Causes%2C+classification%2C+and+criticality+of+information+system+software+vulnerabilities&rft.jtitle=Vestnik+Dagestanskogo+gosudarstvennogo+tehni%C4%8Deskogo+universiteta.+Tehni%C4%8Deskie+nauki+%28Online%29&rft.au=Efimov%2C+A.+O.&rft.date=2025-08-10&rft.issn=2073-6185&rft.eissn=2542-095X&rft.volume=52&rft.issue=2&rft.spage=98&rft.epage=106&rft_id=info:doi/10.21822%2F2073-6185-2025-52-2-98-106&rft.externalDBID=n%2Fa&rft.externalDocID=10_21822_2073_6185_2025_52_2_98_106 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2073-6185&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2073-6185&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2073-6185&client=summon |