Multiple social platforms reveal actionable signals for software vulnerability awareness: A study of GitHub, Twitter and Reddit.

08:00 EDT 24th March 2020 | BioPortfolio

Summary of "Multiple social platforms reveal actionable signals for software vulnerability awareness: A study of GitHub, Twitter and Reddit."

The awareness about software vulnerabilities is crucial to ensure effective cybersecurity practices, the development of high-quality software, and, ultimately, national security. This awareness can be better understood by studying the spread, structure and evolution of software vulnerability discussions across online communities. This work is the first to evaluate and contrast how discussions about software vulnerabilities spread on three social platforms-Twitter, GitHub, and Reddit. Moreover, we measure how user-level e.g., bot or not, and content-level characteristics e.g., vulnerability severity, post subjectivity, targeted operating systems as well as social network topology influence the rate of vulnerability discussion spread. To lay the groundwork, we present a novel fundamental framework for measuring information spread in multiple social platforms that identifies spread mechanisms and observables, units of information, and groups of measurements. We then contrast topologies for three social networks and analyze the effect of the network structure on the way discussions about vulnerabilities spread. We measure the scale and speed of the discussion spread to understand how far and how wide they go, how many users participate, and the duration of their spread. To demonstrate the awareness of more impactful vulnerabilities, a subset of our analysis focuses on vulnerabilities targeted during recent major cyber-attacks and those exploited by advanced persistent threat groups. One of our major findings is that most discussions start on GitHub not only before Twitter and Reddit, but even before a vulnerability is officially published. The severity of a vulnerability contributes to how much it spreads, especially on Twitter. Highly severe vulnerabilities have significantly deeper, broader and more viral discussion threads. When analyzing vulnerabilities in software products we found that different flavors of Linux received the highest discussion volume. We also observe that Twitter discussions started by humans have larger size, breadth, depth, adoption rate, lifetime, and structural virality compared to those started by bots. On Reddit, discussion threads of positive posts are larger, wider, and deeper than negative or neutral posts. We also found that all three networks have high modularity that encourages spread. However, the spread on GitHub is different from other networks, because GitHub is more dense, has stronger community structure and assortativity that enhances information diffusion. We anticipate the results of our analysis to not only increase the understanding of software vulnerability awareness but also inform the existing and new analytical frameworks for simulating information spread e.g., disinformation across multiple social environments online.


Journal Details

This article was published in the following journal.

Name: PloS one
ISSN: 1932-6203
Pages: e0230250


DeepDyve research library

PubMed Articles [16776 Associated PubMed Articles listed on BioPortfolio]

Open source software security vulnerability detection based on dynamic behavior features.

Open source software has been widely used in various industries due to its openness and flexibility, but it also brings potential security problems. Therefore, security analysis is required before usi...

A cross-syndrome approach to the social phenotype of neurodevelopmental disorders: Focusing on social vulnerability and social interaction style.

Following Annette Karmiloff-Smith's approach to cognitive research, this study applied a cross-syndrome approach to the social phenotype, focusing on social vulnerability (SV) and the factors that con...

Influence of online social software on HIV transmission among men who have sex with men.

The prevention and control of human immunodeficiency virus (HIV) infection is important for public health. Sexual contact transmission has replaced blood transmission as a major route of HIV transmiss...

Perceptions and Sentiments About Electronic Cigarettes on Social Media Platforms: Systematic Review.

Electronic cigarettes (e-cigarettes) have been widely promoted on the internet, and subsequently, social media has been used as an important informative platform by e-cigarette users. Beliefs and know...

Cooperation Learning From Multiple Social Networks: Consistent and Complementary Perspectives.

GWI survey has highlighted the flourishing use of multiple social networks: the average number of social media accounts per Internet user is 5.54, and among them, 2.82 are being used actively. Indeed,...

Clinical Trials [8468 Associated Clinical Trials listed on BioPortfolio]

AI-based Social Software to Manage wARfarin Therapy

The investigators have demonstrated that social software could improve warfarin therapy quality by Human management. however,the efficiency of management will decline if patients' number e...

Response to Social Rejection in Suicidal Behavior

Suicide is a major health problem that causes annually a million death worldwild. In the stress-vulnerability model, suicidal behavior (SB) results from the interaction between an individu...

Validation of a Screening Tool for Social and Health Vulnerability in Pediatric Clinical Practice

In 2014, the french hospital emphasized the need for tools to screen for social fragility in order to make explicit the choices of orientation of patients. To date, caregivers do not have ...

Use of Conversation and Acoustic Signals in Measuring Depression Severity

The purpose of this study is to test a new monitoring technology that uses the sound of a depressed person's speech to assess the severity of depression symptoms. The Vocal Social Signals...

Feasibility of a Social Media-based Weight Loss Program for Low Socioeconomic Status Individuals

The purpose of this study is to see if it is practical to use social media-based and traditional online weight loss intervention components among low socioeconomic status participants usin...

Medical and Biotech [MESH] Definitions

Platforms that provide the ability and tools to create and publish information accessed via the INTERNET. Generally these platforms have three characteristics with content user generated, high degree of interaction between creator and viewer, and easily integrated with other sites.

Instrumentation consisting of hardware and software that communicates with the BRAIN. The hardware component of the interface records brain signals, while the software component analyzes the signals and converts them into a command that controls a device or sends a feedback signal to the brain.

A state of increased vulnerability to stressors, following declines in function and reserves across multiple physiologic systems, characterized by MUSCLE WEAKNESS; FATIGUE; slowed motor performance; low physical activity; and unintentional weight loss.

The act of testing the software for compliance with a standard.

Specifications and instructions applied to the software.

Quick Search

DeepDyve research library

Searches Linking to this Article