Mining security changes in freebsd

Abstract

Current research on historical project data is rarely touching on the subject of security related information. Learning how security is treated in projects and which parts of a software are historically security relevant or prone to security changes can enhance the security strategy of a software project. We present a mining methodology for security related changes by modifying an existing method of software repository analysis. We use the gathered security changes to find out more about the nature of security in the FreeBSD project and we try to establish a link between the identified security changes and a tracker for security issues (security advisories). We give insights how security is presented in the FreeBSD project and show how the mined data and known security problems are connected.

Publication
Talk: 7th IEEE Working Conference on Mining Software Repositories (MSR), Cape Town, South Africa; 05-02-2010 - 05-03-2010; in: “Proceedings of 7th IEEE Working Conference on Mining Software Repositories (MSR)", IEEE, (2010), ISBN: 978-1-4244-6803-4; 90 - 93
Thomas Grechenig
Thomas Grechenig
Ao.Univ.Prof. Dipl.-Ing. Dr.techn.