{"record_type":"pith_number_record","schema_url":"https://pith.science/schemas/pith-number/v1.json","pith_number":"pith:2012:THDB7RJ43BUGH4XDXGUPIM2ZQQ","short_pith_number":"pith:THDB7RJ4","schema_version":"1.0","canonical_sha256":"99c61fc53cd86863f2e3b9a8f433598431d8b5908232a694e3ccc52d6af6e837","source":{"kind":"arxiv","id":"1203.5830","version":1},"attestation_state":"computed","paper":{"title":"An Independent Validation of Vulnerability Discovery Models","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Fabio Massacci, Viet Hung Nguyen","submitted_at":"2012-03-26T22:14:15Z","abstract_excerpt":"Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit.\n  In this work we describe an independent validation of the applicability of six existing VDMs in seventeen releases of the three popular browsers Firefox, Google Chrome and Internet Explorer. We have collected five different kinds of data sets based on different definitions of a vulnerability. We introduce two quantitative metrics, goodness-of-fit entropy and goodness-of-fi"},"verification_status":{"content_addressed":true,"pith_receipt":true,"author_attested":false,"weak_author_claims":0,"strong_author_claims":0,"externally_anchored":false,"storage_verified":false,"citation_signatures":0,"replication_records":0,"graph_snapshot":true,"references_resolved":false,"formal_links_present":false},"canonical_record":{"source":{"id":"1203.5830","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2012-03-26T22:14:15Z","cross_cats_sorted":[],"title_canon_sha256":"a0a837f541dad9527c29d17b894f02017c75e1777727618a45a64d41dcb3f86a","abstract_canon_sha256":"5698889441c68ab9da9725f97f34e295a6da0bc3afcdf7d99536d5bd72955f91"},"schema_version":"1.0"},"receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-18T03:59:13.329494Z","signature_b64":"J4uq8tGBD4+WesA7+KSORG28QKlJaF2WkMhyxD2xlVdN5a1J5r16WHGO42YZXp4NO31uiYsx2R7ZnZs0WsjJBA==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"99c61fc53cd86863f2e3b9a8f433598431d8b5908232a694e3ccc52d6af6e837","last_reissued_at":"2026-05-18T03:59:13.328695Z","signature_status":"signed_v1","first_computed_at":"2026-05-18T03:59:13.328695Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"graph_snapshot":{"paper":{"title":"An Independent Validation of Vulnerability Discovery Models","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Fabio Massacci, Viet Hung Nguyen","submitted_at":"2012-03-26T22:14:15Z","abstract_excerpt":"Having a precise vulnerability discovery model (VDM) would provide a useful quantitative insight to assess software security. Thus far, several models have been proposed with some evidence supporting their goodness-of-fit.\n  In this work we describe an independent validation of the applicability of six existing VDMs in seventeen releases of the three popular browsers Firefox, Google Chrome and Internet Explorer. We have collected five different kinds of data sets based on different definitions of a vulnerability. We introduce two quantitative metrics, goodness-of-fit entropy and goodness-of-fi"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1203.5830","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"aliases":[{"alias_kind":"arxiv","alias_value":"1203.5830","created_at":"2026-05-18T03:59:13.328781+00:00"},{"alias_kind":"arxiv_version","alias_value":"1203.5830v1","created_at":"2026-05-18T03:59:13.328781+00:00"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1203.5830","created_at":"2026-05-18T03:59:13.328781+00:00"},{"alias_kind":"pith_short_12","alias_value":"THDB7RJ43BUG","created_at":"2026-05-18T12:27:23.164592+00:00"},{"alias_kind":"pith_short_16","alias_value":"THDB7RJ43BUGH4XD","created_at":"2026-05-18T12:27:23.164592+00:00"},{"alias_kind":"pith_short_8","alias_value":"THDB7RJ4","created_at":"2026-05-18T12:27:23.164592+00:00"}],"events":[],"event_summary":{},"paper_claims":[],"inbound_citations":{"count":0,"internal_anchor_count":0,"sample":[]},"formal_canon":{"evidence_count":0,"sample":[],"anchors":[]},"links":{"html":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ","json":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ.json","graph_json":"https://pith.science/api/pith-number/THDB7RJ43BUGH4XDXGUPIM2ZQQ/graph.json","events_json":"https://pith.science/api/pith-number/THDB7RJ43BUGH4XDXGUPIM2ZQQ/events.json","paper":"https://pith.science/paper/THDB7RJ4"},"agent_actions":{"view_html":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ","download_json":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ.json","view_paper":"https://pith.science/paper/THDB7RJ4","resolve_alias":"https://pith.science/api/pith-number/resolve?arxiv=1203.5830&json=true","fetch_graph":"https://pith.science/api/pith-number/THDB7RJ43BUGH4XDXGUPIM2ZQQ/graph.json","fetch_events":"https://pith.science/api/pith-number/THDB7RJ43BUGH4XDXGUPIM2ZQQ/events.json","actions":{"anchor_timestamp":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ/action/timestamp_anchor","attest_storage":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ/action/storage_attestation","attest_author":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ/action/author_attestation","sign_citation":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ/action/citation_signature","submit_replication":"https://pith.science/pith/THDB7RJ43BUGH4XDXGUPIM2ZQQ/action/replication_record"}},"created_at":"2026-05-18T03:59:13.328781+00:00","updated_at":"2026-05-18T03:59:13.328781+00:00"}