What security questions do developers ask? A large-scale study of stack overflow posts

Security has always been a popular and critical topic. With the rapid development of information technology, it is always attracting people’s attention. However, since security has a long history, it covers a wide range of topics which change a lot, from classic cryptography to recently popular mobi...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Xinli, David LO, XIA, Xin, WAN, Zhi-Yuan, SUN, Jian-Ling
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2016
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/3577
https://ink.library.smu.edu.sg/context/sis_research/article/4578/viewcontent/WhatSecurityQnsDevelopersAsk_2016_pvoa.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-4578
record_format dspace
spelling sg-smu-ink.sis_research-45782017-04-10T07:48:12Z What security questions do developers ask? A large-scale study of stack overflow posts YANG, Xinli David LO, XIA, Xin WAN, Zhi-Yuan SUN, Jian-Ling Security has always been a popular and critical topic. With the rapid development of information technology, it is always attracting people’s attention. However, since security has a long history, it covers a wide range of topics which change a lot, from classic cryptography to recently popular mobile security. There is a need to investigate security-related topics and trends, which can be a guide for security researchers, security educators and security practitioners. To address the above-mentioned need, in this paper, we conduct a large-scale study on security-related questions on Stack Overflow. Stack Overflow is a popular on-line question and answer site for software developers to communicate, collaborate, and share information with one another. There are many different topics among the numerous questions posted on Stack Overflow and security-related questions occupy a large proportion and have an important and significant position. We first use two heuristics to extract from the dataset the questions that are related to security based on the tags of the posts. And then we use an advanced topic model, Latent Dirichlet Allocation (LDA) tuned using Genetic Algorithm (GA), to cluster different security-related questions based on their texts. After obtaining the different topics of security-related questions, we use their metadata to make various analyses. We summarize all the topics into five main categories, and investigate the popularity and difficulty of different topics as well. Based on the results of our study, we conclude several implications for researchers, educators and practitioners. 2016-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/3577 info:doi/10.1007/s11390-016-1672-0 https://ink.library.smu.edu.sg/context/sis_research/article/4578/viewcontent/WhatSecurityQnsDevelopersAsk_2016_pvoa.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University empirical study security Stack Overflow topic model Computer Sciences Software Engineering
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic empirical study
security
Stack Overflow
topic model
Computer Sciences
Software Engineering
spellingShingle empirical study
security
Stack Overflow
topic model
Computer Sciences
Software Engineering
YANG, Xinli
David LO,
XIA, Xin
WAN, Zhi-Yuan
SUN, Jian-Ling
What security questions do developers ask? A large-scale study of stack overflow posts
description Security has always been a popular and critical topic. With the rapid development of information technology, it is always attracting people’s attention. However, since security has a long history, it covers a wide range of topics which change a lot, from classic cryptography to recently popular mobile security. There is a need to investigate security-related topics and trends, which can be a guide for security researchers, security educators and security practitioners. To address the above-mentioned need, in this paper, we conduct a large-scale study on security-related questions on Stack Overflow. Stack Overflow is a popular on-line question and answer site for software developers to communicate, collaborate, and share information with one another. There are many different topics among the numerous questions posted on Stack Overflow and security-related questions occupy a large proportion and have an important and significant position. We first use two heuristics to extract from the dataset the questions that are related to security based on the tags of the posts. And then we use an advanced topic model, Latent Dirichlet Allocation (LDA) tuned using Genetic Algorithm (GA), to cluster different security-related questions based on their texts. After obtaining the different topics of security-related questions, we use their metadata to make various analyses. We summarize all the topics into five main categories, and investigate the popularity and difficulty of different topics as well. Based on the results of our study, we conclude several implications for researchers, educators and practitioners.
format text
author YANG, Xinli
David LO,
XIA, Xin
WAN, Zhi-Yuan
SUN, Jian-Ling
author_facet YANG, Xinli
David LO,
XIA, Xin
WAN, Zhi-Yuan
SUN, Jian-Ling
author_sort YANG, Xinli
title What security questions do developers ask? A large-scale study of stack overflow posts
title_short What security questions do developers ask? A large-scale study of stack overflow posts
title_full What security questions do developers ask? A large-scale study of stack overflow posts
title_fullStr What security questions do developers ask? A large-scale study of stack overflow posts
title_full_unstemmed What security questions do developers ask? A large-scale study of stack overflow posts
title_sort what security questions do developers ask? a large-scale study of stack overflow posts
publisher Institutional Knowledge at Singapore Management University
publishDate 2016
url https://ink.library.smu.edu.sg/sis_research/3577
https://ink.library.smu.edu.sg/context/sis_research/article/4578/viewcontent/WhatSecurityQnsDevelopersAsk_2016_pvoa.pdf
_version_ 1770573333919694848