A Comprehensive Review and Assessment of Cybersecurity Vulnerability Detection Methodologies

The number of new vulnerabilities continues to rise significantly each year. Simultaneously, vulnerability databases have challenges in promptly sharing new security events with enough information to improve protections against emerging cyberattack vectors and possible exploits. In this context, sev...

Full description

Saved in:
Bibliographic Details
Published inJournal of cybersecurity and privacy Vol. 4; no. 4; pp. 853 - 908
Main Authors Bennouk, Khalid, Ait Aali, Nawal, El Bouzekri El Idrissi, Younès, Sebai, Bechir, Faroukhi, Abou Zakaria, Mahouachi, Dorra
Format Journal Article
LanguageEnglish
Published Washington MDPI AG 07.10.2024
Subjects
Academic libraries
AI model
Automation
CPE
CVE
CWE
Cybersecurity
Dictionaries
Digital libraries
graph representation
Information systems
Literature reviews
Metadata
Research methodology
Software
vulnerability detection
Online AccessGet full text
ISSN2624-800X
2624-800X
DOI10.3390/jcp4040040

Cover

Abstract The number of new vulnerabilities continues to rise significantly each year. Simultaneously, vulnerability databases have challenges in promptly sharing new security events with enough information to improve protections against emerging cyberattack vectors and possible exploits. In this context, several organizations adopt strategies to protect their data, technologies, and infrastructures from cyberattacks by implementing anticipatory and proactive approaches to their system security activities. To this end, vulnerability management systems play a crucial role in mitigating the impact of cyberattacks by identifying potential vulnerabilities within an organization and alerting cyber teams. However, the effectiveness of these systems, which employ multiple methods and techniques to identify weaknesses, relies heavily on the accuracy of published security events. For this reason, we introduce a discussion concerning existing vulnerability detection methods through an in-depth literature study of several research papers. Based on the results, this paper points out some issues related to vulnerability databases handling that impact the effectiveness of certain vulnerability identification methods. Furthermore, after summarizing the existing methodologies, this study classifies them into four approaches and discusses the challenges, findings, and potential research directions.
AbstractList The number of new vulnerabilities continues to rise significantly each year. Simultaneously, vulnerability databases have challenges in promptly sharing new security events with enough information to improve protections against emerging cyberattack vectors and possible exploits. In this context, several organizations adopt strategies to protect their data, technologies, and infrastructures from cyberattacks by implementing anticipatory and proactive approaches to their system security activities. To this end, vulnerability management systems play a crucial role in mitigating the impact of cyberattacks by identifying potential vulnerabilities within an organization and alerting cyber teams. However, the effectiveness of these systems, which employ multiple methods and techniques to identify weaknesses, relies heavily on the accuracy of published security events. For this reason, we introduce a discussion concerning existing vulnerability detection methods through an in-depth literature study of several research papers. Based on the results, this paper points out some issues related to vulnerability databases handling that impact the effectiveness of certain vulnerability identification methods. Furthermore, after summarizing the existing methodologies, this study classifies them into four approaches and discusses the challenges, findings, and potential research directions.
Author El Bouzekri El Idrissi, Younès
Ait Aali, Nawal
Sebai, Bechir
Mahouachi, Dorra
Bennouk, Khalid
Faroukhi, Abou Zakaria
Author_xml – sequence: 1
  givenname: Khalid
  orcidid: 0009-0004-8450-5424
  surname: Bennouk
  fullname: Bennouk, Khalid
– sequence: 2
  givenname: Nawal
  orcidid: 0000-0002-9322-7225
  surname: Ait Aali
  fullname: Ait Aali, Nawal
– sequence: 3
  givenname: Younès
  orcidid: 0000-0003-4018-437X
  surname: El Bouzekri El Idrissi
  fullname: El Bouzekri El Idrissi, Younès
– sequence: 4
  givenname: Bechir
  surname: Sebai
  fullname: Sebai, Bechir
– sequence: 5
  givenname: Abou Zakaria
  surname: Faroukhi
  fullname: Faroukhi, Abou Zakaria
– sequence: 6
  givenname: Dorra
  surname: Mahouachi
  fullname: Mahouachi, Dorra
BookMark eNptUdtKAzEQDaJgrX3xCxZ8E6rJJk2yj6XeChVBVHwQQjY7aVO2m5qklf69WysqIgxzOZw5M8wcof3GN4DQCcHnlBb4Ym6WDDPc2h7q5DxnfYnxy_6v_BD1YpxjjHNR0AFhHfQ6zEZ-sQwwgya6NWQPsHbwnummyoYxQowLaFLmbTbalBAimFVwaZM9r-oGgi5dva0uIYFJzjfZHaSZr3ztpw7iMTqwuo7Q-4pd9HR99Ti67U_ub8aj4aRvKCepr00lGC2hNJxLqwcaWyG5JCB4XlSCiJzgwjJRAjBCK0YsDDClLchlaWxJu2i80628nqtlcAsdNsprpz4BH6ZKh-RMDYowWeRkoCWWOausKYRmhgshWielzFut053WMvi3FcSk5n4VmnZ9RQkrOBUF2bLOdiwTfIwB7PdUgtX2GernGS0Z_yEbl_T2XCloV__X8gGlF438
CitedBy_id crossref_primary_10_32604_cmc_2024_057587
Cites_doi 10.1109/ICNC59896.2024.10555953
10.1016/j.iot.2023.100989
10.21203/rs.3.rs-4387414/v1
10.1109/TDSC.2021.3051525
10.3390/s22062126
10.1088/1742-6596/1827/1/012061
10.1007/s11227-016-1850-4
10.1145/24039.24041
10.1016/j.epsr.2022.107805
10.1186/s40537-024-00957-y
10.6028/NIST.SP.800-150
10.1080/0022250X.2001.9990249
10.1109/SecDev53368.2022.00028
10.1109/QRS-C51114.2020.00018
10.1016/j.procs.2018.05.082
10.1109/ICSE48619.2023.00191
10.1109/MINES.2012.202
10.1016/j.hcc.2024.100211
10.3390/app11104580
10.1016/j.scico.2012.06.002
10.1016/j.comcom.2010.04.006
10.1016/j.future.2019.05.041
10.6028/NIST.SP.800-61r2
10.1016/0096-0551(85)90018-9
10.1016/j.jss.2019.06.001
10.30534/ijatcse/2021/1581032021
10.1088/1742-6596/1395/1/012013
10.1016/j.cose.2022.102609
10.1109/SP.2017.62
10.3390/s22145105
10.1016/j.aiopen.2021.01.001
10.1145/3377024.3377026
10.1016/j.cose.2022.102823
10.6028/NIST.IR.7946
10.1016/j.cose.2021.102417
10.1145/3377811.3380364
10.6028/NIST.IR.8011-1
10.1109/DSN.2019.00056
10.24251/HICSS.2021.841
10.1016/j.compeleceng.2022.107716
10.3390/make6020050
10.1109/SSCI.2016.7849908
10.1145/3395363.3397385
10.1016/j.csa.2023.100031
10.1109/ICNC59896.2024.10556231
10.1016/j.cie.2019.106040
10.1109/ISSRE52982.2021.00054
10.3390/electronics12183927
10.1109/ICSE48619.2023.00188
10.3115/v1/D14-1179
10.1109/ICGS3.2019.8688018
10.1109/JIOT.2020.3042204
10.1145/3661167.3661176
10.1016/j.diin.2006.06.015
10.1016/j.procs.2024.04.294
10.1016/j.cose.2023.103256
10.1145/3510003.3510229
10.1111/1467-8551.00375
10.2478/jsiot-2022-0010
10.1145/3292500.3330989
10.1109/ICSE48619.2023.00192
10.1007/978-3-031-44355-8_12
10.1109/CAIN58948.2023.00026
10.1145/3395363.3397361
10.3390/electronics13050899
10.1145/2491845.2491871
10.1016/j.knosys.2022.110139
10.1017/S0269888912000331
10.1109/TSE.2022.3207149
10.3390/electronics13071191
10.3389/friot.2024.1306465
10.1109/IDAACS53288.2021.9660968
10.1145/3597926.3598037
10.6028/NIST.SP.800-18r1
10.1145/3379597.3387501
10.1007/s00500-022-07777-3
10.3390/app13169240
10.1109/ICSE48619.2023.00190
10.1007/978-3-031-37231-5_8
10.1016/j.array.2022.100209
10.1145/3468264.3468597
10.30574/ijsra.2024.11.1.0217
10.18653/v1/2024.acl-long.527
10.1109/SP.2014.44
10.1109/CCWC51732.2021.9376145
10.30656/jsmi.v4i1.2186
10.1109/PST.2016.7906965
10.1109/SP54263.2024.00210
10.1145/3276517
10.1016/j.jss.2022.111541
10.14722/ndss.2018.23158
10.1145/3597503.3639117
10.1007/978-3-030-48256-5_9
10.1109/TSE.2023.3286586
10.17487/rfc5646
10.1016/j.jss.2024.112031
10.1109/COMST.2021.3086296
10.5220/0012403500003648
10.1162/neco.1997.9.8.1735
10.1109/IALP.2018.8629225
10.1109/TIFS.2020.3044773
10.1109/TSE.2024.3470333
10.1007/s10462-023-10470-y
10.1007/978-3-030-12330-7
10.1108/IJWIS-06-2023-0089
10.1145/3607199.3607242
10.1109/CBD.2017.58
10.1145/3106237.3117771
10.1145/3639476.3639762
10.5220/0012060400003555
10.1109/ACCESS.2023.3298048
10.1109/ICACCI.2018.8554656
10.1145/1183236.1183264
10.1109/QRS-C60940.2023.00078
10.1109/ICMLA.2018.00120
10.6028/NIST.SP.800-34r1
10.1109/ACCESS.2021.3056407
10.3390/electronics11010016
10.1007/978-3-031-68738-9_34
10.1016/j.im.2020.103334
10.1145/3695988
10.1109/IACS.2017.7921992
10.1109/TSE.2021.3087402
10.1016/j.eswa.2019.112948
10.1007/s10844-017-0492-1
10.1016/S0377-2217(98)00364-6
10.1038/s41467-019-13055-y
10.1016/j.jss.2023.111832
10.1109/CNS48642.2020.9162309
10.1016/j.eswa.2020.114066
10.6028/NIST.SP.800-12r1
10.1016/j.cose.2023.103477
10.1016/j.cose.2019.03.010
10.1162/tacl_a_00104
10.1145/3524104
10.1109/ACCESS.2024.3422999
10.2139/ssrn.4853709
10.1145/3339252.3340522
10.1016/j.jss.2023.111623
10.1145/3465481.3470039
10.1145/3605098.3636003
10.1049/blc2.12046
10.6028/NIST.IR.7695
10.1016/j.future.2016.06.014
10.1109/TNNLS.2020.2978386
10.1007/978-1-4419-0140-8
10.1016/j.neunet.2018.07.011
10.3390/electronics9010144
10.1109/ACCESS.2024.3420741
10.1109/ICCWS48432.2020.9292388
10.3390/info13070322
10.3390/app9245364
10.30574/wjarr.2024.21.1.0315
10.3390/electronics11020198
10.2478/raft-2024-0010
10.1109/DSA52907.2021.00013
10.1016/j.heliyon.2024.e29917
10.6028/NIST.SP.1800-17
10.1109/MC.2012.286
10.18653/v1/D19-1410
10.1109/IJCNN48605.2020.9207304
10.1186/2192-113X-2-17
10.6028/NIST.SP.800-160v2r1
10.1109/NOMS47738.2020.9110460
10.1007/978-3-642-36583-6
10.6028/NIST.IR.7698
10.1007/978-3-319-93417-4_38
10.1007/978-3-030-52683-2_1
10.14722/ndss.2024.24346
10.1145/3641819
10.18653/v1/2021.emnlp-main.685
10.1016/j.eng.2018.01.004
10.1007/11554844_3
10.21203/rs.3.rs-3238552/v1
10.1145/3436877
10.1186/s13677-023-00574-9
10.1007/s00607-018-0646-1
10.1109/FIT.2017.00037
ContentType Journal Article
Copyright 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
Copyright_xml – notice: 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.
DBID AAYXX
CITATION
3V.
7WY
7WZ
7XB
87Z
8FK
8FL
ABUWG
AFKRA
AZQEC
BENPR
BEZIV
CCPQU
DWQXO
FRNLG
F~G
K60
K6~
L.-
M0C
PHGZM
PHGZT
PIMPY
PKEHL
PQBIZ
PQBZA
PQEST
PQQKQ
PQUKI
PRINS
Q9U
DOA
DOI 10.3390/jcp4040040
DatabaseName CrossRef
ProQuest Central (Corporate)
ABI/INFORM Collection
ABI/INFORM Global (PDF only)
ProQuest Central (purchase pre-March 2016)
ABI/INFORM Collection
ProQuest Central (Alumni) (purchase pre-March 2016)
ABI/INFORM Collection (Alumni)
ProQuest Central (Alumni)
ProQuest Central UK/Ireland
ProQuest Central Essentials
ProQuest Central
Business Premium Collection
ProQuest One
ProQuest Central Korea
Business Premium Collection (Alumni)
ABI/INFORM Global (Corporate)
ProQuest Business Collection (Alumni Edition)
ProQuest Business Collection
ABI/INFORM Professional Advanced
ABI/INFORM Collection (ProQuest)
ProQuest Central Premium
ProQuest One Academic (New)
Publicly Available Content Database
ProQuest One Academic Middle East (New)
ProQuest One Business
ProQuest One Business (Alumni)
ProQuest One Academic Eastern Edition (DO NOT USE)
ProQuest One Academic
ProQuest One Academic UKI Edition
ProQuest Central China
ProQuest Central Basic
DOAJ Directory of Open Access Journals
DatabaseTitle CrossRef
Publicly Available Content Database
ABI/INFORM Global (Corporate)
ProQuest Business Collection (Alumni Edition)
ProQuest One Business
ProQuest One Academic Middle East (New)
ProQuest Central Essentials
ProQuest Central (Alumni Edition)
ProQuest One Community College
ProQuest Central China
ABI/INFORM Complete
ProQuest Central
ABI/INFORM Professional Advanced
ProQuest Central Korea
ProQuest Central (New)
ABI/INFORM Complete (Alumni Edition)
Business Premium Collection
ABI/INFORM Global
ABI/INFORM Global (Alumni Edition)
ProQuest Central Basic
ProQuest One Academic Eastern Edition
ProQuest Business Collection
ProQuest One Academic UKI Edition
ProQuest One Business (Alumni)
ProQuest One Academic
ProQuest One Academic (New)
ProQuest Central (Alumni)
Business Premium Collection (Alumni)
DatabaseTitleList Publicly Available Content Database
CrossRef
Database_xml – sequence: 1
  dbid: DOA
  name: Directory of Open Access Journals (DOAJ)
  url: https://www.doaj.org/
  sourceTypes: Open Website
– sequence: 2
  dbid: BENPR
  name: ProQuest Central
  url: http://www.proquest.com/pqcentral?accountid=15518
  sourceTypes: Aggregation Database
DeliveryMethod fulltext_linktorsrc
Discipline Computer Science
EISSN 2624-800X
EndPage 908
ExternalDocumentID oai_doaj_org_article_1489215a80824dfc97a4c6777c678882
10_3390_jcp4040040
GroupedDBID 7WY
8FL
AAYXX
ABUWG
AFKRA
AFZYC
ALMA_UNASSIGNED_HOLDINGS
BENPR
BEZIV
CCPQU
CITATION
DWQXO
FRNLG
GROUPED_DOAJ
M0C
MODMG
M~E
OK1
PHGZM
PHGZT
PIMPY
PQBIZ
PQBZA
PUEGO
3V.
7XB
8FK
AZQEC
K60
K6~
L.-
PKEHL
PQEST
PQQKQ
PQUKI
PRINS
Q9U
ID FETCH-LOGICAL-c361t-acd743bebc668fa5a0f78681e7629d7172109f47bee413d41fe503310968bcfb3
IEDL.DBID DOA
ISSN 2624-800X
IngestDate Wed Aug 27 01:20:58 EDT 2025
Mon Jun 30 13:27:56 EDT 2025
Wed Oct 01 01:28:12 EDT 2025
Thu Apr 24 23:01:53 EDT 2025
IsDoiOpenAccess true
IsOpenAccess true
IsPeerReviewed true
IsScholarly true
Issue 4
Language English
License https://creativecommons.org/licenses/by/4.0
LinkModel DirectLink
MergedId FETCHMERGED-LOGICAL-c361t-acd743bebc668fa5a0f78681e7629d7172109f47bee413d41fe503310968bcfb3
Notes ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ORCID 0000-0002-9322-7225
0009-0004-8450-5424
0000-0003-4018-437X
OpenAccessLink https://doaj.org/article/1489215a80824dfc97a4c6777c678882
PQID 3149637912
PQPubID 5465940
PageCount 56
ParticipantIDs doaj_primary_oai_doaj_org_article_1489215a80824dfc97a4c6777c678882
proquest_journals_3149637912
crossref_primary_10_3390_jcp4040040
crossref_citationtrail_10_3390_jcp4040040
ProviderPackageCode CITATION
AAYXX
PublicationCentury 2000
PublicationDate 2024-10-07
PublicationDateYYYYMMDD 2024-10-07
PublicationDate_xml – month: 10
  year: 2024
  text: 2024-10-07
  day: 07
PublicationDecade 2020
PublicationPlace Washington
PublicationPlace_xml – name: Washington
PublicationTitle Journal of cybersecurity and privacy
PublicationYear 2024
Publisher MDPI AG
Publisher_xml – name: MDPI AG
References Sun (ref_11) 2023; 135
ref_137
ref_258
ref_93
ref_136
ref_257
ref_139
ref_91
ref_90
Tranfield (ref_12) 2003; 14
ref_250
ref_131
ref_252
Na (ref_47) 2018; 14
Obbink (ref_98) 2005; Volume 3714
ref_99
ref_130
ref_251
ref_254
ref_253
ref_96
ref_135
ref_256
ref_95
ref_134
ref_255
Galindo (ref_108) 2020; Volume B
Cheng (ref_245) 2021; 30
Jiang (ref_260) 2022; 15
ref_126
ref_125
ref_128
ref_249
Shi (ref_80) 2024; 27
ref_127
ref_129
ref_120
ref_241
ref_122
ref_243
ref_242
ref_124
ref_123
ref_244
Buda (ref_140) 2018; 106
Sadlek (ref_238) 2022; 115
Ferrante (ref_63) 1987; 9
Hassan (ref_177) 2021; 9
Yao (ref_198) 2024; 4
ref_72
ref_71
ref_70
Koroniotis (ref_133) 2019; 100
Chakraborty (ref_94) 2022; 48
ref_76
ref_74
ref_157
ref_73
Zhang (ref_232) 2023; 206
Sun (ref_121) 2023; 73
Denz (ref_155) 2013; 2
ref_83
Rezaeibagha (ref_142) 2021; 8
ref_148
ref_82
ref_147
Sun (ref_248) 2021; 110
ref_149
Xiong (ref_218) 2019; 84
ref_89
ref_88
ref_141
ref_87
ref_144
ref_86
ref_143
ref_85
Manjunatha (ref_204) 2024; 235
ref_217
Okoli (ref_153) 2024; 21
ref_212
Zhao (ref_50) 2023; 260
Hochreiter (ref_113) 1997; 36
Sharma (ref_41) 2023; 129
ref_203
ref_205
ref_207
Belkina (ref_92) 2019; 10
Zhou (ref_56) 2020; 1
Nong (ref_160) 2023; 49
Dokeroglu (ref_158) 2019; 137
ref_201
ref_200
Abdusalomov (ref_182) 2024; 12
Chen (ref_240) 2020; 141
Zhang (ref_224) 2023; 49
ref_115
ref_114
ref_116
ref_237
Li (ref_152) 2020; 37
Guo (ref_156) 2022; 121
ref_239
Hu (ref_178) 2021; 1827
Liu (ref_39) 2011; 34
ref_230
ref_110
ref_231
ref_112
Jameil (ref_151) 2024; 12
Collet (ref_75) 2023; Volume 13927
ref_104
ref_225
ref_103
ref_227
ref_105
ref_226
ref_229
ref_228
ref_109
De (ref_79) 2022; 206
Azhagiri (ref_184) 2023; 16
Kiran (ref_246) 2021; 10
ref_102
ref_222
Amoo (ref_138) 2024; 11
Chiu (ref_111) 2016; 4
Benduhn (ref_219) 2014; 79
Syed (ref_209) 2020; 57
ref_14
ref_13
Kharat (ref_6) 2022; 9
Kornblum (ref_51) 2006; 3
Jia (ref_210) 2018; 4
Noonan (ref_57) 1985; 10
ref_18
ref_16
ref_15
Cosentino (ref_211) 2017; 49
Jones (ref_202) 2024; 29
Rodriguez (ref_185) 2021; 23
ref_25
ref_24
ref_23
ref_22
ref_21
ref_20
Brailsford (ref_101) 1999; 119
Hitesh (ref_221) 2018; 132
ref_29
ref_28
ref_27
ref_26
Lu (ref_84) 2024; 212
Liu (ref_165) 2023; 11
Stine (ref_19) 2008; 1
Admass (ref_146) 2024; 2
Li (ref_175) 2024; 6
Jiang (ref_77) 2013; 28
Bordes (ref_81) 2013; 2
(ref_233) 2023; 27
Wang (ref_55) 2021; 16
Sawyer (ref_213) 2012; 45
Galindo (ref_215) 2019; Volume A
Thomas (ref_208) 2024; 20
Salem (ref_154) 2024; 11
Galindo (ref_100) 2019; 101
ref_58
ref_172
ref_174
ref_54
Tang (ref_164) 2023; 199
ref_53
ref_176
ref_52
Li (ref_62) 2022; 19
ref_179
Qu (ref_119) 2023; 55
Felfernig (ref_214) 2018; 51
ref_180
Zou (ref_223) 2019; 18
Singh (ref_145) 2019; 75
ref_181
Yuan (ref_235) 2024; 81
Wu (ref_59) 2019; 32
ref_61
Russo (ref_173) 2019; 156
ref_60
ref_169
Tariq (ref_132) 2024; 10
Li (ref_247) 2019; 1395
ref_69
ref_162
ref_68
ref_161
ref_67
Agrawal (ref_206) 2021; 9
ref_66
ref_163
ref_65
ref_166
ref_64
ref_168
ref_167
Maurice (ref_10) 2020; Volume 12223
ref_171
Brandes (ref_78) 2001; 25
Borrego (ref_107) 2023; 195
ref_36
ref_195
ref_35
ref_194
ref_34
ref_197
ref_33
ref_196
ref_32
ref_199
ref_31
Zamojski (ref_259) 2020; Volume 1173
ref_30
Kwak (ref_117) 2021; 166
ref_38
ref_37
Mihoub (ref_118) 2022; 98
Hussan (ref_170) 2022; 2022
Blanco (ref_220) 2023; 24
ref_46
ref_183
ref_45
ref_186
ref_44
ref_43
ref_188
ref_42
ref_187
Gasca (ref_106) 2020; Volume A
ref_40
ref_189
ref_1
ref_3
ref_2
Costa (ref_216) 2018; 80
Isniah (ref_17) 2020; 4
ref_191
ref_190
ref_49
ref_193
Gong (ref_234) 2023; 3
ref_48
Long (ref_150) 2024; 13
Rajwar (ref_159) 2023; 56
ref_192
Pradel (ref_236) 2018; 2
ref_9
ref_8
ref_5
Batory (ref_97) 2006; 49
ref_4
ref_7
References_xml – ident: ref_9
– ident: ref_53
  doi: 10.1109/ICNC59896.2024.10555953
– volume: 24
  start-page: 100989
  year: 2023
  ident: ref_220
  article-title: Onto-CARMEN: Ontology-Driven Approach for Cyber–Physical System Security Requirements Meta-Modelling and Reasoning
  publication-title: Internet Things
  doi: 10.1016/j.iot.2023.100989
– ident: ref_157
  doi: 10.21203/rs.3.rs-4387414/v1
– volume: 19
  start-page: 2244
  year: 2022
  ident: ref_62
  article-title: SySeVR: A Framework for Using Deep Learning to Detect Software Vulnerabilities
  publication-title: IEEE Trans. Dependable Secur. Comput.
  doi: 10.1109/TDSC.2021.3051525
– ident: ref_68
  doi: 10.3390/s22062126
– ident: ref_65
– ident: ref_88
– volume: 1827
  start-page: 012061
  year: 2021
  ident: ref_178
  article-title: Web Application Vulnerability Detection Method Based on Machine Learning
  publication-title: J. Phys. Conf. Ser.
  doi: 10.1088/1742-6596/1827/1/012061
– volume: 75
  start-page: 4543
  year: 2019
  ident: ref_145
  article-title: A Comprehensive Study on APT Attacks and Countermeasures for Future Networks and Communications: Challenges and Solutions
  publication-title: J. Supercomput.
  doi: 10.1007/s11227-016-1850-4
– volume: 9
  start-page: 319
  year: 1987
  ident: ref_63
  article-title: The Program Dependence Graph and Its Use in Optimization
  publication-title: ACM Trans. Program. Lang. Syst.
  doi: 10.1145/24039.24041
– ident: ref_71
– volume: 206
  start-page: 107805
  year: 2022
  ident: ref_79
  article-title: A PMU Assisted Cyber Attack Resilient Framework against Power Systems Structural Vulnerabilities
  publication-title: Electr. Power Syst. Res.
  doi: 10.1016/j.epsr.2022.107805
– volume: 11
  start-page: 105
  year: 2024
  ident: ref_154
  article-title: Advancing Cybersecurity: A Comprehensive Review of AI-Driven Detection Techniques
  publication-title: J. Big Data
  doi: 10.1186/s40537-024-00957-y
– ident: ref_28
  doi: 10.6028/NIST.SP.800-150
– ident: ref_120
– volume: 25
  start-page: 163
  year: 2001
  ident: ref_78
  article-title: A Faster Algorithm for Betweenness Centrality*
  publication-title: J. Math. Sociol.
  doi: 10.1080/0022250X.2001.9990249
– ident: ref_83
– ident: ref_212
– ident: ref_258
– ident: ref_242
  doi: 10.1109/SecDev53368.2022.00028
– volume: 1
  start-page: 53
  year: 2008
  ident: ref_19
  article-title: Volume I: Guide for Mapping Types of Information and Information Systems to Security Categories
  publication-title: Spec. Publ. 800-60 Revis. 1
– ident: ref_230
  doi: 10.1109/QRS-C51114.2020.00018
– volume: 132
  start-page: 1477
  year: 2018
  ident: ref_221
  article-title: Feature Selection Optimization in SPL Using Genetic Algorithm
  publication-title: Procedia Comput. Sci.
  doi: 10.1016/j.procs.2018.05.082
– ident: ref_58
  doi: 10.1109/ICSE48619.2023.00191
– volume: 37
  start-page: 50
  year: 2020
  ident: ref_152
  article-title: Federated Learning: Challenges, Methods, and Future Directions
  publication-title: IEEE Signal Process. Mag.
– volume: 81
  start-page: 103718
  year: 2024
  ident: ref_235
  article-title: Software Vulnerable Functions Discovery Based on Code Composite Feature
  publication-title: J. Inf. Secur. Appl.
– ident: ref_3
– ident: ref_45
  doi: 10.1109/MINES.2012.202
– ident: ref_115
– ident: ref_228
– volume: 4
  start-page: 100211
  year: 2024
  ident: ref_198
  article-title: A Survey on Large Language Model (LLM) Security and Privacy: The Good, The Bad, and The Ugly
  publication-title: High-Confid. Comput.
  doi: 10.1016/j.hcc.2024.100211
– ident: ref_148
  doi: 10.3390/app11104580
– volume: 79
  start-page: 70
  year: 2014
  ident: ref_219
  article-title: FeatureIDE: An Extensible Framework for Feature-Oriented Software Development
  publication-title: Sci. Comput. Program.
  doi: 10.1016/j.scico.2012.06.002
– volume: 34
  start-page: 264
  year: 2011
  ident: ref_39
  article-title: VRSS: A New System for Rating and Scoring Vulnerabilities
  publication-title: Comput. Commun.
  doi: 10.1016/j.comcom.2010.04.006
– volume: 100
  start-page: 779
  year: 2019
  ident: ref_133
  article-title: Towards the Development of Realistic Botnet Dataset in the Internet of Things for Network Forensic Analytics: Bot-IoT Dataset
  publication-title: Future Gener. Comput. Syst.
  doi: 10.1016/j.future.2019.05.041
– ident: ref_205
– volume: 9
  start-page: 976
  year: 2022
  ident: ref_6
  article-title: Vulnerability Management System
  publication-title: Int. Res. J. Eng. Technol.
– ident: ref_24
  doi: 10.6028/NIST.SP.800-61r2
– volume: 10
  start-page: 225
  year: 1985
  ident: ref_57
  article-title: An Algorithm for Generating Abstract Syntax Trees
  publication-title: Comput. Lang.
  doi: 10.1016/0096-0551(85)90018-9
– ident: ref_200
– volume: 156
  start-page: 84
  year: 2019
  ident: ref_173
  article-title: Summarizing Vulnerabilities’ Descriptions to Support Experts during Vulnerability Assessment Activities
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2019.06.001
– volume: 10
  start-page: 2637
  year: 2021
  ident: ref_246
  article-title: Categorization of CVE Based on Vulnerability Software By Using Machine Learning Techniques
  publication-title: Int. J. Adv. Trends Comput. Sci. Eng.
  doi: 10.30534/ijatcse/2021/1581032021
– volume: Volume A
  start-page: 265
  year: 2019
  ident: ref_215
  article-title: Process Mining to Unleash Variability Management: Discovering Configuration Workflows Using Logs
  publication-title: Proceedings of the 23rd International Systems and Software Product Line Conference
– volume: 1395
  start-page: 012013
  year: 2019
  ident: ref_247
  article-title: Detection of SQL Injection Attacks Based on Improved TFIDF Algorithm
  publication-title: J. Phys. Conf. Ser.
  doi: 10.1088/1742-6596/1395/1/012013
– ident: ref_89
– volume: 115
  start-page: 102609
  year: 2022
  ident: ref_238
  article-title: CRUSOE: A Toolset for Cyber Situational Awareness and Decision Support in Incident Handling
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2022.102609
– ident: ref_126
– ident: ref_249
  doi: 10.1109/SP.2017.62
– ident: ref_36
– ident: ref_70
– ident: ref_95
– ident: ref_147
  doi: 10.3390/s22145105
– volume: 1
  start-page: 57
  year: 2020
  ident: ref_56
  article-title: Graph Neural Networks: A Review of Methods and Applications
  publication-title: AI Open
  doi: 10.1016/j.aiopen.2021.01.001
– ident: ref_104
  doi: 10.1145/3377024.3377026
– ident: ref_26
– volume: 121
  start-page: 102823
  year: 2022
  ident: ref_156
  article-title: HyVulDect: A Hybrid Semantic Vulnerability Mining System Based on Graph Neural Network
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2022.102823
– ident: ref_25
  doi: 10.6028/NIST.IR.7946
– ident: ref_127
– volume: 110
  start-page: 102417
  year: 2021
  ident: ref_248
  article-title: VDSimilar: Vulnerability Detection Based on Code Similarity of Vulnerabilities and Patches
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2021.102417
– ident: ref_134
  doi: 10.1145/3377811.3380364
– ident: ref_29
  doi: 10.6028/NIST.IR.8011-1
– ident: ref_254
  doi: 10.1109/DSN.2019.00056
– ident: ref_251
  doi: 10.24251/HICSS.2021.841
– ident: ref_8
– volume: 98
  start-page: 107716
  year: 2022
  ident: ref_118
  article-title: Denial of Service Attack Detection and Mitigation for Internet of Things Using Looking-Back-Enabled Machine Learning Techniques
  publication-title: Comput. Electr. Eng.
  doi: 10.1016/j.compeleceng.2022.107716
– volume: 6
  start-page: 1087
  year: 2024
  ident: ref_175
  article-title: Assessment of Software Vulnerability Contributing Factors by Model-Agnostic Explainable AI
  publication-title: Mach. Learn. Knowl. Extr.
  doi: 10.3390/make6020050
– ident: ref_239
  doi: 10.1109/SSCI.2016.7849908
– ident: ref_87
– ident: ref_136
  doi: 10.1145/3395363.3397385
– volume: 2
  start-page: 100031
  year: 2024
  ident: ref_146
  article-title: Cyber Security: State of the Art, Challenges and Future Directions
  publication-title: Cyber Secur. Appl.
  doi: 10.1016/j.csa.2023.100031
– ident: ref_38
– ident: ref_52
  doi: 10.1109/ICNC59896.2024.10556231
– volume: 137
  start-page: 106040
  year: 2019
  ident: ref_158
  article-title: A Survey on New Generation Metaheuristic Algorithms
  publication-title: Comput. Ind. Eng.
  doi: 10.1016/j.cie.2019.106040
– ident: ref_61
  doi: 10.1109/ISSRE52982.2021.00054
– ident: ref_110
– ident: ref_72
– ident: ref_180
  doi: 10.3390/electronics12183927
– ident: ref_191
  doi: 10.1109/ICSE48619.2023.00188
– ident: ref_60
  doi: 10.3115/v1/D14-1179
– ident: ref_7
– volume: 9
  start-page: 702
  year: 2021
  ident: ref_177
  article-title: SQL Injection Vulnerability Detection Using Deep Learning: A Feature-Based Approach
  publication-title: Indones. J. Electr. Eng. Inform. IJEEI
– ident: ref_253
  doi: 10.1109/ICGS3.2019.8688018
– volume: 8
  start-page: 8056
  year: 2021
  ident: ref_142
  article-title: Secure and Efficient Data Aggregation for IoT Monitoring Systems
  publication-title: IEEE Internet Things J.
  doi: 10.1109/JIOT.2020.3042204
– ident: ref_225
  doi: 10.1145/3661167.3661176
– volume: 3
  start-page: 91
  year: 2006
  ident: ref_51
  article-title: Identifying Almost Identical Files Using Context Triggered Piecewise Hashing
  publication-title: Digit. Investig.
  doi: 10.1016/j.diin.2006.06.015
– ident: ref_82
– volume: 235
  start-page: 3105
  year: 2024
  ident: ref_204
  article-title: CVE Severity Prediction from Vulnerability Description—A Deep Learning Approach
  publication-title: Procedia Comput. Sci.
  doi: 10.1016/j.procs.2024.04.294
– volume: 129
  start-page: 103256
  year: 2023
  ident: ref_41
  article-title: A Hybrid Scoring System for Prioritization of Software Vulnerabilities
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2023.103256
– ident: ref_85
  doi: 10.1145/3510003.3510229
– ident: ref_37
– ident: ref_21
– volume: 14
  start-page: 207
  year: 2003
  ident: ref_12
  article-title: Towards a Methodology for Developing Evidence-Informed Management Knowledge by Means of Systematic Review
  publication-title: Br. J. Manag.
  doi: 10.1111/1467-8551.00375
– volume: 2022
  start-page: 146
  year: 2022
  ident: ref_170
  article-title: Optimal Deep Belief Network Enabled Vulnerability Detection on Smart Environment
  publication-title: J. Smart Internet Things
  doi: 10.2478/jsiot-2022-0010
– ident: ref_243
  doi: 10.1145/3292500.3330989
– ident: ref_167
– ident: ref_162
  doi: 10.1109/ICSE48619.2023.00192
– volume: Volume 13927
  start-page: 167
  year: 2023
  ident: ref_75
  article-title: On the Provision of Network-Wide Cyber Situational Awareness via Graph-Based Analytics
  publication-title: Complex Computational Ecosystems
  doi: 10.1007/978-3-031-44355-8_12
– ident: ref_116
– ident: ref_189
– volume: 2
  start-page: 2787
  year: 2013
  ident: ref_81
  article-title: Translating Embeddings for Modeling Multi-Relational Data
  publication-title: Proc. 26th Int. Conf. Neural Inf. Process. Syst.
– ident: ref_143
  doi: 10.1109/CAIN58948.2023.00026
– ident: ref_122
– ident: ref_2
– volume: 18
  start-page: 2224
  year: 2019
  ident: ref_223
  article-title: μVulDeePecker: A Deep Learning-Based System for Multiclass Vulnerability Detection
  publication-title: IEEE Trans. Dependable Secur. Comput.
– ident: ref_49
  doi: 10.1145/3395363.3397361
– ident: ref_207
  doi: 10.3390/electronics13050899
– ident: ref_40
  doi: 10.1145/2491845.2491871
– ident: ref_195
– ident: ref_15
– ident: ref_43
– volume: 260
  start-page: 110139
  year: 2023
  ident: ref_50
  article-title: VULDEFF: Vulnerability Detection Method Based on Function Fingerprints and Code Differences
  publication-title: Knowl.-Based Syst.
  doi: 10.1016/j.knosys.2022.110139
– ident: ref_105
– volume: 28
  start-page: 75
  year: 2013
  ident: ref_77
  article-title: A Survey of Frequent Subgraph Mining Algorithms
  publication-title: Knowl. Eng. Rev.
  doi: 10.1017/S0269888912000331
– volume: 49
  start-page: 1983
  year: 2023
  ident: ref_160
  article-title: Open Science in Software Engineering: A Study on Deep Learning-Based Vulnerability Detection
  publication-title: IEEE Trans. Softw. Eng.
  doi: 10.1109/TSE.2022.3207149
– ident: ref_4
  doi: 10.3390/electronics13071191
– ident: ref_86
  doi: 10.3389/friot.2024.1306465
– ident: ref_5
  doi: 10.1109/IDAACS53288.2021.9660968
– ident: ref_74
– ident: ref_163
  doi: 10.1145/3597926.3598037
– ident: ref_13
  doi: 10.6028/NIST.SP.800-18r1
– ident: ref_96
  doi: 10.1145/3379597.3387501
– volume: 27
  start-page: 5703
  year: 2023
  ident: ref_233
  article-title: Semantic-Based Vulnerability Detection by Functional Connectivity of Gated Graph Sequence Neural Networks
  publication-title: Soft Comput.
  doi: 10.1007/s00500-022-07777-3
– ident: ref_229
  doi: 10.3390/app13169240
– ident: ref_16
– ident: ref_168
  doi: 10.1109/ICSE48619.2023.00188
– ident: ref_166
  doi: 10.1109/ICSE48619.2023.00190
– ident: ref_1
– ident: ref_123
– ident: ref_226
  doi: 10.1007/978-3-031-37231-5_8
– volume: 15
  start-page: 100209
  year: 2022
  ident: ref_260
  article-title: Towards Automatic Discovery and Assessment of Vulnerability Severity in Cyber–Physical Systems
  publication-title: Array
  doi: 10.1016/j.array.2022.100209
– ident: ref_174
  doi: 10.1145/3468264.3468597
– volume: 11
  start-page: 1304
  year: 2024
  ident: ref_138
  article-title: Cybersecurity Threats in the Age of IoT: A Review of Protective Measures
  publication-title: Int. J. Sci. Res. Arch.
  doi: 10.30574/ijsra.2024.11.1.0217
– ident: ref_169
– ident: ref_257
  doi: 10.18653/v1/2024.acl-long.527
– ident: ref_64
  doi: 10.1109/SP.2014.44
– ident: ref_27
– ident: ref_244
– ident: ref_135
– ident: ref_231
  doi: 10.1109/CCWC51732.2021.9376145
– volume: 4
  start-page: 72
  year: 2020
  ident: ref_17
  article-title: Plan Do Check Action (PDCA) Method: Literature Review and Research Issues
  publication-title: J. Sist. Dan Manaj. Ind.
  doi: 10.30656/jsmi.v4i1.2186
– volume: 16
  start-page: 1213
  year: 2023
  ident: ref_184
  article-title: An Intrusion Detection System Using Ranked Feature Bagging
  publication-title: Int. J. Inf. Technol.
– volume: 14
  start-page: 740
  year: 2018
  ident: ref_47
  article-title: Service Identification of Internet-Connected Devices Based on Common Platform Enumeration
  publication-title: J. Inf. Process. Syst.
– ident: ref_193
– ident: ref_255
  doi: 10.1109/PST.2016.7906965
– ident: ref_187
– ident: ref_197
  doi: 10.1109/SP54263.2024.00210
– volume: 2
  start-page: 1
  year: 2018
  ident: ref_236
  article-title: DeepBugs: A Learning Approach to Name-Based Bug Detection
  publication-title: Proc. ACM Program. Lang.
  doi: 10.1145/3276517
– volume: 195
  start-page: 111541
  year: 2023
  ident: ref_107
  article-title: Feature Models to Boost the Vulnerability Management Process
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2022.111541
– ident: ref_109
  doi: 10.14722/ndss.2018.23158
– volume: 73
  start-page: 103423
  year: 2023
  ident: ref_121
  article-title: ASSBert: Active and Semi-Supervised Bert for Smart Contract Vulnerability Detection
  publication-title: J. Inf. Secur. Appl.
– ident: ref_67
– ident: ref_129
– ident: ref_201
  doi: 10.1145/3597503.3639117
– ident: ref_44
– volume: Volume 1173
  start-page: 82
  year: 2020
  ident: ref_259
  article-title: CVE Based Classification of Vulnerable IoT Systems
  publication-title: Theory and Applications of Dependable Computer Systems
  doi: 10.1007/978-3-030-48256-5_9
– volume: 49
  start-page: 4196
  year: 2023
  ident: ref_224
  article-title: Vulnerability Detection by Learning From Syntax-Based Execution Paths of Code
  publication-title: IEEE Trans. Softw. Eng.
  doi: 10.1109/TSE.2023.3286586
– ident: ref_32
  doi: 10.17487/rfc5646
– volume: 212
  start-page: 112031
  year: 2024
  ident: ref_84
  article-title: GRACE: Empowering LLM-Based Software Vulnerability Detection with Graph Structure and in-Context Learning
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2024.112031
– ident: ref_73
– volume: 23
  start-page: 1920
  year: 2021
  ident: ref_185
  article-title: A Survey of Deep Learning Techniques for Cybersecurity in Mobile Networks
  publication-title: IEEE Commun. Surv. Tutor.
  doi: 10.1109/COMST.2021.3086296
– ident: ref_250
  doi: 10.5220/0012403500003648
– volume: 36
  start-page: 1735
  year: 1997
  ident: ref_113
  article-title: Long Short-Term Memory
  publication-title: Neural Comput.
  doi: 10.1162/neco.1997.9.8.1735
– ident: ref_112
  doi: 10.1109/IALP.2018.8629225
– volume: 16
  start-page: 1943
  year: 2021
  ident: ref_55
  article-title: Combining Graph-Based Learning with Automated Data Collection for Code Vulnerability Detection
  publication-title: IEEE Trans. Inf. Forensics Secur.
  doi: 10.1109/TIFS.2020.3044773
– ident: ref_33
– ident: ref_190
  doi: 10.1109/TSE.2024.3470333
– volume: 56
  start-page: 13187
  year: 2023
  ident: ref_159
  article-title: An Exhaustive Review of the Metaheuristic Algorithms for Search and Optimization: Taxonomy, Applications, and Open Challenges
  publication-title: Artif. Intell. Rev.
  doi: 10.1007/s10462-023-10470-y
– ident: ref_199
– ident: ref_144
  doi: 10.1007/978-3-030-12330-7
– volume: 20
  start-page: 66
  year: 2024
  ident: ref_208
  article-title: DoS Attack Detection Using Aquila Deer Hunting Optimization Enabled Deep Belief Network
  publication-title: Int. J. Web Inf. Syst.
  doi: 10.1108/IJWIS-06-2023-0089
– volume: Volume A
  start-page: 1
  year: 2020
  ident: ref_106
  article-title: AMADEUS: Towards the AutoMAteD secUrity teSting
  publication-title: Proceedings of the 24th ACM Conference on Systems and Software Product Line
– ident: ref_161
  doi: 10.1145/3607199.3607242
– ident: ref_22
– ident: ref_256
– ident: ref_241
  doi: 10.1109/CBD.2017.58
– ident: ref_172
  doi: 10.1145/3106237.3117771
– ident: ref_188
  doi: 10.1145/3639476.3639762
– ident: ref_141
  doi: 10.5220/0012060400003555
– volume: 11
  start-page: 77990
  year: 2023
  ident: ref_165
  article-title: A Smart Contract Vulnerability Detection Mechanism Based on Deep Learning and Expert Rules
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2023.3298048
– ident: ref_217
  doi: 10.1109/ICACCI.2018.8554656
– volume: 49
  start-page: 45
  year: 2006
  ident: ref_97
  article-title: Automated Analysis of Feature Models
  publication-title: Commun. ACM
  doi: 10.1145/1183236.1183264
– ident: ref_227
  doi: 10.1109/QRS-C60940.2023.00078
– ident: ref_171
  doi: 10.1109/ICMLA.2018.00120
– ident: ref_42
  doi: 10.6028/NIST.SP.800-34r1
– volume: 9
  start-page: 26766
  year: 2021
  ident: ref_206
  article-title: Metaheuristic Algorithms on Feature Selection: A Survey of One Decade of Research (2009–2019)
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2021.3056407
– ident: ref_139
  doi: 10.3390/electronics11010016
– ident: ref_196
  doi: 10.1007/978-3-031-68738-9_34
– ident: ref_90
– volume: 57
  start-page: 103334
  year: 2020
  ident: ref_209
  article-title: Cybersecurity Vulnerability Management: A Conceptual Ontology and Cyber Intelligence Alert System
  publication-title: Inf. Manag.
  doi: 10.1016/j.im.2020.103334
– ident: ref_128
  doi: 10.1145/3695988
– ident: ref_46
  doi: 10.1109/IACS.2017.7921992
– volume: Volume B
  start-page: 52
  year: 2020
  ident: ref_108
  article-title: A Python Framework for the Automated Analysis of Feature Models: A First Step to Integrate Community Efforts
  publication-title: Proceedings of the 24th ACM International Systems and Software Product Line Conference
– ident: ref_35
– volume: 48
  start-page: 3280
  year: 2022
  ident: ref_94
  article-title: Deep Learning Based Vulnerability Detection: Are We There Yet?
  publication-title: IEEE Trans. Softw. Eng.
  doi: 10.1109/TSE.2021.3087402
– volume: 141
  start-page: 112948
  year: 2020
  ident: ref_240
  article-title: A Review: Knowledge Reasoning over Knowledge Graph
  publication-title: Expert Syst. Appl.
  doi: 10.1016/j.eswa.2019.112948
– volume: 51
  start-page: 161
  year: 2018
  ident: ref_214
  article-title: Anytime Diagnosis for Reconfiguration
  publication-title: J. Intell. Inf. Syst.
  doi: 10.1007/s10844-017-0492-1
– volume: 119
  start-page: 557
  year: 1999
  ident: ref_101
  article-title: Constraint Satisfaction Problems: Algorithms and Applications
  publication-title: Eur. J. Oper. Res.
  doi: 10.1016/S0377-2217(98)00364-6
– volume: 10
  start-page: 5415
  year: 2019
  ident: ref_92
  article-title: Automated Optimized Parameters for T-Distributed Stochastic Neighbor Embedding Improve Visualization and Analysis of Large Datasets
  publication-title: Nat. Commun.
  doi: 10.1038/s41467-019-13055-y
– volume: 206
  start-page: 111832
  year: 2023
  ident: ref_232
  article-title: Static Vulnerability Detection Based on Class Separation
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2023.111832
– ident: ref_176
  doi: 10.1109/CNS48642.2020.9162309
– volume: 166
  start-page: 114066
  year: 2021
  ident: ref_117
  article-title: Cosine Similarity Based Anomaly Detection Methodology for the CAN Bus
  publication-title: Expert Syst. Appl.
  doi: 10.1016/j.eswa.2020.114066
– ident: ref_23
  doi: 10.6028/NIST.SP.800-12r1
– volume: 135
  start-page: 103477
  year: 2023
  ident: ref_11
  article-title: Inconsistent Measurement and Incorrect Detection of Software Names in Security Vulnerability Reports
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2023.103477
– volume: 84
  start-page: 53
  year: 2019
  ident: ref_218
  article-title: Threat Modeling—A Systematic Literature Review
  publication-title: Comput. Secur.
  doi: 10.1016/j.cose.2019.03.010
– ident: ref_69
– volume: 4
  start-page: 357
  year: 2016
  ident: ref_111
  article-title: Named Entity Recognition with Bidirectional LSTM-CNNs
  publication-title: Trans. Assoc. Comput. Linguist.
  doi: 10.1162/tacl_a_00104
– volume: 55
  start-page: 1
  year: 2023
  ident: ref_119
  article-title: Blockchain-Enabled Federated Learning: A Survey
  publication-title: ACM Comput. Surv.
  doi: 10.1145/3524104
– volume: 12
  start-page: 117761
  year: 2024
  ident: ref_182
  article-title: Optimizing Smart Home Intrusion Detection with Harmony-Enhanced Extra Trees
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2024.3422999
– ident: ref_203
  doi: 10.2139/ssrn.4853709
– ident: ref_237
  doi: 10.1145/3339252.3340522
– ident: ref_131
– volume: 199
  start-page: 111623
  year: 2023
  ident: ref_164
  article-title: CSGVD: A Deep Learning Approach Combining Sequence and Graph Embedding for Source Code Vulnerability Detection
  publication-title: J. Syst. Softw.
  doi: 10.1016/j.jss.2023.111623
– ident: ref_114
  doi: 10.1145/3465481.3470039
– ident: ref_186
  doi: 10.1145/3605098.3636003
– volume: 3
  start-page: 213
  year: 2023
  ident: ref_234
  article-title: SCGformer: Smart Contract Vulnerability Detection Based on Control Flow Graph and Transformer
  publication-title: IET Blockchain
  doi: 10.1049/blc2.12046
– ident: ref_30
  doi: 10.6028/NIST.IR.7695
– volume: 80
  start-page: 519
  year: 2018
  ident: ref_216
  article-title: Automatic Security Verification of Mobile App Configurations
  publication-title: Future Gener. Comput. Syst.
  doi: 10.1016/j.future.2016.06.014
– volume: 32
  start-page: 4
  year: 2019
  ident: ref_59
  article-title: A Comprehensive Survey on Graph Neural Networks
  publication-title: IEEE Trans. Neural Netw. Learn. Syst.
  doi: 10.1109/TNNLS.2020.2978386
– ident: ref_76
  doi: 10.1007/978-1-4419-0140-8
– volume: 106
  start-page: 249
  year: 2018
  ident: ref_140
  article-title: A Systematic Study of the Class Imbalance Problem in Convolutional Neural Networks
  publication-title: Neural Netw.
  doi: 10.1016/j.neunet.2018.07.011
– ident: ref_149
  doi: 10.3390/electronics9010144
– volume: 12
  start-page: 90353
  year: 2024
  ident: ref_151
  article-title: AI-Enabled Healthcare and Enhanced Computational Resource Management With Digital Twins Into Task Offloading Strategies
  publication-title: IEEE Access
  doi: 10.1109/ACCESS.2024.3420741
– ident: ref_34
– ident: ref_181
  doi: 10.1109/ICCWS48432.2020.9292388
– ident: ref_192
– ident: ref_102
– ident: ref_179
  doi: 10.3390/info13070322
– ident: ref_99
  doi: 10.3390/app9245364
– ident: ref_125
– volume: 21
  start-page: 2286
  year: 2024
  ident: ref_153
  article-title: Machine Learning in Cybersecurity: A Review of Threat Detection and Defense Mechanisms
  publication-title: World J. Adv. Res. Rev.
  doi: 10.30574/wjarr.2024.21.1.0315
– ident: ref_137
  doi: 10.3390/electronics11020198
– ident: ref_18
– ident: ref_130
– ident: ref_194
  doi: 10.1145/3639476.3639762
– volume: 29
  start-page: 98
  year: 2024
  ident: ref_202
  article-title: Codesentry: Revolutionizing Real-Time Software Vulnerability Detection With Optimized GPT Framework
  publication-title: Land Forces Acad. Rev.
  doi: 10.2478/raft-2024-0010
– ident: ref_93
  doi: 10.1109/DSA52907.2021.00013
– volume: 10
  start-page: e29917
  year: 2024
  ident: ref_132
  article-title: Combatting Ransomware in ZephyrOS-Activated Industrial IoT Environments
  publication-title: Heliyon
  doi: 10.1016/j.heliyon.2024.e29917
– ident: ref_14
  doi: 10.6028/NIST.SP.1800-17
– volume: 45
  start-page: 56
  year: 2012
  ident: ref_213
  article-title: Using Constraint Programming to Manage Configurations in Self-Adaptive Systems
  publication-title: Computer
  doi: 10.1109/MC.2012.286
– ident: ref_252
  doi: 10.18653/v1/D19-1410
– ident: ref_124
  doi: 10.1109/IJCNN48605.2020.9207304
– volume: 2
  start-page: 17
  year: 2013
  ident: ref_155
  article-title: A Survey on Securing the Virtual Cloud
  publication-title: J. Cloud Comput. Adv. Syst. Appl.
  doi: 10.1186/2192-113X-2-17
– ident: ref_20
  doi: 10.6028/NIST.SP.800-160v2r1
– ident: ref_48
  doi: 10.1109/NOMS47738.2020.9110460
– ident: ref_103
  doi: 10.1007/978-3-642-36583-6
– ident: ref_31
  doi: 10.6028/NIST.IR.7698
– ident: ref_66
  doi: 10.1007/978-3-319-93417-4_38
– volume: Volume 12223
  start-page: 3
  year: 2020
  ident: ref_10
  article-title: Automated CPE Labeling of CVE Summaries with Machine Learning
  publication-title: Detection of Intrusions and Malware, and Vulnerability Assessment
  doi: 10.1007/978-3-030-52683-2_1
– ident: ref_54
  doi: 10.14722/ndss.2024.24346
– volume: 27
  start-page: 1
  year: 2024
  ident: ref_80
  article-title: Uncovering CWE-CVE-CPE Relations with Threat Knowledge Graphs
  publication-title: ACM Trans. Priv. Secur.
  doi: 10.1145/3641819
– ident: ref_91
  doi: 10.18653/v1/2021.emnlp-main.685
– volume: 4
  start-page: 53
  year: 2018
  ident: ref_210
  article-title: A Practical Approach to Constructing a Knowledge Graph for Cybersecurity
  publication-title: Engineering
  doi: 10.1016/j.eng.2018.01.004
– volume: Volume 3714
  start-page: 7
  year: 2005
  ident: ref_98
  article-title: Feature Models, Grammars, and Propositional Formulas
  publication-title: Software Product Lines
  doi: 10.1007/11554844_3
– ident: ref_183
  doi: 10.21203/rs.3.rs-3238552/v1
– volume: 30
  start-page: 1
  year: 2021
  ident: ref_245
  article-title: DeepWukong: Statically Detecting Software Vulnerabilities Using Deep Graph Neural Network
  publication-title: ACM Trans. Softw. Eng. Methodol.
  doi: 10.1145/3436877
– volume: 49
  start-page: 36
  year: 2017
  ident: ref_211
  article-title: Model-Based Analysis of Java EE Web Security Misconfigurations
  publication-title: Comput. Lang. Syst. Struct.
– volume: 13
  start-page: 5
  year: 2024
  ident: ref_150
  article-title: A Transformer-Based Network Intrusion Detection Approach for Cloud Security
  publication-title: J. Cloud Comput.
  doi: 10.1186/s13677-023-00574-9
– volume: 101
  start-page: 387
  year: 2019
  ident: ref_100
  article-title: Automated Analysis of Feature Models: Quo Vadis?
  publication-title: Computing
  doi: 10.1007/s00607-018-0646-1
– ident: ref_222
  doi: 10.1109/FIT.2017.00037
SSID ssj0002793514
Score 2.3369265
SecondaryResourceType review_article
Snippet The number of new vulnerabilities continues to rise significantly each year. Simultaneously, vulnerability databases have challenges in promptly sharing new...
SourceID doaj
proquest
crossref
SourceType Open Website
Aggregation Database
Enrichment Source
Index Database
StartPage 853
SubjectTerms Academic libraries
AI model
Automation
CPE
CVE
CWE
Cybersecurity
Dictionaries
Digital libraries
graph representation
Information systems
Literature reviews
Metadata
Research methodology
Software
vulnerability detection
SummonAdditionalLinks – databaseName: ProQuest Central
  dbid: BENPR
  link: http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1NTxsxEB2F5NIL0C81fMlSe-Gwwuvd2OsDQiEQRZUSVahUOSCtbK8NQmgTQjjw7xl7vUEVVS978Po0Hs-8scfvAfxQqqIm0zQpMssSxLeDRBsqE608OuZSGuZfI09nfHKd_5wP5h2YtW9hfFtlGxNDoK4Wxp-Rn2QI5XkmZMrOlo-JV43yt6uthIaK0grVaaAY24Ie86rKXeidX85-XW1OXRi6Y0P4zTjLMTzTecNZmmHtf3JvlnlwavpXlgpk_u9idUhA413YjsiRDJul_ggdW3-CnVaVgcRN-hluhsQPruxd05tOmuN_ouqKDDc8nGThyOhFI_iLAnbkz_ODZ6AOzbIv5MKuQ5NWTaZBYzrESPv0Ba7Hl79HkyRqKCQm4-k6UaZCjKCtNpwXTg0UdaLgRWoxCMpK-AKQSpcLbS2msypPnfUXmzjIC22czr5Ct17U9hsQ6rgaMG6d8Vd1VGiJ1SHPMd9j9kut6sNxa7PSRIJxr3PxUGKh4e1bvtm3D983c5cNrcY_Z517029meCrsMLBY3ZZxZ2HtUkjELapAMJNXzkihcsOFEPjB8p714aBduDLuz6fyzZv2_v97Hz4whDGhfU8cQHe9eraHCEPW-ij61itGTttI
  priority: 102
  providerName: ProQuest
Title A Comprehensive Review and Assessment of Cybersecurity Vulnerability Detection Methodologies
URI https://www.proquest.com/docview/3149637912
https://doaj.org/article/1489215a80824dfc97a4c6777c678882
Volume 4
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
journalDatabaseRights – providerCode: PRVAON
  databaseName: Directory of Open Access Journals (DOAJ)
  customDbUrl:
  eissn: 2624-800X
  dateEnd: 99991231
  omitProxy: true
  ssIdentifier: ssj0002793514
  issn: 2624-800X
  databaseCode: DOA
  dateStart: 20210101
  isFulltext: true
  titleUrlDefault: https://www.doaj.org/
  providerName: Directory of Open Access Journals
– providerCode: PRVHPJ
  databaseName: ROAD: Directory of Open Access Scholarly Resources
  customDbUrl:
  eissn: 2624-800X
  dateEnd: 99991231
  omitProxy: true
  ssIdentifier: ssj0002793514
  issn: 2624-800X
  databaseCode: M~E
  dateStart: 20180101
  isFulltext: true
  titleUrlDefault: https://road.issn.org
  providerName: ISSN International Centre
– providerCode: PRVPQU
  databaseName: ProQuest Central
  customDbUrl: http://www.proquest.com/pqcentral?accountid=15518
  eissn: 2624-800X
  dateEnd: 99991231
  omitProxy: true
  ssIdentifier: ssj0002793514
  issn: 2624-800X
  databaseCode: BENPR
  dateStart: 20210101
  isFulltext: true
  titleUrlDefault: https://www.proquest.com/central
  providerName: ProQuest
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3PS8MwFA4yL178LU7nCOjFQ1n6K2mO29wYwoaIkx2EkqQJMkY3tu6w_96XtJuKghcvPaSBlveS972vef0eQndCZESFknhJqAMP8tvYk4pwTwqbHVPOVWD_Rh6O6GAcPU7iyZdWX7YmrJQHLg3XgnSdAyyJBLAqyoziTESKMsbgAuzNRV-49YVMTd1xGrcl6qUeaQi8vjVVi8gtWPINgZxQ_4847MClf4wOq6wQt8u3OUF7Oj9FR9uOC7jagGforY3t4FK_l3XnuPy0j0We4fZOYxPPDe5uJCR2VXM6_LqeWXVpVwi7wQ-6cAVYOR66_tEu_unVORr3ey_dgVf1R_BUSP3CEyoD_JdaKkoTI2JBDEto4msIcDxjltwRbiImtQaoyiLfaHtoCYM0kcrI8ALV8nmuLxEmhoo4oNooewxHmOTA_GgEWA7I5mtRR_dbm6WqEg-3PSxmKZAIa9_00751dLubuyglM36d1bGm382wMtduAJyfVs5P_3J-HTW2jkurvbdKQyB9NGTcD67-4xnX6CCARMYV8LEGqhXLtb6BRKSQTbTf6Y2enptu7X0A0XTbQA
linkProvider Directory of Open Access Journals
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1NbxMxEB2V9gAXvhGBApaAA4dVvfbGXh8qlH4ppU2EUItyQNraXhuEqk1IUqH8OX4bY683FQJx62UPXmsPs-OZN_b4PYA3WtfUckOzkjuWIb7tZ8ZSlRkd0LFQyrJwG3k0FsPz4sOkP9mAX91dmNBW2cXEGKjrqQ175DscobzgUuXs_exHFlSjwulqJ6Ghk7RCvRspxtLFjhO3-okl3GL3-AD_91vGjg7P9odZUhnILBf5MtO2xixqnLFClF73NfWyFGXuMEyoWoYSiSpfSOMcBvy6yL0LR384KEpjveH43VuwhbCD46ra2jscf_y03uVh6P4twTgTrMB0QCctRyrniu58t7MiLiL6R1aM4gF_5YaY8I7uw92EVMmgda0HsOGah3CvU4EgKSg8gi8DEgbn7lvbC0_a4waim5oM1ryfZOrJ_sog2EyCeeTz1WVgvI7NuSty4JaxKawho6hpHWOyWzyG8xux5hPYbKaNewqEeqH7TDhvw9EglUZhNSoKxBeYbXOne_Cus1llE6F50NW4rLCwCfatru3bg9frubOWxuOfs_aC6dczAvV2HJjOv1ZpJWOtVCrESbpE8FTU3iqpCyuklPgosV7pwXb346oUDxbVtfc--__rV3B7eDY6rU6PxyfP4Q5DCBVbB-U2bC7nV-4FQqCleZn8jMDFTbv2by2vGBA
linkToPdf http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwtV1LbxMxEB6VVEJcaHmJ0BYsAQcOq3i9G3t9qFDaNGopjSpEUQ5Ii-21qapqE5JUKH-RX8XY602FQNx62YPX2sPseOYbz-MDeKNURU2maVJkliWIb_uJNlQmWnl0zKU0zHcjn4358UX-YdKfbMCvthfGl1W2NjEY6mpq_B15L0MozzMhU9ZzsSzifDh6P_uReAYpn2lt6TRUpFmo9sO4sdjkcWpXPzGcW-yfDPHfv2VsdPT58DiJjAOJyXi6TJSp0KNqqw3nhVN9RZ0oeJFaNBmyEj5cotLlQluLxr_KU2d9GhAXeaGN0xl-9x5sCt8v2oHNg6Px-af1jQ_Do9AMG2ec5ega6KSZl5plkvauzCwPB4r-4SEDkcBffiI4v9E2PIyolQwaNXsEG7Z-DFstIwSJBuIJfB0Qvzi3l01dPGlSD0TVFRmsZ4CSqSOHK43AM5LnkS831376dSjUXZGhXYYCsZqcBX7rYJ_t4ilc3Ik0n0Gnntb2ORDquOozbp3xaUIqtMTIlOeINdDzplZ14V0rs9LE4eaeY-O6xCDHy7e8lW8XXq_3zpqRHv_cdeBFv97hx3CHhen8exlPNcZNhUTMpAoEUnnljBQqN1wIgY8CY5cu7LY_roy2YVHeavKL_79-BfdRxcuPJ-PTHXjAEE2FKkKxC53l_MbuIRpa6pdRzQh8u2vN_g0mchxK
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Comprehensive+Review+and+Assessment+of+Cybersecurity+Vulnerability+Detection+Methodologies&rft.jtitle=Journal+of+cybersecurity+and+privacy&rft.au=Bennouk%2C+Khalid&rft.au=Ait+Aali%2C+Nawal&rft.au=El+Bouzekri+El+Idrissi%2C+Youn%C3%A8s&rft.au=Sebai%2C+Bechir&rft.date=2024-10-07&rft.issn=2624-800X&rft.eissn=2624-800X&rft.volume=4&rft.issue=4&rft.spage=853&rft.epage=908&rft_id=info:doi/10.3390%2Fjcp4040040&rft.externalDBID=n%2Fa&rft.externalDocID=10_3390_jcp4040040
thumbnail_l http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2624-800X&client=summon
thumbnail_m http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2624-800X&client=summon
thumbnail_s http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2624-800X&client=summon