This repository includes the data used in the paper entitled "A Grounded Theory Based Approach to Characterize Software Attack Surfaces".
The summary of the data included in each folder:
- 1. All Collected Data: All Common Vulnerabilities and Exposures (CVEs) and Common Weakness Enumerations (CWEs) that were retrieved from the MITRE during the First, Second and Third stages of Data Collection (Section 2.2).
- 2. Coded Data: This folder contains the open codes obtained from all CVEs and CWEs.
- 3. Memos: It contains the notes taken throughout the data analysis ("memoing").
- 4. Axial Codes: This folder contains the axial codes that show how open codes and concepts are grouped into categories.
- 5. Core Categories: Core categories obtained in selective coding for Targets (What), Entry Points(Where), and Mechanisms (How).
- 6. Coding Tool: Information about the tool used during open coding and its source code.
- 7. SLR: Data retrieved during the Systematic Literature Review (SLR).