Research indicates significant challenges developers face regarding security in data transmission, with a primary focus on transport layer security (TLS) and Cross-Site Scripting (XSS) attacks. Various studies have analyzed security-related inquiries on platforms like Stack Overflow, identifying categories such as web and mobile security, cryptography, software, and system security. Many developers show a lack of understanding of security implications, particularly in secure coding practices in Java. Frequent cryptographic obstacles have been documented, revealing a negative effect on developer performance and software security.
In a study conducted by Sifat et al., data from Crypto Stack Exchange, Security Stack Exchange, and Quora revealed that transport layer security (TLS) is the predominant focus, while Cross-Site Scripting (XSS) attacks are a significant concern among developers.
Yang et al. performed a large-scale analysis of security questions on Stack Overflow, categorizing them into web security, mobile security, cryptography, software security, and system security but did not assess the challenges associated with these topics.
Meng et al.'s research highlights that many developers are unaware of security implications of secure coding practices in Java, such as CSRF tokens, leading to serious vulnerabilities.
Nandi et al. found that Java developers frequently struggle with cryptographic challenges, identifying nine main topics that complicate cryptographic implementations, negatively impacting both development efficiency and software security.
Collection
[
|
...
]