Fabien Patrick ViertelLeibniz Universität Hannover · Institute of Practical Computer Science
Fabien Patrick Viertel
Doctor of Engineering
About
7
Publications
1,815
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
11
Citations
Citations since 2017
Publications
Publications (7)
The goal of this dissertation is to support developers in applying security checks using community knowledge. Artificial intelligence approaches combined with natural language processing techniques are employed to identify security-related information from community websites such as Stack Overflow or GitHub. All security-related information is stor...
Nowadays, confidential data of users and companies are processed by various software applications. Therefore, it is necessary to protect them against security flaws in source code, which could, for example, allow the infringement of privacy. However, developers are usually not equipped with the required expertise to fulfill this task. To their resc...
Accessible via digital conference Proceedings: http://ksiresearchorg.ipage.com/seke/Proceedings/seke/SEKE2019_Proceedings.pdf
This chapter describes two perspectives on the identification and externalisation of tacit knowledge, that is expertise that is difficult to verbalise, within long-living and continuously evolving systems. During the design time of a software system, heuristics and machine learning classifiers can be used to identify and externalise tacit knowledge...
In this chapter, we introduce a three-layered framework for maintaining security in software evolution at design time and run time. Additionally, we present a suite of five approaches that employ the framework. Two approaches focus on design-time use of knowledge extracted from natural-language documents to identify potential steps for co-evolving...
Nowadays, there are many software libraries for different purposes that are used by various projects. An application is only as secure as its weakest component; thus if an imported library includes a certain vulnerability, an application could get insecure. Therefore a widespread search for existing security flaws within used libraries is necessary...
Due to the security threats faced in the connected world, the consideration of security requirements during system design and modeling has become a necessity. Unfortunately, the identification of new requirements that may arise throughout additional phases of a system's life-cycle (e.g. operation) must also be considered due to the ever-changing th...
Questions
Question (1)
Dear Researchgate-community,
how good is your security expertise at distinguishing what Stack Overflow content of user posts is secure or not?
My name is Fabien Patrick Viertel a PhD-student at the Leibniz University Hannover from Germany and I am the author of the CRISIS2020 conference paper:
"Community Knowledge about Security: Identification and Classification of User Contributions"
We plan to analyze developers and security experts' security knowledge about detecting posts containing vulnerable, patch, or exploit code fragments. Please participate in our survey to investigate this successfully. The survey is optimized for desktop computers.
You can reach the survey by the following links or via scanning one of the QR-codes.
Thank you for your participation and best regards,
Fabien Patrick Viertel
Software Engineering
Leibniz University Hannover
