Keynote: "Mining Software Repositories for Security: Data Quality Issues Lessons from Trenches"
Software repositories are an attractive source of data for understanding the burning security issues challenging developers, anecdotal solutions, and building AI/ML-based models and tools. That is why there is exponential growth in the literature based on mining software repositories for software security. While the abundance of freely available data for research is a fortune, the data quality issues can make software repositories minefields capable of blowing any time and effort budget for a project. Our group has been active in this area for the last few years to develop knowledge, understanding, and tools for improving software security by mining repositories. Through a mix of successful and failed efforts, we have experienced firsthand what is called “garbage in, garbage out” due to poor data quality. Without fully appreciating the data quality issues, starting a data-driven software security project can be frustrating and disheartening for a research team. We believe engaging the relevant stakeholders in developing and sharing knowledge and technologies to improve software security data quality is crucial. To this end, we are not only systematically identifying and synthesizing the existing empirical literature on improving data quality but also devising innovative solutions for addressing the data quality challenges while mining software repositories for software security. This talk will draw lessons and recommendations from our efforts of systematically reviewing the state-of-the-art and developing solutions for improving data quality while building knowledge, understanding, and tools for supporting software security. The talk will use a selected set of our studies to demonstrate the concrete cases of the challenges faced and the used workarounds to successfully continue our journey of learning and improving in this line of research and practice.
Fri 18 NovDisplayed time zone: Beijing, Chongqing, Hong Kong, Urumqi change
09:00 - 10:30 | Welcome & Opening KeynoteMSR4P&S at Virtual 1 (Whova) Chair(s): Nicolás E. Díaz Ferreyra Hamburg University of Technology Time: 9am - 10:00am
| ||||||||||||||
09:00 90mTalk | Keynote: "Mining Software Repositories for Security: Data Quality Issues Lessons from Trenches" MSR4P&S Muhammad Ali Babar The University of Adelaide |
Time: 9am - 10:00am