An exploratory analysis of security on data transmission on relevant software engineering discussion sites

The Question and Answer (Q&A) sites are very popular nowadays for discussion on technological issues. Among the most prominent topics of these sites, posts related to security are widely visited. Security discussions may be classified broadly into two categories: application and infrastructure security. In this research, we studied several community Q&A sites to analyze the characteristics of requirements and difficulties to implement security in data transmission, one of the most dominant topics of infrastructure security. To the best of our knowledge, this is the first study of this kind. Our findings are expected to make it easier for the interested people to acquire knowledge about recent threats and security issues of data transmission in a methodical way and also to understand the trends of relevant technologies. We found that Transport Layer Security (TLS) is the most discussed technique over the years and Cross-Site Scripting (XSS) attack is the primary concern for the developers.

[1]  Letha H. Etzkorn,et al.  Bug localization using latent Dirichlet allocation , 2010, Inf. Softw. Technol..

[2]  Michael W. Godfrey,et al.  What's hot and what's not: Windowed developer topic analysis , 2009, 2009 IEEE International Conference on Software Maintenance.

[3]  William M. Darling A Theoretical and Practical Implementation Tutorial on Topic Modeling and Gibbs Sampling , 2011 .

[4]  Xinli Yang,et al.  What Security Questions Do Developers Ask? A Large-Scale Study of Stack Overflow Posts , 2016, Journal of Computer Science and Technology.

[5]  Ahmed E. Hassan,et al.  What are developers talking about? An analysis of topics and trends in Stack Overflow , 2014, Empirical Software Engineering.

[6]  David E. Goldberg,et al.  Genetic algorithms and Machine Learning , 1988, Machine Learning.

[7]  Michael I. Jordan,et al.  Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[8]  Stephen W. Thomas Mining software repositories using topic models , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[9]  Ali Mesbah,et al.  Mining questions asked by web developers , 2014, MSR 2014.

[10]  Richard N. Taylor,et al.  Software traceability with topic modeling , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[11]  Andrea De Lucia,et al.  How to effectively use topic models for software engineering tasks? An approach based on Genetic Algorithms , 2013, 2013 35th International Conference on Software Engineering (ICSE).

[12]  Emad Shihab,et al.  What are mobile developers asking about? A large scale study using stack overflow , 2016, Empirical Software Engineering.

[13]  Bogdan Dit,et al.  An exploratory analysis of mobile development issues using stack overflow , 2013, 2013 10th Working Conference on Mining Software Repositories (MSR).

[14]  Thomas Zimmermann,et al.  Security Trend Analysis with CVE Topic Models , 2010, 2010 IEEE 21st International Symposium on Software Reliability Engineering.