Security and Emotion:
Sentiment Analysis of Security
Discussions on GitHub
@DanielPletea @b_vasilescu @aserebrenik
Eindhov...
SEC NEG:
“Blocking a handful of very
specific exploits is less
useful, it gives the
appearance of security
when there may ...
Security = more negative emotions
Similar results
• commits/pull
requests
• individual
comments/disc
ussions
Glossary of Key Information
Security Terms
Co-occurring
tags
Final list of
security terms
Challenge
data
Comments
Discussi...
Challenge data ≠ GitHub
Recognition of security comments/discussions
might be imperfect
NLTK was trained on movie reviews ...
Security and Emotion: Sentiment Analysis of Security Discussions on GitHub
Security and Emotion: Sentiment Analysis of Security Discussions on GitHub
Upcoming SlideShare
Loading in …5
×

Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

409 views
344 views

Published on

Application security is becoming increasingly prevalent during software and especially web application development. Consequently, countermeasures are continuously being discussed and built into applications, with the goal of reducing the risk that unauthorized code will be able to access, steal, modify, or delete sensitive data. We gauged the presence and atmosphere surrounding security-related discussions on GitHub, as mined from discussions around commits and pull requests.

First, we found that security-related discussions account for approximately 10\% of all discussions on GitHub. Second, we found that more negative emotions are expressed in security-related discussions than in other discussions. These findings confirm the importance of properly training developers to address security concerns in their applications
as well as the need to test applications thoroughly for security vulnerabilities in order to reduce frustration and
improve overall project atmosphere.

Published in: Science
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
409
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Security vulnerabilities are costly and may have legal ramifications
    We want to understand the atmosphere surrounding security discussions on github

  • Security vulnerabilities are costly and may have legal ramifications
    We want to understand the atmosphere surrounding security discussions on github

  • To replace with a better image
    Function: negative*(1-neutral)
    (1) security-related (2) other
  • Security and Emotion: Sentiment Analysis of Security Discussions on GitHub

    1. 1. Security and Emotion: Sentiment Analysis of Security Discussions on GitHub @DanielPletea @b_vasilescu @aserebrenik Eindhoven University of Technology, NL
    2. 2. SEC NEG: “Blocking a handful of very specific exploits is less useful, it gives the appearance of security when there may be many other vulnerabilities not protected against.” SEC POS: woot! one more exploit gone!
    3. 3. Security = more negative emotions Similar results • commits/pull requests • individual comments/disc ussions
    4. 4. Glossary of Key Information Security Terms Co-occurring tags Final list of security terms Challenge data Comments Discussions Security/other comments Security/other discussions NLTK Neutral % Pos/Neg % exploit, ldap, spoofing,
    5. 5. Challenge data ≠ GitHub Recognition of security comments/discussions might be imperfect NLTK was trained on movie reviews & tweets Commit messages were cut to 256 characters

    ×