An Empirical Study of Security Issues Posted in Open Source Projects
Research output: Conference Article in Proceeding or Book/Report chapter › Article in proceedings › Research › peer-review
When developers gain thorough understanding and knowledge of software security, they can produce more secure software. This study aims at empirically identifying and understanding the security issues posted on a random sample of GitHub repositories. We tried to understand the presence of security issues and their key themes and topics. We applied a mixed-methods approach, combining topic modeling techniques and qualitative analysis. Our findings have revealed that a) the rate of security-related issues was rather small (approx. 3% of all issues), b) the majority of the security issues were related to identity management and cryptography topics. We present 7 high-level themes of problems that developers face in implementing security features.
| Original language | English |
|---|---|
| Title of host publication | Hawaii International Conference on System Sciences (HICSS) |
| Number of pages | 10 |
| Place of Publication | Hawaii, Manoa |
| Publication date | 2018 |
| Pages | 5504-5513 |
| ISBN (Print) | 978-0-9981331-1-9 |
| State | Published - 2018 |
Close
- Software Security, Empirical Software Engineering, GitHub, Repository Mining, Topic Modeling, qualitative research
Research areas
Downloads
No data available
ID: 82437786