乐胖代购免代理版

{"id":"https://openalex.org/W4367047162","doi":"https://doi.org/10.1145/3543507.3583352","title":"The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox","display_name":"The Benefits of Vulnerability Discovery and Bug Bounty Programs: Case Studies of Chromium and Firefox","publication_year":2023,"publication_date":"2023-04-26","ids":{"openalex":"https://openalex.org/W4367047162","doi":"https://doi.org/10.1145/3543507.3583352"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3543507.3583352","pdf_url":null,"source":{"id":"https://openalex.org/S4363608783","display_name":"Proceedings of the ACM Web Conference 2022","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2301.12092","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5056351031","display_name":"Soodeh Atefi","orcid":"https://orcid.org/0000-0002-7734-662X"},"institutions":[{"id":"https://openalex.org/I44461941","display_name":"University of Houston","ror":"https://ror.org/048sx0r50","country_code":"US","type":"funder","lineage":["https://openalex.org/I44461941"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Soodeh Atefi","raw_affiliation_strings":["University of Houston, USA"],"affiliations":[{"raw_affiliation_string":"University of Houston, USA","institution_ids":["https://openalex.org/I44461941"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5051509091","display_name":"Amutheezan Sivagnanam","orcid":"https://orcid.org/0000-0002-4295-529X"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"funder","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Amutheezan Sivagnanam","raw_affiliation_strings":["Pennsylvania State University, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5045437923","display_name":"Afiya Ayman","orcid":"https://orcid.org/0000-0003-0680-1522"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"funder","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Afiya Ayman","raw_affiliation_strings":["Pennsylvania State University, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5063714878","display_name":"Jens Gro\u00dfklags","orcid":"https://orcid.org/0000-0003-1093-1282"},"institutions":[{"id":"https://openalex.org/I62916508","display_name":"Technical University of Munich","ror":"https://ror.org/02kkvpp62","country_code":"DE","type":"funder","lineage":["https://openalex.org/I62916508"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jens Grossklags","raw_affiliation_strings":["Technical University of Munich, Germany"],"affiliations":[{"raw_affiliation_string":"Technical University of Munich, Germany","institution_ids":["https://openalex.org/I62916508"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049435924","display_name":"\u00c1ron L\u00e1szka","orcid":"https://orcid.org/0000-0001-7400-2357"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"funder","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Aron Laszka","raw_affiliation_strings":["Pennsylvania State University, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, USA","institution_ids":["https://openalex.org/I130769515"]}]}],"institution_assertions":[],"countries_distinct_count":2,"institutions_distinct_count":3,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":1.986,"has_fulltext":false,"cited_by_count":4,"citation_normalized_percentile":{"value":0.855033,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":86,"max":88},"biblio":{"volume":null,"issue":null,"first_page":"2209","last_page":"2219"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9973,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10260","display_name":"Software Engineering Research","score":0.9973,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9956,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9939,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability","score":0.82796735},{"id":"https://openalex.org/keywords/popularity","display_name":"Popularity","score":0.7247232},{"id":"https://openalex.org/keywords/vulnerability-management","display_name":"Vulnerability management","score":0.4884807},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.48843017}],"concepts":[{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.82796735},{"id":"https://openalex.org/C2780586970","wikidata":"https://www.wikidata.org/wiki/Q1357284","display_name":"Popularity","level":2,"score":0.7247232},{"id":"https://openalex.org/C2777852691","wikidata":"https://www.wikidata.org/wiki/Q13430821","display_name":"Crowds","level":2,"score":0.62474304},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5623941},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.52122843},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.5119506},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.49386173},{"id":"https://openalex.org/C172776598","wikidata":"https://www.wikidata.org/wiki/Q7943570","display_name":"Vulnerability management","level":4,"score":0.4884807},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.48843017},{"id":"https://openalex.org/C2779662365","wikidata":"https://www.wikidata.org/wiki/Q5416694","display_name":"Event (particle physics)","level":2,"score":0.41179514},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.40635186},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.27925324},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.16689897},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.10913366},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.08022624},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1145/3543507.3583352","pdf_url":null,"source":{"id":"https://openalex.org/S4363608783","display_name":"Proceedings of the ACM Web Conference 2022","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},{"is_oa":true,"landing_page_url":"https://arxiv.org/abs/2301.12092","pdf_url":"https://arxiv.org/pdf/2301.12092","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false}],"best_oa_location":{"is_oa":true,"landing_page_url":"https://arxiv.org/abs/2301.12092","pdf_url":"https://arxiv.org/pdf/2301.12092","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_indexed_in_scopus":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":["Cornell University"],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false},"sustainable_development_goals":[{"display_name":"Peace, justice, and strong institutions","score":0.52,"id":"https://metadata.un.org/sdg/16"}],"grants":[{"funder":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation","award_id":"CNS-1850510"}],"datasets":[],"versions":[],"referenced_works_count":18,"referenced_works":["https://openalex.org/W1563025380","https://openalex.org/W2021348304","https://openalex.org/W2060986432","https://openalex.org/W2295069226","https://openalex.org/W2365417624","https://openalex.org/W2520816865","https://openalex.org/W2595399775","https://openalex.org/W2767122007","https://openalex.org/W2794659749","https://openalex.org/W2946540753","https://openalex.org/W2966983806","https://openalex.org/W2970434416","https://openalex.org/W2999191767","https://openalex.org/W3012761238","https://openalex.org/W3102446060","https://openalex.org/W4206767299","https://openalex.org/W4288103030","https://openalex.org/W4365799995"],"related_works":["https://openalex.org/W4220885008","https://openalex.org/W3041665175","https://openalex.org/W2980033082","https://openalex.org/W2947407508","https://openalex.org/W2892115998","https://openalex.org/W2393340519","https://openalex.org/W2392503306","https://openalex.org/W2390459954","https://openalex.org/W2082818071","https://openalex.org/W2057803998"],"abstract_inverted_index":{"Recently,":[0],"bug-bounty":[1,46,235],"programs":[2,19,47,236],"have":[3],"gained":[4],"popularity":[5],"and":[6,118,132,160,206,228],"become":[7],"a":[8,52,95,109,126,143,151],"significant":[9,53,216],"part":[10],"of":[11,15,32,34,45,67,70,78,94,129,141,148,198,245,262],"the":[12,29,43,68,76,79,92,100,103,130,139,146,196,243,260],"security":[13,25,36,226],"culture":[14],"many":[16],"organizations.":[17],"Bug-bounty":[18],"enable":[20],"organizations":[21],"to":[22,172,187,257,267],"enhance":[23],"their":[24,63],"posture":[26],"by":[27,108,165,211,221,241,270],"harnessing":[28],"diverse":[30],"expertise":[31,244],"crowds":[33],"external":[35,222,229,251],"experts":[37],"(i.e.,":[38],"bug":[39,185,223],"hunters).":[40],"Nonetheless,":[41],"quantifying":[42],"benefits":[44,64,164],"remains":[48],"elusive,":[49],"which":[50,232],"presents":[51],"challenge":[54],"for":[55,169,180],"managing":[56],"them.":[57],"Previous":[58],"studies":[59],"focused":[60],"on":[61,75,99,190,259],"measuring":[62],"in":[65],"terms":[66],"number":[69],"vulnerabilities":[71,199,219,263],"reported":[72,80],"or":[73,85],"based":[74],"properties":[77],"vulnerabilities,":[81],"such":[82,182],"as":[83,150,183],"severity":[84],"exploitability.":[86],"However,":[87],"beyond":[88],"these":[89],"inherent":[90],"properties,":[91],"value":[93],"report":[96],"also":[97,177,249],"depends":[98],"probability":[101,147],"that":[102,157,200,208,234,250,264],"vulnerability":[104,144,158],"would":[105],"be":[106,254,268],"discovered":[107,202],"threat":[110,170,212,230,271],"actor":[111],"before":[112],"an":[113,238],"internal":[114,225,246],"expert":[115],"could":[116],"discover":[117],"patch":[119],"it.":[120],"In":[121],"this":[122],"paper,":[123],"we":[124,137,176,194],"present":[125],"data-driven":[127],"study":[128],"Chromium":[131],"Firefox":[133],"vulnerability-reward":[134],"programs.":[135],"First,":[136],"estimate":[138],"difficulty":[140],"discovering":[142],"using":[145],"rediscovery":[149],"novel":[152],"metric.":[153],"Our":[154],"findings":[155],"show":[156],"discovery":[159],"patching":[161],"provide":[162,237],"clear":[163],"making":[166],"it":[167],"difficult":[168],"actors":[171],"find":[173],"vulnerabilities;":[174],"however,":[175],"identify":[178],"opportunities":[179],"improvement,":[181],"incentivizing":[184],"hunters":[186,252],"focus":[188,258],"more":[189,256],"development":[191],"releases.":[192],"Second,":[193],"compare":[195],"types":[197,261],"are":[201,209,265],"internally":[203],"vs.":[204],"externally":[205],"those":[207],"exploited":[210,269],"actors.":[213,272],"We":[214],"observe":[215],"differences":[217],"between":[218],"found":[220],"hunters,":[224],"teams,":[227,247],"actors,":[231],"indicates":[233],"important":[239],"benefit":[240],"complementing":[242],"but":[248],"should":[253],"incentivized":[255],"likely":[266]},"abstract_inverted_index_v3":null,"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W4367047162","counts_by_year":[{"year":2024,"cited_by_count":3},{"year":2023,"cited_by_count":1}],"updated_date":"2025-03-26T01:10:57.383026","created_date":"2023-04-27"}