SlideShare uma empresa Scribd logo

Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

Transferir como PPTX, PDF
Alexander Serebrenik
Alexander Serebrenik

Application security is becoming increasingly prevalent during software and especially web application development. Consequently, countermeasures are continuously being discussed and built into applications, with the goal of reducing the risk that unauthorized code will be able to access, steal, modify, or delete sensitive data. We gauged the presence and atmosphere surrounding security-related discussions on GitHub, as mined from discussions around commits and pull requests. First, we found that security-related discussions account for approximately 10\% of all discussions on GitHub. Second, we found that more negative emotions are expressed in security-related discussions than in other discussions. These findings confirm the importance of properly training developers to address security concerns in their applications as well as the need to test applications thoroughly for security vulnerabilities in order to reduce frustration and improve overall project atmosphere.

Ciências
1 de 7
Security and Emotion: Sentiment Analysis of Security Discussions on GitHub @DanielPletea @b_vasilescu @aserebrenik Eindhoven University of Technology, NL
SEC NEG: “Blocking a handful of very specific exploits is less useful, it gives the appearance of security when there may be many other vulnerabilities not protected against.” SEC POS: woot! one more exploit gone!
Security = more negative emotions Similar results • commits/pull requests • individual comments/disc ussions
Glossary of Key Information Security Terms Co-occurring tags Final list of security terms Challenge data Comments Discussions Security/other comments Security/other discussions NLTK Neutral % Pos/Neg % exploit, ldap, spoofing,
Challenge data ≠ GitHub Recognition of security comments/discussions might be imperfect NLTK was trained on movie reviews & tweets Commit messages were cut to 256 characters
Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

Recomendados

Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...
Matthew Park
 
Data Visualizations in Cyber Security: Still Home of the WOPR?
Data Visualizations in Cyber Security: Still Home of the WOPR?Data Visualizations in Cyber Security: Still Home of the WOPR?
Data Visualizations in Cyber Security: Still Home of the WOPR?
Matthew Park
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
Anne Oikarinen
 
Reduce the Risk of Open Source Security Vulnerabilities
Reduce the Risk of Open Source Security VulnerabilitiesReduce the Risk of Open Source Security Vulnerabilities
Reduce the Risk of Open Source Security Vulnerabilities
Protecode
 
Bruteforce basic presentation_file - linx
Bruteforce basic presentation_file - linxBruteforce basic presentation_file - linx
Bruteforce basic presentation_file - linx
idsecconf
 
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersDEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
Felipe Prado
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert Hurlbut
DevSecCon
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
Satria Ady Pradana
 

Recomendados

Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...Ask me anything: A Conversational Interface to Augment Information Security w...
Ask me anything: A Conversational Interface to Augment Information Security w...
Matthew Park
 
Data Visualizations in Cyber Security: Still Home of the WOPR?
Data Visualizations in Cyber Security: Still Home of the WOPR?Data Visualizations in Cyber Security: Still Home of the WOPR?
Data Visualizations in Cyber Security: Still Home of the WOPR?
Matthew Park
 
Threat Modeling Everything
Threat Modeling EverythingThreat Modeling Everything
Threat Modeling Everything
Anne Oikarinen
 
Reduce the Risk of Open Source Security Vulnerabilities
Reduce the Risk of Open Source Security VulnerabilitiesReduce the Risk of Open Source Security Vulnerabilities
Reduce the Risk of Open Source Security Vulnerabilities
Protecode
 
Bruteforce basic presentation_file - linx
Bruteforce basic presentation_file - linxBruteforce basic presentation_file - linx
Bruteforce basic presentation_file - linx
idsecconf
 
DEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testersDEF CON 23 - Wesley McGrew - i hunt penetration testers
DEF CON 23 - Wesley McGrew - i hunt penetration testers
Felipe Prado
 
Threat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert HurlbutThreat Modeling workshop by Robert Hurlbut
Threat Modeling workshop by Robert Hurlbut
DevSecCon
 
Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
Satria Ady Pradana
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber Security
Satria Ady Pradana
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming Operation
Satria Ady Pradana
 
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeThe road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
DevSecCon
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalists
Jillian York
 
The path of secure software by Katy Anton
The path of secure software by Katy AntonThe path of secure software by Katy Anton
The path of secure software by Katy Anton
DevSecCon
 
Univ 100 research presentation
Univ 100 research presentationUniv 100 research presentation
Univ 100 research presentation
Jeffery Jackson Jr.
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
Anne Oikarinen
 
Hacker vs Tools: Which to Choose?
Hacker vs Tools: Which to Choose?Hacker vs Tools: Which to Choose?
Hacker vs Tools: Which to Choose?
Security Innovation
 
Hacker vs tools
Hacker vs toolsHacker vs tools
Hacker vs tools
Geoffrey Vaughan
 
A Brief Insight into Penetration Testing
A Brief Insight into Penetration TestingA Brief Insight into Penetration Testing
A Brief Insight into Penetration Testing
Vikram Khanna
 
Car Study & Statistics
Car Study & StatisticsCar Study & Statistics
Car Study & Statistics
Melissa Anne Lim
 
Fresh Produce
Fresh ProduceFresh Produce
Fresh Produce
Colt
 
Mo E Training 00 Welcome
Mo E Training 00 WelcomeMo E Training 00 Welcome
Mo E Training 00 Welcome
abumaather
 
researchpbl
researchpblresearchpbl
researchpbl
puniga
 
Regreso A Clase
Regreso A ClaseRegreso A Clase
Regreso A Clase
mercedesherrerasaez
 
Flowgen: Flowchart-Based Documentation Framework for C++
Flowgen: Flowchart-Based Documentation Framework for C++Flowgen: Flowchart-Based Documentation Framework for C++
Flowgen: Flowchart-Based Documentation Framework for C++
Alexander Serebrenik
 
Icsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliarIcsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliar
Alexander Serebrenik
 
Sattose talk
Sattose talkSattose talk
Sattose talk
Alexander Serebrenik
 
Gender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, DrupalGender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, Drupal
Alexander Serebrenik
 
Power Point
Power PointPower Point
Power Point
ArnauGil
 
ไตร่ตรองงานวิจัยของฉัน
ไตร่ตรองงานวิจัยของฉันไตร่ตรองงานวิจัยของฉัน
ไตร่ตรองงานวิจัยของฉัน
School in Phatthalung
 
Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13
edumallol
 

Mais conteúdo relacionado

Mais procurados

Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalists
Jillian York
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
Anne Oikarinen
 

Mais procurados (10)

Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber Security
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming Operation
 
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeThe road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
 
Security and privacy for journalists
Security and privacy for journalistsSecurity and privacy for journalists
Security and privacy for journalists
 
The path of secure software by Katy Anton
The path of secure software by Katy AntonThe path of secure software by Katy Anton
The path of secure software by Katy Anton
 
Univ 100 research presentation
Univ 100 research presentationUniv 100 research presentation
Univ 100 research presentation
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Hacker vs Tools: Which to Choose?
Hacker vs Tools: Which to Choose?Hacker vs Tools: Which to Choose?
Hacker vs Tools: Which to Choose?
 
Hacker vs tools
Hacker vs toolsHacker vs tools
Hacker vs tools
 
A Brief Insight into Penetration Testing
A Brief Insight into Penetration TestingA Brief Insight into Penetration Testing
A Brief Insight into Penetration Testing
 

Destaque

Icsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliarIcsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliar
Alexander Serebrenik
 
Gender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, DrupalGender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, Drupal
Alexander Serebrenik
 
Power Point
Power PointPower Point
Power Point
ArnauGil
 
Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13
edumallol
 
Hh kehittamistyo esitys_atte_jarvela
Hh kehittamistyo esitys_atte_jarvelaHh kehittamistyo esitys_atte_jarvela
Hh kehittamistyo esitys_atte_jarvela
Atte Järvelä
 
EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
EnTagRec: An Enhanced Tag Recommendation System for Software Information SitesEnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
Alexander Serebrenik
 
Starting With Microsoft Excel Itzel
Starting With Microsoft Excel ItzelStarting With Microsoft Excel Itzel
Starting With Microsoft Excel Itzel
itzellaguna
 
An empirical study of the evolution of Eclipse third-party plug-ins
An empirical study of the evolution of Eclipse third-party plug-insAn empirical study of the evolution of Eclipse third-party plug-ins
An empirical study of the evolution of Eclipse third-party plug-ins
Alexander Serebrenik
 

Destaque (20)

Car Study & Statistics
Car Study & StatisticsCar Study & Statistics
Car Study & Statistics
 
Fresh Produce
Fresh ProduceFresh Produce
Fresh Produce
 
Mo E Training 00 Welcome
Mo E Training 00 WelcomeMo E Training 00 Welcome
Mo E Training 00 Welcome
 
researchpbl
researchpblresearchpbl
researchpbl
 
Regreso A Clase
Regreso A ClaseRegreso A Clase
Regreso A Clase
 
Flowgen: Flowchart-Based Documentation Framework for C++
Flowgen: Flowchart-Based Documentation Framework for C++Flowgen: Flowchart-Based Documentation Framework for C++
Flowgen: Flowchart-Based Documentation Framework for C++
 
Icsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliarIcsm 2011 you can't control the unfamiliar
Icsm 2011 you can't control the unfamiliar
 
Sattose talk
Sattose talkSattose talk
Sattose talk
 
Gender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, DrupalGender in on-line communities: StackOverflow, WordPress, Drupal
Gender in on-line communities: StackOverflow, WordPress, Drupal
 
Power Point
Power PointPower Point
Power Point
 
ไตร่ตรองงานวิจัยของฉัน
ไตร่ตรองงานวิจัยของฉันไตร่ตรองงานวิจัยของฉัน
ไตร่ตรองงานวิจัยของฉัน
 
Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13Reunió pares p3 juny curs 12 13
Reunió pares p3 juny curs 12 13
 
Databases Part 3: Searching
Databases Part 3: SearchingDatabases Part 3: Searching
Databases Part 3: Searching
 
TTT
TTTTTT
TTT
 
Hh kehittamistyo esitys_atte_jarvela
Hh kehittamistyo esitys_atte_jarvelaHh kehittamistyo esitys_atte_jarvela
Hh kehittamistyo esitys_atte_jarvela
 
EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
EnTagRec: An Enhanced Tag Recommendation System for Software Information SitesEnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
EnTagRec: An Enhanced Tag Recommendation System for Software Information Sites
 
Starting With Microsoft Excel Itzel
Starting With Microsoft Excel ItzelStarting With Microsoft Excel Itzel
Starting With Microsoft Excel Itzel
 
Challenges in Software Ecosystems Research
Challenges in Software Ecosystems ResearchChallenges in Software Ecosystems Research
Challenges in Software Ecosystems Research
 
An empirical study of the evolution of Eclipse third-party plug-ins
An empirical study of the evolution of Eclipse third-party plug-insAn empirical study of the evolution of Eclipse third-party plug-ins
An empirical study of the evolution of Eclipse third-party plug-ins
 
System7 Five Point
System7 Five PointSystem7 Five Point
System7 Five Point
 

Semelhante a Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
phanleson
 
Residency ResearchISOL 536 Security Architecture and Design.docx
Residency ResearchISOL 536 Security Architecture and Design.docxResidency ResearchISOL 536 Security Architecture and Design.docx
Residency ResearchISOL 536 Security Architecture and Design.docx
brittneyj3
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Aaron Hnatiw
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
phanleson
 
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe thChapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
samirapdcosden
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Black Duck by Synopsys
 
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
Cyber Security Alliance
 

Semelhante a Security and Emotion: Sentiment Analysis of Security Discussions on GitHub (20)

Professional Hacking in 2011
Professional Hacking in 2011Professional Hacking in 2011
Professional Hacking in 2011
 
Passwords & security
Passwords & securityPasswords & security
Passwords & security
 
3.Secure Design Principles And Process
3.Secure Design Principles And Process3.Secure Design Principles And Process
3.Secure Design Principles And Process
 
Residency ResearchISOL 536 Security Architecture and Design.docx
Residency ResearchISOL 536 Security Architecture and Design.docxResidency ResearchISOL 536 Security Architecture and Design.docx
Residency ResearchISOL 536 Security Architecture and Design.docx
 
Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012Security vulnerabilities for grown ups - GOTOcon 2012
Security vulnerabilities for grown ups - GOTOcon 2012
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011
 
Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017Security Training: Making your weakest link the strongest - CircleCityCon 2017
Security Training: Making your weakest link the strongest - CircleCityCon 2017
 
Continuous security testing - sharing responsibility
Continuous security testing - sharing responsibilityContinuous security testing - sharing responsibility
Continuous security testing - sharing responsibility
 
Barcamp: Open Source and Security
Barcamp: Open Source and SecurityBarcamp: Open Source and Security
Barcamp: Open Source and Security
 
1.Security Overview And Patching
1.Security Overview And Patching1.Security Overview And Patching
1.Security Overview And Patching
 
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe thChapter 6Authenticating PeopleChapter 6 OverviewThe th
Chapter 6Authenticating PeopleChapter 6 OverviewThe th
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOps
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 
Getting authentication right
Getting authentication rightGetting authentication right
Getting authentication right
 
Fordham Tech. Innovators - Password Management Presentation
Fordham Tech. Innovators - Password Management PresentationFordham Tech. Innovators - Password Management Presentation
Fordham Tech. Innovators - Password Management Presentation
 
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
ASFWS 2011: Harmonizing Identity and Privacy in Digital Identity and Authenti...
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin on What is NOT Working in Security 2004
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
paper9.pdf
paper9.pdfpaper9.pdf
paper9.pdf
 
sheet2.pdf
sheet2.pdfsheet2.pdf
sheet2.pdf
 

Mais de Alexander Serebrenik

Towards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBotTowards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBot
Alexander Serebrenik
 
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
Alexander Serebrenik
 
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
Alexander Serebrenik
 
Emotion Analysis in Software Ecosystems
Emotion Analysis in Software EcosystemsEmotion Analysis in Software Ecosystems
Emotion Analysis in Software Ecosystems
Alexander Serebrenik
 
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Alexander Serebrenik
 
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis AlarmsAn Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
Alexander Serebrenik
 
Classification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis AlarmsClassification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis Alarms
Alexander Serebrenik
 
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The NetherlandsWhat Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
Alexander Serebrenik
 
Gender and Community Smells
Gender and Community SmellsGender and Community Smells
Gender and Community Smells
Alexander Serebrenik
 
Opinion Mining for Software Engineering
Opinion Mining for Software EngineeringOpinion Mining for Software Engineering
Opinion Mining for Software Engineering
Alexander Serebrenik
 

Mais de Alexander Serebrenik (20)

Software development is a human activity: understanding software requires und...
Software development is a human activity: understanding software requires und...Software development is a human activity: understanding software requires und...
Software development is a human activity: understanding software requires und...
 
Towards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBotTowards Continuous Performance Assessment of Java Applications With PerfBot
Towards Continuous Performance Assessment of Java Applications With PerfBot
 
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
“STILL AROUND”: Experiences and Survival Strategies of Veteran Women Software...
 
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
A Qualitative Study of Developers’ Discussions of Their Problems and Joys Dur...
 
Emotion Analysis in Software Ecosystems
Emotion Analysis in Software EcosystemsEmotion Analysis in Software Ecosystems
Emotion Analysis in Software Ecosystems
 
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
Investigating the Resolution of Vulnerable Dependencies with Dependabot Secur...
 
Gender and Age in Software Engineering
Gender and Age in Software EngineeringGender and Age in Software Engineering
Gender and Age in Software Engineering
 
Alexander - intro
Alexander - introAlexander - intro
Alexander - intro
 
Diversity and inclusion in a CS classroom
Diversity and inclusion in a CS classroomDiversity and inclusion in a CS classroom
Diversity and inclusion in a CS classroom
 
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis AlarmsAn Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
An Empirical Assessment on Merging and Repositioning of Static Analysis Alarms
 
Classification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis AlarmsClassification and Ranking of Delta Static Analysis Alarms
Classification and Ranking of Delta Static Analysis Alarms
 
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The NetherlandsWhat Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
What Is an AI Engineer? An Empirical Analysis of Job Ads in The Netherlands
 
Gender and Community Smells
Gender and Community SmellsGender and Community Smells
Gender and Community Smells
 
Bias in MSR Research
Bias in MSR ResearchBias in MSR Research
Bias in MSR Research
 
From team organisation to software quality
From team organisation to software qualityFrom team organisation to software quality
From team organisation to software quality
 
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
Women in Dutch Computer Science: Best Practices for Recruitment, Onboarding a...
 
My research story (presentation at ICSE 2021 New Faculty Symposium)
My research story (presentation at ICSE 2021 New Faculty Symposium)My research story (presentation at ICSE 2021 New Faculty Symposium)
My research story (presentation at ICSE 2021 New Faculty Symposium)
 
Opinion Mining for Software Engineering
Opinion Mining for Software EngineeringOpinion Mining for Software Engineering
Opinion Mining for Software Engineering
 
Removing Self Admitted Technical Debt
Removing Self Admitted Technical DebtRemoving Self Admitted Technical Debt
Removing Self Admitted Technical Debt
 
Gender Diversity and Inclusion and Software Engineering
Gender Diversity and Inclusion and Software EngineeringGender Diversity and Inclusion and Software Engineering
Gender Diversity and Inclusion and Software Engineering
 

Último

Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Sérgio Sacani
 
Conjugation, transduction and transformation
Conjugation, transduction and transformationConjugation, transduction and transformation
Conjugation, transduction and transformation
Areesha Ahmad
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
PirithiRaju
 
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
ssuser79fe74
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
Damini Dixit
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
levieagacer
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and Classifications
Areesha Ahmad
 

Último (20)

Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
Feature-aligned N-BEATS with Sinkhorn divergence (ICLR '24)
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
Dopamine neurotransmitter determination using graphite sheet- graphene nano-s...
 
Conjugation, transduction and transformation
Conjugation, transduction and transformationConjugation, transduction and transformation
Conjugation, transduction and transformation
 
Proteomics: types, protein profiling steps etc.
Proteomics: types, protein profiling steps etc.Proteomics: types, protein profiling steps etc.
Proteomics: types, protein profiling steps etc.
 
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdfPests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
Pests of cotton_Borer_Pests_Binomics_Dr.UPR.pdf
 
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
Chemical Tests; flame test, positive and negative ions test Edexcel Internati...
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceuticsPulmonary drug delivery system M.pharm -2nd sem P'ceutics
Pulmonary drug delivery system M.pharm -2nd sem P'ceutics
 
Zoology 5th semester notes( Sumit_yadav).pdf
Zoology 5th semester notes( Sumit_yadav).pdfZoology 5th semester notes( Sumit_yadav).pdf
Zoology 5th semester notes( Sumit_yadav).pdf
 
module for grade 9 for distance learning
module for grade 9 for distance learningmodule for grade 9 for distance learning
module for grade 9 for distance learning
 
GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)GBSN - Microbiology (Unit 3)
GBSN - Microbiology (Unit 3)
 
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
High Profile 🔝 8250077686 📞 Call Girls Service in GTB Nagar🍑
 
Forensic Biology & Its biological significance.pdf
Forensic Biology & Its biological significance.pdfForensic Biology & Its biological significance.pdf
Forensic Biology & Its biological significance.pdf
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
 
GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)
 
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
 
Unit5-Cloud.pptx for lpu course cse121 o
Unit5-Cloud.pptx for lpu course cse121 oUnit5-Cloud.pptx for lpu course cse121 o
Unit5-Cloud.pptx for lpu course cse121 o
 
Bacterial Identification and Classifications
Bacterial Identification and ClassificationsBacterial Identification and Classifications
Bacterial Identification and Classifications
 
Clean In Place(CIP).pptx .
Clean In Place(CIP).pptx .Clean In Place(CIP).pptx .
Clean In Place(CIP).pptx .
 

Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

  • 1. Security and Emotion: Sentiment Analysis of Security Discussions on GitHub @DanielPletea @b_vasilescu @aserebrenik Eindhoven University of Technology, NL
  • 2.
  • 3. SEC NEG: “Blocking a handful of very specific exploits is less useful, it gives the appearance of security when there may be many other vulnerabilities not protected against.” SEC POS: woot! one more exploit gone!
  • 4. Security = more negative emotions Similar results • commits/pull requests • individual comments/disc ussions
  • 5. Glossary of Key Information Security Terms Co-occurring tags Final list of security terms Challenge data Comments Discussions Security/other comments Security/other discussions NLTK Neutral % Pos/Neg % exploit, ldap, spoofing,
  • 6. Challenge data ≠ GitHub Recognition of security comments/discussions might be imperfect NLTK was trained on movie reviews & tweets Commit messages were cut to 256 characters

Notas do Editor

  1. Security vulnerabilities are costly and may have legal ramifications We want to understand the atmosphere surrounding security discussions on github
  2. Security vulnerabilities are costly and may have legal ramifications We want to understand the atmosphere surrounding security discussions on github
  3. To replace with a better image Function: negative*(1-neutral) (1) security-related (2) other