An Empirical Study of Security Issues Posted in Open Source Projects

Date
2018-01-03
Authors
Zahedi, Mansooreh
Ali Babar, Muhammad
Treude, Christoph
Journal Title
Journal ISSN
Volume Title
Publisher
Volume
Number/Issue
Starting Page
Ending Page
Alternative Title
Abstract
When developers gain thorough understanding and knowledge of software security, they can produce more secure software. This study aims at empirically identifying and understanding the security issues posted on a random sample of GitHub repositories. We tried to understand the presence of security issues and their key themes and topics. We applied a mixed-methods approach, combining topic modeling techniques and qualitative analysis. Our findings have revealed that a) the rate of security-related issues was rather small (approx. 3% of all issues), b) the majority of the security issues were related to identity management and cryptography topics. We present 7 high-level themes of problems that developers face in implementing security features.
Description
Keywords
Cyber Security and Software Assurance, Empirical Research GitHub Software Security Software Repository Mining Topic Modeling
Citation
Extent
10 pages
Format
Geographic Location
Time Period
Related To
Proceedings of the 51st Hawaii International Conference on System Sciences
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
Rights Holder
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.