{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,17]],"date-time":"2026-01-17T08:09:46Z","timestamp":1768637386000,"version":"3.49.0"},"reference-count":59,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2016,6,1]],"date-time":"2016-06-01T00:00:00Z","timestamp":1464739200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2020,6,2]],"date-time":"2020-06-02T00:00:00Z","timestamp":1591056000000},"content-version":"vor","delay-in-days":1462,"URL":"http:\/\/www.elsevier.com\/open-access\/userlicense\/1.0\/"}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Science of Computer Programming"],"published-print":{"date-parts":[[2016,6]]},"DOI":"10.1016\/j.scico.2016.01.005","type":"journal-article","created":{"date-parts":[[2016,2,4]],"date-time":"2016-02-04T19:47:07Z","timestamp":1454615227000},"page":"153-175","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":35,"special_numbering":"C","title":["Tracing known security vulnerabilities in software repositories \u2013 A Semantic Web enabled modeling approach"],"prefix":"10.1016","volume":"121","author":[{"given":"Sultan S.","family":"Alqahtani","sequence":"first","affiliation":[]},{"given":"Ellis E.","family":"Eghan","sequence":"additional","affiliation":[]},{"given":"Juergen","family":"Rilling","sequence":"additional","affiliation":[]}],"member":"78","reference":[{"key":"10.1016\/j.scico.2016.01.005_br0010","series-title":"Ovidiu and Friess, Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems","author":"Vermesan","year":"2013"},{"key":"10.1016\/j.scico.2016.01.005_br0020","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1109\/52.329397","article-title":"Globalization of software supply and demand","author":"Jones","year":"1994","journal-title":"IEEE Softw."},{"key":"10.1016\/j.scico.2016.01.005_br0030","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1145\/1411203.1411255","article-title":"NixOS: a purely functional Linux distribution","volume":"43","author":"Dolstra","year":"2008","journal-title":"ACM SIGPLAN Not."},{"key":"10.1016\/j.scico.2016.01.005_br0040","series-title":"Proc. Conf. Futur. Softw. Eng.","first-page":"227","article-title":"Software engineering for security: a roadmap","author":"Devanbu","year":"2000"},{"key":"10.1016\/j.scico.2016.01.005_br0050","author":"NIST"},{"key":"10.1016\/j.scico.2016.01.005_br0060","series-title":"IEEE Int. Conf. Softw. Maint.","first-page":"485","article-title":"Software artefact traceability: the never-ending challenge","author":"Oliveto","year":"2007"},{"key":"10.1016\/j.scico.2016.01.005_br0070","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/1041410.1041421","article-title":"Semantic integration: a survey of ontology-based approaches","volume":"33","author":"Noy","year":"2004","journal-title":"ACM SIGMOD Rec."},{"key":"10.1016\/j.scico.2016.01.005_br0080","doi-asserted-by":"crossref","first-page":"597","DOI":"10.1142\/S0219622006002258","article-title":"10 challenging problems in data mining research","volume":"05","author":"Yang","year":"2006","journal-title":"Int. J. Inf. Technol. Decis. Mak."},{"key":"10.1016\/j.scico.2016.01.005_br0090","series-title":"Proc. Jt. Int. Annu. ERCIM Work. Princ. Softw. Evol. Softw. Evol. Work","first-page":"57","article-title":"Mining trends of library usage","author":"Mileva","year":"2009"},{"issue":"1\u20132","key":"10.1016\/j.scico.2016.01.005_br0100","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1016\/S0169-023X(97)00056-6","article-title":"Knowledge engineering: principles and methods","volume":"25","author":"Studer","year":"1998","journal-title":"Data Knowl. Eng."},{"key":"10.1016\/j.scico.2016.01.005_br0110","series-title":"Ontologies for Urban Databases","first-page":"27","article-title":"Pre-consensus ontologies and urban databases","author":"Laurini","year":"2007"},{"key":"10.1016\/j.scico.2016.01.005_br0120","series-title":"Mech. Math. Reason.","first-page":"228","article-title":"Description logics as ontology languages for the Semantic Web","author":"Baader","year":"2005"},{"key":"10.1016\/j.scico.2016.01.005_br0130","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1038\/scientificamerican0501-34","article-title":"The Semantic Web","volume":"284","author":"Berners-Lee","year":"2001","journal-title":"Sci. Am."},{"key":"10.1016\/j.scico.2016.01.005_br0140","author":"Group"},{"key":"10.1016\/j.scico.2016.01.005_br0150","doi-asserted-by":"crossref","DOI":"10.1108\/k.2003.06732iae.006","article-title":"The description logic handbook \u2013 theory, implementation and applications","volume":"32","author":"Mann","year":"2003","journal-title":"Kybernetes"},{"key":"10.1016\/j.scico.2016.01.005_br0160","doi-asserted-by":"crossref","first-page":"97","DOI":"10.1080\/19322900903565408","article-title":"A review of \u201ca semantic web primer,\u201d","volume":"4","author":"Chabot","year":"2010","journal-title":"J. Web Librariansh."},{"key":"10.1016\/j.scico.2016.01.005_br0180","author":"Software"},{"key":"10.1016\/j.scico.2016.01.005_br0190","author":"Aasman"},{"key":"10.1016\/j.scico.2016.01.005_br0200","doi-asserted-by":"crossref","first-page":"857","DOI":"10.1007\/s00607-012-0204-1","article-title":"SEON: a pyramid of ontologies for software evolution and its applications","volume":"94","author":"W\u00fcrsch","year":"2012","journal-title":"Computing"},{"key":"10.1016\/j.scico.2016.01.005_br0210","series-title":"Maven: The Definitive Guide","author":"Sonatype","year":"2008"},{"key":"10.1016\/j.scico.2016.01.005_br0220","unstructured":"Jeff Williams, A. Dabirsiaghi, The unfortunate reality of insecure libraries, Asp. Secur. Inc. 2012, pp. 1\u201326."},{"key":"10.1016\/j.scico.2016.01.005_br0230","series-title":"Fourth Int. Work. Min. Softw. Repos.","article-title":"Mining software repositories with iSPAROL and a software evolution ontology","author":"Kiefer","year":"2007"},{"key":"10.1016\/j.scico.2016.01.005_br0240","series-title":"Proceedings of the 18th International Conference on Software Engineering and Knowledge Engineering","first-page":"349","article-title":"KOntoR: an ontology-enabled approach to software reuse","author":"Happel","year":"2006"},{"key":"10.1016\/j.scico.2016.01.005_br0250","doi-asserted-by":"crossref","first-page":"34","DOI":"10.1145\/103167.103172","article-title":"LaSSIE: a knowledge-based software information system","volume":"34","author":"Devanbu","year":"1991","journal-title":"Commun. ACM"},{"key":"10.1016\/j.scico.2016.01.005_br0260","author":"Lee"},{"key":"10.1016\/j.scico.2016.01.005_br0270","first-page":"641","article-title":"Organizing the knowledge used in software maintenance","volume":"9","author":"de O. M\u00e1rcio Greyck Batista Dias","year":"2003","journal-title":"J. Univers. Comput. Sci."},{"key":"10.1016\/j.scico.2016.01.005_br0280","doi-asserted-by":"crossref","first-page":"323","DOI":"10.1142\/S0218194004001646","article-title":"An ontology for the management of software maintenance projects","volume":"14","author":"Ruiz","year":"2004","journal-title":"Int. J. Softw. Eng. Knowl. Eng."},{"key":"10.1016\/j.scico.2016.01.005_br0290","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/jisp.2007100101","article-title":"An ontology of information security","volume":"1","author":"Herzog","year":"2007","journal-title":"Int. J. Inf. Secur. Priv."},{"key":"10.1016\/j.scico.2016.01.005_br0300","series-title":"Sematic Web Implementaion Schema for National Vulnerability Database (Common Platform Enumeration Data)","author":"Khadilkar","year":"2010"},{"key":"10.1016\/j.scico.2016.01.005_br0310","series-title":"Proc. 3rd Int. Semant. Web Conf., Citeseer Hiroshima","article-title":"D2RQ-treating non-RDF databases as virtual RDF graphs","author":"Bizer","year":"2004"},{"key":"10.1016\/j.scico.2016.01.005_br0320","series-title":"Proc. IJCAI-03 Work. Ontol. Distrib. Syst.","first-page":"47","article-title":"A target-centric ontology for intrusion detection","author":"Undercoffer","year":"2004"},{"key":"10.1016\/j.scico.2016.01.005_br0330","series-title":"IEEE Symp. Secur. Priv. Work","first-page":"75","article-title":"A knowledge-based approach to intrusion detection modeling","author":"More","year":"2012"},{"key":"10.1016\/j.scico.2016.01.005_br0340","series-title":"Proc. 10th Annu. Cyber Inf. Secur. Res. Conf","first-page":"1","article-title":"Developing an ontology for cyber security knowledge graphs","author":"Iannacone","year":"2015"},{"key":"10.1016\/j.scico.2016.01.005_br0350","series-title":"Recent Adv. Intrusion Detect","first-page":"113","article-title":"Modeling computer attacks: an ontology for intrusion detection","author":"Undercoffer","year":"2003"},{"key":"10.1016\/j.scico.2016.01.005_br0360","series-title":"IEEE Seventh Int. Conf. Semant. Comput.","first-page":"252","article-title":"Extracting cybersecurity related linked data from text","author":"Joshi","year":"2013"},{"key":"10.1016\/j.scico.2016.01.005_br0370","series-title":"Second Int. Conf. Semant. Knowl. Grid","article-title":"Security attack ontology for web services","author":"Vorobiev","year":"2006"},{"key":"10.1016\/j.scico.2016.01.005_br0380","series-title":"Softw. Technol. Embed. Ubiquitous Syst.","first-page":"192","article-title":"From intrusion detection to intrusion detection and diagnosis: an ontology-based approach","author":"Coppolino","year":"2009"},{"key":"10.1016\/j.scico.2016.01.005_br0390","unstructured":"B. Martin, M. Brown, A. Paller, D. Kirby, S. Christey, 2010 CWE\/SANS top 25 most dangerous software errors. MITRE, 2010."},{"key":"10.1016\/j.scico.2016.01.005_br0400","series-title":"Artificial Believers: The Ascription of Belief","author":"Ballim","year":"1991"},{"key":"10.1016\/j.scico.2016.01.005_br0410","doi-asserted-by":"crossref","first-page":"949","DOI":"10.1016\/j.eswa.2014.08.032","article-title":"Ontology matching: a literature review","volume":"42","author":"Otero-Cerdeira","year":"2015","journal-title":"Expert Syst. Appl."},{"key":"10.1016\/j.scico.2016.01.005_br0420","author":"Long"},{"key":"10.1016\/j.scico.2016.01.005_br0430","author":"Alqahtani"},{"key":"10.1016\/j.scico.2016.01.005_br0440","series-title":"Introduction to Information Retrieval","author":"Manning","year":"2008"},{"key":"10.1016\/j.scico.2016.01.005_br0450","series-title":"Proc. 11th Work. Conf. Min. Softw. Repos.","first-page":"348","article-title":"Security and emotion: sentiment analysis of security discussions on GitHub","author":"Pletea","year":"2014"},{"key":"10.1016\/j.scico.2016.01.005_br0460","series-title":"7th IEEE Work. Conf. Min. Softw. Repos.","first-page":"11","article-title":"Identifying security bug reports via text mining: an industrial case study","author":"Gegick","year":"2010"},{"key":"10.1016\/j.scico.2016.01.005_br0470","series-title":"Proc. 14th ACM Conf. Comput. Commun. Secur.","first-page":"529","article-title":"Predicting vulnerable software components","author":"Neuhaus","year":"2007"},{"key":"10.1016\/j.scico.2016.01.005_br0480","series-title":"IEEE\/WIC\/ACM Int. Conf. Web Intell. Intell. Agent Technol.","first-page":"257","article-title":"Extracting information about security vulnerabilities from web text","author":"Mulwad","year":"2011"},{"key":"10.1016\/j.scico.2016.01.005_br0490","series-title":"Neural Networks Signal Process. VII. Proc. 1997 IEEE Signal Process. Soc. Work.","first-page":"276","article-title":"An improved training algorithm for support vector machines","author":"Osuna","year":"1997"},{"key":"10.1016\/j.scico.2016.01.005_br0500","series-title":"Proc. 16th Int. Conf. World Wide Web","first-page":"697","article-title":"Yago: a core of semantic knowledge","author":"Suchanek","year":"2007"},{"key":"10.1016\/j.scico.2016.01.005_br0510","series-title":"Proc. ACM SIGMOD Int. Conf. Manag. Data","first-page":"1247","article-title":"Freebase: a collaboratively created graph database for structuring human knowledge","author":"Bollacker","year":"2008"},{"key":"10.1016\/j.scico.2016.01.005_br0520","series-title":"Wikitology: Using Wikipedia as an Ontology","author":"Syed","year":"2008"},{"key":"10.1016\/j.scico.2016.01.005_br0530","series-title":"Information Extraction of Cyber Security Related Terms and Concepts from Unstructured Text","author":"Lal","year":"2013"},{"key":"10.1016\/j.scico.2016.01.005_br0540","series-title":"Proc. 7th Int. Conf. Semant. Syst. \u2013 I-Semantics '11","first-page":"1","article-title":"DBpedia spotlight: shedding light on the web of documents","author":"Mendes","year":"2011"},{"key":"10.1016\/j.scico.2016.01.005_br0550","series-title":"15th Int. Symp. Softw. Reliab. Eng.","first-page":"245","article-title":"A comparison of bug finding tools for Java","author":"Rutar","year":"2004"},{"key":"10.1016\/j.scico.2016.01.005_br0560","series-title":"Proc. 11th Work. Conf. Min. Softw. Repos.","first-page":"372","article-title":"The bug catalog of the Maven ecosystem","author":"Mitropoulos","year":"2014"},{"key":"10.1016\/j.scico.2016.01.005_br0570","series-title":"Proc. 11th Work. Conf. Min. Softw. Repos.","first-page":"416","article-title":"A dataset for Maven artifacts and bug patterns found in them","author":"Saini","year":"2014"},{"key":"10.1016\/j.scico.2016.01.005_br0580","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1145\/1052883.1052895","article-title":"Finding bugs is easy","volume":"39","author":"Hovemeyer","year":"2004","journal-title":"ACM SIGPLAN Not."},{"key":"10.1016\/j.scico.2016.01.005_br0590","series-title":"16th Panhellenic Conf. Informatics","first-page":"117","article-title":"Measuring the occurrence of security-related bugs through software evolution","author":"Mitropoulos","year":"2012"},{"key":"10.1016\/j.scico.2016.01.005_br0600","series-title":"IEEE 22nd Int. Conf. Softw. Anal. Evol. Reengineering","first-page":"516","article-title":"Tracking known security vulnerabilities in proprietary software systems","author":"Cadariu","year":"2015"}],"container-title":["Science of Computer Programming"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167642316000253?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167642316000253?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2020,6,2]],"date-time":"2020-06-02T01:59:10Z","timestamp":1591063150000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167642316000253"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,6]]},"references-count":59,"alternative-id":["S0167642316000253"],"URL":"https:\/\/doi.org\/10.1016\/j.scico.2016.01.005","relation":{},"ISSN":["0167-6423"],"issn-type":[{"value":"0167-6423","type":"print"}],"subject":[],"published":{"date-parts":[[2016,6]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"Tracing known security vulnerabilities in software repositories \u2013 A Semantic Web enabled modeling approach","name":"articletitle","label":"Article Title"},{"value":"Science of Computer Programming","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.scico.2016.01.005","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"Copyright \u00a9 2016 Elsevier B.V. All rights reserved.","name":"copyright","label":"Copyright"}]}}