Community security champions: Studying the most influential users on Security Stack~Exchange

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

Abstract

Online information sources have a considerable influence on the security of applications developed. Prior research has shown that insecure code snippets and security advice is pervasive in popular information sources. DCS as a field has suggested interventions with respect to the usage of such information sources. We argue that such interventions are based only on the study of the demand side, where as interventions to be effective in any production environment needs to be situated on a comprehensive understanding of both demand side & supply side. We study the supply side of a popular source for security knowledge -- Security Stack~Exchange. Our findings reveal that the manner in which the forum identifies its top answerers is inadequate. We find 424 additional answerers whose engagement and topic interests are similar to the ranked top answerers. We term the collective of these power users irrespective of their reputation as CSCs. The significance of this work lie in equipping the community with the information on where to intervene and how to intervene. Our work can serve as a methodological foundation to study network characteristics which is critical for improved user experience and to keep information networks relevant.
Original languageEnglish
Title of host publicationIEEE Secure Development Conference
PublisherIEEE Computer Society
Publication statusAccepted/In press - 12 Jul 2024

Structured keywords

  • Cyber Security

Fingerprint

Dive into the research topics of 'Community security champions: Studying the most influential users on Security Stack~Exchange'. Together they form a unique fingerprint.

Cite this