LIVIVO - The Search Portal for Life Sciences

zur deutschen Oberfläche wechseln
Advanced search

Search results

Result 1 - 10 of total 19

Search options

  1. Book ; Online: Security and Machine Learning Adoption in IoT

    Uddin, Gias

    A Preliminary Study of IoT Developer Discussions

    2021  

    Abstract: Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. Traditionally, we learn about the IoT ecosystem/problems by conducting surveys of IoT ... ...

    Abstract Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. Traditionally, we learn about the IoT ecosystem/problems by conducting surveys of IoT developers/practitioners. Another way to learn is by analyzing IoT developer discussions in popular online developer forums like Stack Overflow (SO). However, we are aware of no such studies that focused on IoT developers' security and ML-related discussions in SO. This paper offers the results of preliminary study of IoT developer discussions in SO. We find around 12% of sentences contain security discussions, while around 0.12% sentences contain ML- related discussions. We find that IoT developers discussing security issues frequently inquired about how the shared data can be stored, shared, and transferred securely across IoT devices and users. We also find that IoT developers are interested to adopt deep neural network-based ML models into their IoT devices, but they find it challenging to accommodate those into their resource-constrained IoT devices. Our findings offer implications for IoT vendors and researchers to develop and design novel techniques for improved security and ML adoption into IoT devices.
    Keywords Computer Science - Cryptography and Security ; Computer Science - Software Engineering
    Subject code 303
    Publishing date 2021-04-01
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  2. Book ; Online: Combining Contexts from Multiple Sources for Documentation-Specific Code Example Generation

    Khan, Junaed Younus / Uddin, Gias

    2023  

    Abstract: Code example is a crucial part of good documentation. It helps the developers to understand the documentation easily and use the corresponding code unit (e.g., method) properly. However, many official documentation still lacks (good) code example and it ... ...

    Abstract Code example is a crucial part of good documentation. It helps the developers to understand the documentation easily and use the corresponding code unit (e.g., method) properly. However, many official documentation still lacks (good) code example and it is one of the common documentation issues as found by several studies. Hence in this paper, we consider automatic code example generation for documentation, a direction less explored by the existing research. We employ Codex, a GPT-3 based model, pre-trained on both natural and programming languages to generate code examples from source code and documentation given as input. Our preliminary investigation on 40 scikit-learn methods reveals that this approach is able to generate good code examples where 72.5% code examples were executed without error (passability) and 82.5% properly dealt with the target method and documentation (relevance). We also find that incorporation of error logs (produced by the compiler while executing a failed code example) in the input further improves the passability from 72.5% to 87.5%. Thus, our investigation sets the base of documentation-specific code example generation and warrants in-depth future studies.

    Comment: Accepted in 30th IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER 2023) - ERA
    Keywords Computer Science - Software Engineering
    Subject code 005
    Publishing date 2023-03-25
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  3. Book ; Online: A Large-Scale Study of IoT Security Weaknesses and Vulnerabilities in the Wild

    Selvaraj, Madhu / Uddin, Gias

    2023  

    Abstract: Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. We observed that IoT software developers share solutions to programming questions as code ... ...

    Abstract Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. We observed that IoT software developers share solutions to programming questions as code examples on three Stack Exchange Q&A sites: Stack Overflow (SO), Arduino, and Raspberry Pi. Previous research studies found vulnerabilities/weaknesses in C/C++ code examples shared in Stack Overflow. However, the studies did not investigate C/C++ code examples related to IoT. The studies investigated SO code examples only. In this paper, we conduct a large-scale empirical study of all IoT C/C++ code examples shared in the three Stack Exchange sites, i.e., SO, Arduino, and Raspberry Pi. From the 11,329 obtained code snippets from the three sites, we identify 29 distinct CWE (Common Weakness Enumeration) types in 609 snippets. These CWE types can be categorized into 8 general weakness categories, and we observe that evaluation, memory, and initialization related weaknesses are the most common to be introduced by users when posting programming solutions. Furthermore, we find that 39.58% of the vulnerable code snippets contain instances of CWE types that can be mapped to real-world occurrences of those CWE types (i.e. CVE instances). The most number vulnerable IoT code examples was found in Arduino, followed by SO, and Raspberry Pi. Memory type vulnerabilities are on the rise in the sites. For example, from the 3595 mapped CVE instances, we find that 28.99% result in Denial of Service (DoS) errors, which is particularly harmful for network reliant IoT devices such as smart cars. Our study results can guide various IoT stakeholders to be aware of such vulnerable IoT code examples and to inform IoT researchers during their development of tools that can help prevent developers the sharing of such vulnerable code examples in the sites. [Abridged].

    Comment: 38 pages, 21 figures
    Keywords Computer Science - Cryptography and Security ; Computer Science - Software Engineering
    Subject code 303
    Publishing date 2023-08-24
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  4. Book ; Online: An Empirical Study of IoT Security Aspects at Sentence-Level in Developer Textual Discussions

    Mandal, Nibir Chandra / Uddin, Gias

    2022  

    Abstract: IoT is a rapidly emerging paradigm that now encompasses almost every aspect of our modern life. As such, ensuring the security of IoT devices is crucial. IoT devices can differ from traditional computing, thereby the design and implementation of proper ... ...

    Abstract IoT is a rapidly emerging paradigm that now encompasses almost every aspect of our modern life. As such, ensuring the security of IoT devices is crucial. IoT devices can differ from traditional computing, thereby the design and implementation of proper security measures can be challenging in IoT devices. We observed that IoT developers discuss their security-related challenges in developer forums like Stack Overflow(SO). However, we find that IoT security discussions can also be buried inside non-security discussions in SO. In this paper, we aim to understand the challenges IoT developers face while applying security practices and techniques to IoT devices. We have two goals: (1) Develop a model that can automatically find security-related IoT discussions in SO, and (2) Study the model output to learn about IoT developer security-related challenges. First, we download 53K posts from SO that contain discussions about IoT. Second, we manually labeled 5,919 sentences from 53K posts as 1 or 0. Third, we use this benchmark to investigate a suite of deep learning transformer models. The best performing model is called SecBot. Fourth, we apply SecBot on the entire posts and find around 30K security related sentences. Fifth, we apply topic modeling to the security-related sentences. Then we label and categorize the topics. Sixth, we analyze the evolution of the topics in SO. We found that (1) SecBot is based on the retraining of the deep learning model RoBERTa. SecBot offers the best F1-Score of 0.935, (2) there are six error categories in misclassified samples by SecBot. SecBot was mostly wrong when the keywords/contexts were ambiguous (e.g., gateway can be a security gateway or a simple gateway), (3) there are 9 security topics grouped into three categories: Software, Hardware, and Network, and (4) the highest number of topics belongs to software security, followed by network security.
    Keywords Computer Science - Cryptography and Security ; Computer Science - Information Retrieval ; Computer Science - Machine Learning ; Computer Science - Software Engineering
    Subject code 005
    Publishing date 2022-06-07
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  5. Article ; Online: A qualitative study of developers' discussions of their problems and joys during the early COVID-19 months.

    Uddin, Gias / Alam, Omar / Serebrenik, Alexander

    Empirical software engineering

    2022  Volume 27, Issue 5, Page(s) 117

    Abstract: Many software developers started to work from home on a short notice during the early periods of COVID-19. A number of previous papers have studied the wellbeing and productivity of software developers during COVID-19. The studies mainly use surveys ... ...

    Abstract Many software developers started to work from home on a short notice during the early periods of COVID-19. A number of previous papers have studied the wellbeing and productivity of software developers during COVID-19. The studies mainly use surveys based on predefined questionnaires. In this paper, we investigate the problems and joys that software developers experienced during the early months of COVID-19 by analyzing their discussions in online forum devRant, where discussions can be open and not bound by predefined survey questionnaires. The devRant platform is designed for developers to share their joys and frustrations of life. We manually analyze 825 devRant posts between January and April 12, 2020 that developers created to discuss their situation during COVID-19. WHO declared COVID-19 as pandemic on March 11, 2020. As such, our data offers us insights in the early months of COVID-19. We manually label each post along two dimensions: the topics of the discussion and the expressed sentiment polarity (positive, negative, neutral). We observed 19 topics that we group into six categories: Workplace & Professional aspects, Personal & Family well-being, Technical Aspects, Lockdown preparedness, Financial concerns, and Societal and Educational concerns. Around 49% of the discussions are negative and 26% are positive. We find evidence of developers' struggles with lack of documentation to work remotely and with their loneliness while working from home. We find stories of their job loss with little or no savings to fallback to. The analysis of developer discussions in the early months of a pandemic will help various stakeholders (e.g., software companies) make important decision early to alleviate developer problems if such a pandemic or similar emergency situation occurs in near future. Software engineering research can make further efforts to develop automated tools for remote work (e.g., automated documentation).
    Language English
    Publishing date 2022-06-04
    Publishing country United States
    Document type Journal Article
    ZDB-ID 1479898-0
    ISSN 1573-7616 ; 1382-3256
    ISSN (online) 1573-7616
    ISSN 1382-3256
    DOI 10.1007/s10664-022-10156-z
    Database MEDical Literature Analysis and Retrieval System OnLINE

    Full text online

    More links

    Kategorien

    Order via subito

    This service is chargeable due to the Delivery terms set by subito. Orders including an article and supplementary material will be classified as separate orders. In these cases, fees will be demanded for each order.

  6. Article ; Online: Automatic prediction of rejected edits in Stack Overflow.

    Mondal, Saikat / Uddin, Gias / Roy, Chanchal

    Empirical software engineering

    2022  Volume 28, Issue 1, Page(s) 9

    Abstract: The content quality of shared knowledge in Stack Overflow (SO) is crucial in supporting software developers with their programming problems. Thus, SO allows its users to suggest edits to improve the quality of a post (i.e., question and answer). However, ...

    Abstract The content quality of shared knowledge in Stack Overflow (SO) is crucial in supporting software developers with their programming problems. Thus, SO allows its users to suggest edits to improve the quality of a post (i.e., question and answer). However, existing research shows that many suggested edits in SO are rejected due to undesired contents/formats or violating edit guidelines. Such a scenario frustrates or demotivates users who would like to conduct good-quality edits. Therefore, our research focuses on assisting SO users by offering them suggestions on how to improve their editing of posts. First, we manually investigate 764 (382 questions + 382 answers) rejected edits by rollbacks and produce a catalog of 19 rejection reasons. Second, we extract 15 texts and user-based features to capture those rejection reasons. Third, we develop four machine learning models using those features. Our best-performing model can predict rejected edits with 69.1% precision, 71.2% recall, 70.1% F1-score, and 69.8% overall accuracy. Fourth, we introduce an online tool named EditEx that works with the SO edit system. EditEx can assist users while editing posts by suggesting the potential causes of rejections. We recruit 20 participants to assess the effectiveness of EditEx. Half of the participants (i.e., treatment group) use EditEx and another half (i.e., control group) use the SO standard edit system to edit posts. According to our experiment, EditEx can support SO standard edit system to prevent 49% of rejected edits, including the commonly rejected ones. However, it can prevent 12% rejections even in free-form regular edits. The treatment group finds the potential rejection reasons identified by EditEx
    Language English
    Publishing date 2022-11-24
    Publishing country United States
    Document type Journal Article
    ZDB-ID 1479898-0
    ISSN 1573-7616 ; 1382-3256
    ISSN (online) 1573-7616
    ISSN 1382-3256
    DOI 10.1007/s10664-022-10242-2
    Database MEDical Literature Analysis and Retrieval System OnLINE

    Full text online

    More links

    Kategorien

    Order via subito

    This service is chargeable due to the Delivery terms set by subito. Orders including an article and supplementary material will be classified as separate orders. In these cases, fees will be demanded for each order.

  7. Book ; Online: An Empirical Study of Deep Learning Sentiment Detection Tools for Software Engineering in Cross-Platform Settings

    Uddin, Gias / Alamin, Md Abdullah Al / Das, Ajoy

    2023  

    Abstract: Sentiment detection in software engineering (SE) has shown promise to support diverse development activities. However, given the diversity of SE platforms, SE-specific sentiment detection tools may suffer in performance in cross-platform settings. ... ...

    Abstract Sentiment detection in software engineering (SE) has shown promise to support diverse development activities. However, given the diversity of SE platforms, SE-specific sentiment detection tools may suffer in performance in cross-platform settings. Recently deep learning (DL)-based SE-specific sentiment detection tools are found to offer superior performance than shallow machine learning (ML) based/rule-based tools. However, it is not known how the DL tools perform in cross-platform settings. In this paper, we study whether SE-specific DL sentiment detectors are more effective than shallow ML-based/rule-based sentiment detectors in cross-platform settings. In three datasets, we study three DL tools (SEntiMoji, BERT4SEntiSE, RNN4SentiSE) and compare those against three baselines: two shallow learning tools (Senti4SD, SentiCR) and one rule-based tool (SentistrengthSE). We find that (1) The deep learning SD tools for SE, BERT4SentiSE outperform other supervised tools in cross-platform settings in most cases, but then the tool is outperformed by the rule-based tool SentistrengthSE in most cases. (2) BERT4SentiSE outperforms SentistrengthSE by large margin in within-platform settings across the three datasets and is only narrowly outperformed by SentiStrengthSE in four out of the six cross-platform settings. This finding offers hope for the feasibility to further improve a pre-trained transformer model like BERT4SentiSE in cross-platform settings. (3) The two best-performing deep learning tools (BERT4SentiSE and SentiMoji) show varying level performance drop across the three datasets. We find that this inconsistency is mainly due to the "subjectivity in annotation" and performance improvement for the studied supervised tools in cross-platform settings may require the fixing of the datasets.
    Keywords Computer Science - Software Engineering
    Subject code 020
    Publishing date 2023-01-16
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  8. Book ; Online: Quality Assurance Challenges for Machine Learning Software Applications During Software Development Life Cycle Phases

    Alamin, Md Abdullah Al / Uddin, Gias

    2021  

    Abstract: In the past decades, the revolutionary advances of Machine Learning (ML) have shown a rapid adoption of ML models into software systems of diverse types. Such Machine Learning Software Applications (MLSAs) are gaining importance in our daily lives. As ... ...

    Abstract In the past decades, the revolutionary advances of Machine Learning (ML) have shown a rapid adoption of ML models into software systems of diverse types. Such Machine Learning Software Applications (MLSAs) are gaining importance in our daily lives. As such, the Quality Assurance (QA) of MLSAs is of paramount importance. Several research efforts are dedicated to determining the specific challenges we can face while adopting ML models into software systems. However, we are aware of no research that offered a holistic view of the distribution of those ML quality assurance challenges across the various phases of software development life cycles (SDLC). This paper conducts an in-depth literature review of a large volume of research papers that focused on the quality assurance of ML models. We developed a taxonomy of MLSA quality assurance issues by mapping the various ML adoption challenges across different phases of SDLC. We provide recommendations and research opportunities to improve SDLC practices based on the taxonomy. This mapping can help prioritize quality assurance efforts of MLSAs where the adoption of ML models can be considered crucial.
    Keywords Computer Science - Software Engineering ; Computer Science - Artificial Intelligence
    Subject code 006
    Publishing date 2021-05-03
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  9. Book ; Online: An Empirical Study on Maintainable Method Size in Java

    Chowdhury, Shaiful Alam / Uddin, Gias / Holmes, Reid

    2022  

    Abstract: Code metrics have been widely used to estimate software maintenance effort. Metrics have generally been used to guide developer effort to reduce or avoid future maintenance burdens. Size is the simplest and most widely deployed metric. The size metric is ...

    Abstract Code metrics have been widely used to estimate software maintenance effort. Metrics have generally been used to guide developer effort to reduce or avoid future maintenance burdens. Size is the simplest and most widely deployed metric. The size metric is pervasive because size correlates with many other common metrics (e.g., McCabe complexity, readability, etc.). Given the ease of computing a method's size, and the ubiquity of these metrics in industrial settings, it is surprising that no systematic study has been performed to provide developers with meaningful method size guidelines with respect to future maintenance effort. In this paper we examine the evolution of around 785K Java methods and show that developers should strive to keep their Java methods under 24 lines in length. Additionally, we show that decomposing larger methods to smaller methods also decreases overall maintenance efforts. Taken together, these findings provide empirical guidelines to help developers design their systems in a way that can reduce future maintenance.
    Keywords Computer Science - Software Engineering
    Subject code 005
    Publishing date 2022-05-03
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

  10. Book ; Online: An Empirical Study of Blockchain Repositories in GitHub

    Das, Ajoy / Uddin, Gias / Ruhe, Guenther

    2022  

    Abstract: Blockchain is a distributed ledger technique that guarantees the traceability of transactions. Blockchain is adopted in multiple domains like finance (e.g., cryptocurrency), healthcare, security, and supply chain. In the open-source software (OSS) portal ...

    Abstract Blockchain is a distributed ledger technique that guarantees the traceability of transactions. Blockchain is adopted in multiple domains like finance (e.g., cryptocurrency), healthcare, security, and supply chain. In the open-source software (OSS) portal GitHub, we observe a growing adoption of Blockchain-based solutions. Given the rapid emergence of Blockchain-based solutions in our daily life and the evolving cryptocurrency market, it is important to know the status quo, how developers generally interact in those repos, and how much freedom they have in applying code changes. We report an empirical study of 3,664 Blockchain software repositories from GitHub. We divide the Blockchain repositories into two categories: Tool (e.g., SDKs) and Applications (e.g., service/solutions developed using SDKs). The Application category is further divided into two sub-categories: Crypto and Non-Crypto applications. In all Blockchain repository categories, the contribution interactions on commits are the most common interaction type. We found that more organizations contributing to the Blockchain repos than individual users. The median numbers of internal and external users in tools are higher than the application repos. We observed a higher degree of collaboration (e.g., for maintenance efforts) among users in Blockchain tools than those in the application repos. Among the artifacts, issues have a greater number of interactions than commits and pull requests. Related to autonomy we found that less than half of total project contributions are autonomous. Our findings offer implications to Blockchain stakeholders, like developers to stay aware of OSS practices around Blockchain software.

    Comment: The International Conference on Evaluation and Assessment in Software Engineering 2022 (EASE 2022)
    Keywords Computer Science - Cryptography and Security ; Computer Science - Software Engineering
    Subject code 005 ; 303
    Publishing date 2022-05-17
    Publishing country us
    Document type Book ; Online
    Database BASE - Bielefeld Academic Search Engine (life sciences selection)

    Full text online

    More links

    Kategorien

    Inter-library loan at ZB MED

    Your chosen title can be delivered directly to ZB MED Cologne location if you are registered as a user at ZB MED Cologne.

To top