An Introduction to Data Analytics For Software Security

Lotfi ben Othmane, Achim D. Brucker, Stanislav Dashevskyi und Peter Tsalovski

Cover for othmane.ea:data-analytics:2017.In this chapter, we report on our own experiences in empirical secure software research at, SAP SE, the largest European software vendor. Based on this, we derive an actionable recommendations for building the foundations of an expressive data science for software security: we focus on using data analytics for improving the secure software development. Data analytics is the science of examining raw data with the purpose of drawing conclusions about that information using machine learning methods or statistical learning methods. Data analytical techniques have been successfully used in both the cyber-security domain as well as the software engineering domain. For example, Jackobe and Rudis showed how to learn virus propagation and characteristics of data breaches form public data. Data analytical methods are also commonly used to investigate software engineering challenges such as effort prediction. Thus, applying these techniques to the intersection of both areas to help practitioners to develop more secure software with less effort, seems promising.

Schlüsselwörter:
Kategorien: ,
Dokumente: (Artikel als PDF Datei)

QR Code for othmane.ea:data-analytics:2017.Bitte zitieren sie diesen Artikel wie folgt:
Lotfi ben Othmane, Achim D. Brucker, Stanislav Dashevskyi und Peter Tsalovski. An Introduction to Data Analytics For Software Security. In Empirical Research for Software Security: Foundations and Experience. Series in Security, Privacy and Trust, pages 69-94, CRC Press, 2017.
(Artikel als PDF Datei) (BibTeX) (Endnote) (RIS) (Word) (Share article on LinkedIn. Share article on CiteULike.)

BibTeX
@InCollection{ othmane.ea:data-analytics:2017,
abstract = {In this chapter, we report on our own experiences in empirical secure software research at, SAP SE, the largest European software vendor. Based on this, we derive an actionable recommendations for building the foundations of an expressive data science for software security: we focus on using \emph{data analytics} for improving the secure software development. Data analytics is the science of examining raw data with the purpose of drawing conclusions about that information using machine learning methods or statistical learning methods. Data analytical techniques have been successfully used in both the cyber-security domain as well as the software engineering domain. For example, Jackobe and Rudis showed how to learn virus propagation and characteristics of data breaches form public data. Data analytical methods are also commonly used to investigate software engineering challenges such as effort prediction. Thus, applying these techniques to the intersection of both areas to help practitioners to develop more secure software with less effort, seems promising.},
author = {Lotfi ben Othmane and Achim D. Brucker and Stanislav Dashevskyi and Peter Tsalovski},
booktitle = {Empirical Research for Software Security: Foundations and Experience},
chapter = {3},
editor = {Lotfi ben Othmane and Martin Gilje Jaatun and Edgar Weippl},
isbn = {9781498776417},
month = {dec},
pages = {69--94},
pdf = {https://www.brucker.ch/bibliography/download/2017/othmane.ea-data-analytics-2017.pdf},
publisher = {CRC Press},
series = {Series in Security, Privacy and Trust},
title = {An Introduction to Data Analytics For Software Security},
url = {https://www.brucker.ch/bibliography/abstract/othmane.ea-data-analytics-2017},
year = {2017},
}