Photoreactions of Sc3N@C80 with Disilirane, Silirane, and Digermirane: A Photochemical Method to Separate Ih and D5h Isomers

Under photoirradiation, Sc3N@Ih-C80 reacted readily with disilirane 1, silirane 4, and digermirane 7 to afford the corresponding 1:1 adducts, whereas Sc3N@D5h-C80 was recovered without producing those adducts. Based on these results, we described a novel method for the exclusive separation of Ih and D5h isomers of Sc3N@C80. The method includes three procedures: selective derivatization of Sc3N@Ih-C80 using 1, 4, and 7, facile HPLC separation of pristine Sc3N@D5h-C80 and Sc3N@Ih-C80 derivatives, and thermolysis of Sc3N@Ih-C80 derivatives to collect pristine Sc3N@Ih-C80. In addition, laser flash photolysis experiments were conducted to elucidate the reaction mechanism. Decay of the transient absorption of 3Sc3N@Ih-C80* was observed to be enhanced in the presence of 1, indicating the quenching process. When Sc3N@D5h-C80 was used, the transient absorption was much less intensive. Therefore, the quenching of 3Sc3N@D5h-C80* by 1 could not be confirmed. Furthermore, we applied time-dependent density functional theory (TD-DFT) calculations of the photoexcited states of Sc3N@C80 to obtain insights into the reaction mechanism

Tracing CAPEC Attack Patterns from CVE Vulnerability Information using Natural Language Processing Technique

To effectively respond to vulnerabilities, information must not only be collected efficiently and quickly but also the vulnerability and the attack techniques must be understood. A security knowledge repository can collect such information. The Common Vulnerabilities and Exposures (CVE) provides known vulnerabilities of products, while the Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit known weaknesses. Because the information in these two repositories is not directly related, identifying the related CAPEC attack information from the CVE vulnerability information is challenging. One proposed method traces some related CAPEC-ID from CVE-ID through Common Weakness Enumeration (CWE). However, it is not applicable to all patterns. Here, we propose a method to automatically trace the related CAPEC-IDs from CVE-ID using TF-IDF and Doc2Vec. Additionally, we experimentally confirm that TF-IDF is more accurate than Doc2vec

Comparative Evaluation of NLP-Based Approaches for Linking CAPEC Attack Patterns from CVE Vulnerability Information

Vulnerability and attack information must be collected to assess the severity of vulnerabilities and prioritize countermeasures against cyberattacks quickly and accurately. Common Vulnerabilities and Exposures is a dictionary that lists vulnerabilities and incidents, while Common Attack Pattern Enumeration and Classification is a dictionary of attack patterns. Direct identification of common attack pattern enumeration and classification from common vulnerabilities and exposures is difficult, as they are not always directly linked. Here, an approach to directly find common links between these dictionaries is proposed. Then, several patterns, which are combinations of similarity measures and popular algorithms such as term frequency–inverse document frequency, universal sentence encoder, and sentence BERT, are evaluated experimentally using the proposed approach. Specifically, two metrics, recall and mean reciprocal rank, are used to assess the traceability of the common attack pattern enumeration and classification identifiers associated with 61 identifiers for common vulnerabilities and exposures. The experiment confirms that the term frequency–inverse document frequency algorithm provides the best overall performance

Comparative Evaluation of NLP-Based Approaches for Linking CAPEC Attack Patterns from CVE Vulnerability Information

Vulnerability and attack information must be collected to assess the severity of vulnerabilities and prioritize countermeasures against cyberattacks quickly and accurately. Common Vulnerabilities and Exposures is a dictionary that lists vulnerabilities and incidents, while Common Attack Pattern Enumeration and Classification is a dictionary of attack patterns. Direct identification of common attack pattern enumeration and classification from common vulnerabilities and exposures is difficult, as they are not always directly linked. Here, an approach to directly find common links between these dictionaries is proposed. Then, several patterns, which are combinations of similarity measures and popular algorithms such as term frequency–inverse document frequency, universal sentence encoder, and sentence BERT, are evaluated experimentally using the proposed approach. Specifically, two metrics, recall and mean reciprocal rank, are used to assess the traceability of the common attack pattern enumeration and classification identifiers associated with 61 identifiers for common vulnerabilities and exposures. The experiment confirms that the term frequency–inverse document frequency algorithm provides the best overall performance

Photoreactions of Endohedral Metallofullerene with Siliranes: Electronic Properties of Carbosilylated Lu3N@Ih-C80

Photochemical carbosilylation of Lu3N@Ih-C80 was performed using siliranes (silacyclopropanes) to afford the corresponding [5,6]- and [6,6]-adducts. Electrochemical studies indicated that the redox potentials of the carbosilylated derivatives were shifted cathodically in comparison with those of the [5,6]-pyrrolidino adducts. The electronic effect of the silirane addends on Lu3N@Ih-C80 was verified on the basis of density functional theory calculations

Systematic Literature Review of Security Pattern Research

Security patterns encompass security-related issues in secure software system development and operations that often appear in certain contexts. Since the late 1990s, about 500 security patterns have been proposed. Although the technical components are well investigated, the direction, overall picture, and barriers to implementation are not. Here, a systematic literature review of 240 papers is used to devise a taxonomy for security pattern research. Our taxonomy and the survey results should improve communications among practitioners and researchers, standardize the terminology, and increase the effectiveness of security patterns

Systematic Literature Review of Security Pattern Research

Security patterns encompass security-related issues in secure software system development and operations that often appear in certain contexts. Since the late 1990s, about 500 security patterns have been proposed. Although the technical components are well investigated, the direction, overall picture, and barriers to implementation are not. Here, a systematic literature review of 240 papers is used to devise a taxonomy for security pattern research. Our taxonomy and the survey results should improve communications among practitioners and researchers, standardize the terminology, and increase the effectiveness of security patterns

Photoreactions of Sc3N@C80 with Disilirane, Silirane, and Digermirane: A Photochemical Method to Separate Ih and D5h Isomers

Under photoirradiation, Sc3N@Ih-C80 reacted readily with disilirane 1, silirane 4, and digermirane 7 to afford the corresponding 1:1 adducts, whereas Sc3N@D5h-C80 was recovered without producing those adducts. Based on these results, we described a novel method for the exclusive separation of Ih and D5h isomers of Sc3N@C80. The method includes three procedures: selective derivatization of Sc3N@Ih-C80 using 1, 4, and 7, facile HPLC separation of pristine Sc3N@D5h-C80 and Sc3N@Ih-C80 derivatives, and thermolysis of Sc3N@Ih-C80 derivatives to collect pristine Sc3N@Ih-C80. In addition, laser flash photolysis experiments were conducted to elucidate the reaction mechanism. Decay of the transient absorption of 3Sc3N@Ih-C80* was observed to be enhanced in the presence of 1, indicating the quenching process. When Sc3N@D5h-C80 was used, the transient absorption was much less intensive. Therefore, the quenching of 3Sc3N@D5h-C80* by 1 could not be confirmed. Furthermore, we applied time-dependent density functional theory (TD-DFT) calculations of the photoexcited states of Sc3N@C80 to obtain insights into the reaction mechanism