Rights statement: © 2018 The Owner/Authors. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in SEAD '18 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment http://doi.acm.org/10.1145/3194707.3194713
Accepted author manuscript, 1.19 MB, PDF document
Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License
Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - An investigation of security conversations in stack overflow
T2 - 1st ACM/IEEE International Workshop on Security Awareness from Design to Deployment, SEAD 2018, co-located with the 40th International Conference on Software Engineering, ICSE 2018
AU - Lopez, Tamara
AU - Tun, Thein T.
AU - Bandara, Arosha
AU - Levine, Mark
AU - Nuseibeh, Bashar
AU - Sharp, Helen
N1 - © 2018 The Owner/Authors. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in SEAD '18 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment http://doi.acm.org/10.1145/3194707.3194713
PY - 2018/5/27
Y1 - 2018/5/27
N2 - Developers turn to Stack Overflow and other on-line sources to find solutions to security problems, but little is known about how they engage with and guide one another in these environments or the perceptions of software security this may encourage. This study joins recent calls to understand more about how developers use Internet sources to solve security problems. As a first step, the authors have analyzed a set of questions within the security channel of Stack Overflow. Preliminary findings reveal more about this community of practitioners: who are the askers and commenters, how security questions are asked and how developers frame technical information using social and experience-based perceptions of security.
AB - Developers turn to Stack Overflow and other on-line sources to find solutions to security problems, but little is known about how they engage with and guide one another in these environments or the perceptions of software security this may encourage. This study joins recent calls to understand more about how developers use Internet sources to solve security problems. As a first step, the authors have analyzed a set of questions within the security channel of Stack Overflow. Preliminary findings reveal more about this community of practitioners: who are the askers and commenters, how security questions are asked and how developers frame technical information using social and experience-based perceptions of security.
KW - Collaborative environments
KW - Empirical studies
KW - Secure software development
U2 - 10.1145/3194707.3194713
DO - 10.1145/3194707.3194713
M3 - Conference contribution/Paper
AN - SCOPUS:85055809299
SP - 26
EP - 32
BT - SEAD '18 Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment
PB - ACM
CY - New York
Y2 - 27 May 2018
ER -