Using AI Assistants in Software Development: A Qualitative Study on Security Practices and Concerns
JH Klemmer, SA Horstmann, N Patnaik… - Proceedings of the …, 2024 - dl.acm.org
Following the recent release of AI assistants, such as OpenAI's ChatGPT and GitHub
Copilot, the software industry quickly utilized these tools for software development tasks, eg …
Copilot, the software industry quickly utilized these tools for software development tasks, eg …
{“Security} is not my field,{I'm} a stats {guy”}: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry
Adversarial machine learning (AML) has the potential to leak training data, force arbitrary
classifications, and greatly degrade overall performance of machine learning models, all of …
classifications, and greatly degrade overall performance of machine learning models, all of …
Engaging Company Developers in Security Research Studies: A Comprehensive Literature Review and Quantitative Survey
Previous research demonstrated that company developers excel compared to freelancers
and computer science students, with the corporate environment significantly influencing …
and computer science students, with the corporate environment significantly influencing …
" Would you give the same priority to the bank and a game? I do {not!}" exploring credential management strategies and obstacles during password manager setup
Password managers allow users to improve password security by handling large numbers of
strong and unique passwords without the burden of memorizing them. While users are …
strong and unique passwords without the burden of memorizing them. While users are …
" There are rabbit holes I want to go down that I'm not allowed to go down": An Investigation of Security Expert Threat Modeling Practices for Medical Devices
RE Thompson, M McLaughlin, C Powers… - 33rd USENIX Security …, 2024 - usenix.org
Threat modeling is considered an essential first step for" secure by design" development.
Significant prior work and industry efforts have created novel methods for this type of threat …
Significant prior work and industry efforts have created novel methods for this type of threat …
Measuring secure coding practice and culture: A finger pointing at the moon is not the moon
Software security research has a core problem: it is impossible to prove the security of
complex software. A low number of known defects may simply indicate that the software has …
complex software. A low number of known defects may simply indicate that the software has …
“Those things are written by lawyers, and programmers are reading that.” Mapping the Communication Gap Between Software Developers and Privacy Experts
SA Horstmann, S Domiks, M Gutfleisch… - Proceedings on …, 2024 - petsymposium.org
To ensure data-privacy compliance, it is common for companies to consult privacy experts
for the identification and communication of privacy requirements to software developers …
for the identification and communication of privacy requirements to software developers …
Privacy, permissions, and the health app ecosystem: A stack overflow exploration
Health data is considered to be sensitive and personal; both governments and software
platforms have enacted specific measures to protect it. Consumer apps that collect health …
platforms have enacted specific measures to protect it. Consumer apps that collect health …
On the recruitment of company developers for security studies: results from a qualitative interview study
To address the issue of participant recruitment for security developer studies, researchers
proposed using freelance online platforms or recruiting computer science (CS) students as …
proposed using freelance online platforms or recruiting computer science (CS) students as …
A Survey of Cybersecurity {Professionals'} Perceptions and Experiences of Safety and Belonging in the Community
S Katcher, L Wang, C Yang, C Messdaghi… - … Symposium on Usable …, 2024 - usenix.org
The cybersecurity workforce lacks diversity; the field is predominately men and White or
Asian, with only 10% identifying as women, Latine, or Black. Previous studies identified …
Asian, with only 10% identifying as women, Latine, or Black. Previous studies identified …