Abstract
Online information sources have a considerable influence on the security of applications developed. Prior research has shown that insecure code snippets and security advice is pervasive in popular information sources. DCS as a field has suggested interventions with respect to the usage of such information sources. We argue that such interventions are based only on the study of the demand side, where as interventions to be effective in any production environment needs to be situated on a comprehensive understanding of both demand side & supply side. We study the supply side of a popular source for security knowledge -- Security Stack~Exchange. Our findings reveal that the manner in which the forum identifies its top answerers is inadequate. We find 424 additional answerers whose engagement and topic interests are similar to the ranked top answerers. We term the collective of these power users irrespective of their reputation as CSCs. The significance of this work lie in equipping the community with the information on where to intervene and how to intervene. Our work can serve as a methodological foundation to study network characteristics which is critical for improved user experience and to keep information networks relevant.
Original language | English |
---|---|
Title of host publication | IEEE Secure Development Conference |
Publisher | IEEE Computer Society |
Publication status | Accepted/In press - 12 Jul 2024 |
Structured keywords
- Cyber Security