Mining security changes in FreeBSD

Mining security changes in FreeBSD

Current research on historical project data is rarely touching on the subject of security related information. Learning how security is treated in projects and which parts of a software are historically security relevant or prone to security changes can enhance the security strategy of a software pr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Mauczka, Andreas, Schanes, Christian, Fankhauser, Florian, Bernhart, Mario, Grechenig, Thomas
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Computer industry
Data analysis
Data security
History
Information security
Mining industry
Performance analysis
Predictive models
Programming
Software performance
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Current research on historical project data is rarely touching on the subject of security related information. Learning how security is treated in projects and which parts of a software are historically security relevant or prone to security changes can enhance the security strategy of a software project. We present a mining methodology for security related changes by modifying an existing method of software repository analysis. We use the gathered security changes to find out more about the nature of security in the FreeBSD project and we try to establish a link between the identified security changes and a tracker for security issues (security advisories). We give insights how security is presented in the FreeBSD project and show how the mined data and known security problems are connected.
ISSN:2160-1852
DOI:10.1109/MSR.2010.5463289