{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:15:49Z","timestamp":1750220149135,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":43,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,9,19]],"date-time":"2022-09-19T00:00:00Z","timestamp":1663545600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,9,19]]},"DOI":"10.1145\/3544902.3546235","type":"proceedings-article","created":{"date-parts":[[2022,9,7]],"date-time":"2022-09-07T04:07:45Z","timestamp":1662523665000},"page":"92-102","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Does Collaborative Editing Help Mitigate Security Vulnerabilities in Crowd-Shared IoT Code Examples?"],"prefix":"10.1145","author":[{"given":"Madhu","family":"Selvaraj","sequence":"first","affiliation":[{"name":"University of Calgary, Canada"}]},{"given":"Gias","family":"Uddin","sequence":"additional","affiliation":[{"name":"University of Calgary, Canada"}]}],"member":"320","published-online":{"date-parts":[[2022,9,19]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/3379597.3387472"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2444095"},{"key":"#cr-split#-e_1_3_2_1_3_1.1","doi-asserted-by":"crossref","unstructured":"Andrei Arusoaie Stefan Ciobaca Vlad Craciun Dragos Gavrilut and Dorel Lucanu. 2017. A Comparison of Open-Source Static Analysis Tools for Vulnerability Detection in C\/C++ Code. 161-168. https:\/\/doi.org\/10.1109\/SYNASC.2017.00035 10.1109\/SYNASC.2017.00035","DOI":"10.1109\/SYNASC.2017.00035"},{"key":"#cr-split#-e_1_3_2_1_3_1.2","doi-asserted-by":"crossref","unstructured":"Andrei Arusoaie Stefan Ciobaca Vlad Craciun Dragos Gavrilut and Dorel Lucanu. 2017. A Comparison of Open-Source Static Analysis Tools for Vulnerability Detection in C\/C++ Code. 161-168. https:\/\/doi.org\/10.1109\/SYNASC.2017.00035","DOI":"10.1109\/SYNASC.2017.00035"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3338906.3338939"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3196398.3196430"},{"key":"e_1_3_2_1_6_1","volume-title":"USENIX Conference on Usenix Annual Technical Conference. 147 \u2013 158","author":"Celik Z\u00a0Berkay","year":"2018","unstructured":"Z\u00a0Berkay Celik , Patrick\u00a0Drew McDaniel , and Gang Tan . 2018 . SOTERIA: automated IoT safety and security analysis . In USENIX Conference on Usenix Annual Technical Conference. 147 \u2013 158 . Z\u00a0Berkay Celik, Patrick\u00a0Drew McDaniel, and Gang Tan. 2018. SOTERIA: automated IoT safety and security analysis. In USENIX Conference on Usenix Annual Technical Conference. 147 \u2013 158."},{"key":"e_1_3_2_1_7_1","volume-title":"IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT. In Network and Distributed System Security Symposium. 15","author":"Celik Z\u00a0Berkay","year":"2019","unstructured":"Z\u00a0Berkay Celik , Gang Tan , and Patrick\u00a0Drew McDaniel . 2019 . IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT. In Network and Distributed System Security Symposium. 15 . Z\u00a0Berkay Celik, Gang Tan, and Patrick\u00a0Drew McDaniel. 2019. IoTGuard: Dynamic Enforcement of Security and Safety Policy in Commodity IoT. In Network and Distributed System Security Symposium. 15."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"crossref","unstructured":"Partha Chakraborty Rifat Shahriyar Anindya Iqbal and Gias Uddin. 2021. How Do Developers Discuss and Support New Programming Languages in Technical Q&A Site? An Empirical Study of Go Swift and Rust in Stack Overflow. Information and Software Technology (IST)(2021) 19.  Partha Chakraborty Rifat Shahriyar Anindya Iqbal and Gias Uddin. 2021. How Do Developers Discuss and Support New Programming Languages in Technical Q&A Site? An Empirical Study of Go Swift and Rust in Stack Overflow. Information and Software Technology (IST)(2021) 19.","DOI":"10.1016\/j.infsof.2021.106603"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/CTS.2012.6261022"},{"key":"e_1_3_2_1_10_1","volume-title":"Detection and Handling. In 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. 411\u2013423","author":"Chi Haotian","year":"2020","unstructured":"Haotian Chi , Qiang Zeng , Xiaojiang Du , and Jiaping Yu . 2020 . Cross-App Interference Threats in Smart Homes: Categorization , Detection and Handling. In 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. 411\u2013423 . Haotian Chi, Qiang Zeng, Xiaojiang Du, and Jiaping Yu. 2020. Cross-App Interference Threats in Smart Homes: Categorization, Detection and Handling. In 50th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. 411\u2013423."},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.31"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2017.2767291"},{"key":"e_1_3_2_1_13_1","volume-title":"PIANO: Proximity-Based User Authentication on Voice-Powered Internet-of-Things Devices. In 37th International Conference on Distributed Computing Systems. 2212 \u2013 2219","author":"Gong Neil\u00a0Zhenqiang","year":"2017","unstructured":"Neil\u00a0Zhenqiang Gong , Altay Ozen , Yu Wu , Xiaoyu Cao , Richard Shin , Dawn Song , Hongxia Jin , and Xuan Bao . 2017 . PIANO: Proximity-Based User Authentication on Voice-Powered Internet-of-Things Devices. In 37th International Conference on Distributed Computing Systems. 2212 \u2013 2219 . Neil\u00a0Zhenqiang Gong, Altay Ozen, Yu Wu, Xiaoyu Cao, Richard Shin, Dawn Song, Hongxia Jin, and Xuan Bao. 2017. PIANO: Proximity-Based User Authentication on Voice-Powered Internet-of-Things Devices. In 37th International Conference on Distributed Computing Systems. 2212 \u2013 2219."},{"key":"e_1_3_2_1_14_1","unstructured":"GuessLang. n.d. Guesslang documentation. https:\/\/guesslang.readthedocs.io\/en\/latest\/#:$$:text=Guesslang%20detects%20the%20programming%20language a%20million%20source%20code%20files.. Accessed: 2021-11-23.  GuessLang. n.d. Guesslang documentation. https:\/\/guesslang.readthedocs.io\/en\/latest\/#:$$:text=Guesslang%20detects%20the%20programming%20language a%20million%20source%20code%20files.. Accessed: 2021-11-23."},{"key":"e_1_3_2_1_15_1","volume-title":"Smart Homes: Security Challenges and Privacy Concerns. (10","author":"Hall Fraser","year":"2020","unstructured":"Fraser Hall , Leandros Maglaras , Theodoros Aivaliotis , Loukas Xagoraris , and Ioanna Kantzavelou . 2020 . Smart Homes: Security Challenges and Privacy Concerns. (10 2020), 1\u20133. Fraser Hall, Leandros Maglaras, Theodoros Aivaliotis, Loukas Xagoraris, and Ioanna Kantzavelou. 2020. Smart Homes: Security Challenges and Privacy Concerns. (10 2020), 1\u20133."},{"key":"e_1_3_2_1_16_1","volume-title":"27th USENIX Conference on Security Symposium. 255 \u2013 272","author":"He Weijia","year":"2018","unstructured":"Weijia He , Maximilian Golla , Roshni Padhi , Jordan Ofek , Markus D\u00fcrmuth , Earlence Fernandes , and Blase Ur . 2018 . Rethinking access control and authentication for the home internet of things (IoT) . In 27th USENIX Conference on Security Symposium. 255 \u2013 272 . Weijia He, Maximilian Golla, Roshni Padhi, Jordan Ofek, Markus D\u00fcrmuth, Earlence Fernandes, and Blase Ur. 2018. Rethinking access control and authentication for the home internet of things (IoT). In 27th USENIX Conference on Security Symposium. 255 \u2013 272."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.14569\/IJACSA.2019.0100611"},{"key":"e_1_3_2_1_18_1","volume-title":"Spotting working code examples. (05","author":"Keivanloo Iman","year":"2014","unstructured":"Iman Keivanloo , Juergen Rilling , and Ying Zou . 2014. Spotting working code examples. (05 2014 ), 7. https:\/\/doi.org\/10.1145\/2568225.2568292 10.1145\/2568225.2568292 Iman Keivanloo, Juergen Rilling, and Ying Zou. 2014. Spotting working code examples. (05 2014), 7. https:\/\/doi.org\/10.1145\/2568225.2568292"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2017.11.022"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2022.106970"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2017.2689040"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/CHASE.2017.53"},{"key":"e_1_3_2_1_23_1","volume-title":"CWE VIEW: Weaknesses in Software Written in C. Accessed: 2021-11-10.","author":"MITRE.","year":"2021","unstructured":"MITRE. 2021 . CWE VIEW: Weaknesses in Software Written in C. Accessed: 2021-11-10. MITRE. 2021. CWE VIEW: Weaknesses in Software Written in C. Accessed: 2021-11-10."},{"key":"e_1_3_2_1_24_1","volume-title":"CWE VIEW: Weaknesses in Software Written in C++. Accessed: 2021-11-10.","author":"MITRE.","year":"2021","unstructured":"MITRE. 2021 . CWE VIEW: Weaknesses in Software Written in C++. Accessed: 2021-11-10. MITRE. 2021. CWE VIEW: Weaknesses in Software Written in C++. Accessed: 2021-11-10."},{"key":"e_1_3_2_1_25_1","unstructured":"MITRE. n.d. About CWE. https:\/\/cwe.mitre.org\/about\/index.html Accessed: 2021-10-18.  MITRE. n.d. About CWE. https:\/\/cwe.mitre.org\/about\/index.html Accessed: 2021-10-18."},{"key":"e_1_3_2_1_26_1","unstructured":"MITRE. n.d. CWE List Version 4.6. Accessed: 2021-11-2.  MITRE. n.d. CWE List Version 4.6. Accessed: 2021-11-2."},{"key":"e_1_3_2_1_27_1","volume-title":"Defending Against Software Supply Chain Attacks. https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/defending_against_software_supply_chain_attacks_508_1.pdf. [Online","author":"National\u00a0Institute of Standards and Technology. 2021.","year":"2022","unstructured":"National\u00a0Institute of Standards and Technology. 2021. Defending Against Software Supply Chain Attacks. https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/defending_against_software_supply_chain_attacks_508_1.pdf. [Online ; accessed 1- May - 2022 ]. National\u00a0Institute of Standards and Technology. 2021. Defending Against Software Supply Chain Attacks. https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/defending_against_software_supply_chain_attacks_508_1.pdf. [Online; accessed 1-May-2022]."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSR.2019.00040"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.14"},{"key":"e_1_3_2_1_30_1","unstructured":"Satyajit Sinha. 2021. State of IoT 2021: Number of connected IoT devices growing 9% to 12.3 billion globally cellular IoT now surpassing 2 billion. https:\/\/iot-analytics.com\/number-connected-iot-devices\/.  Satyajit Sinha. 2021. State of IoT 2021: Number of connected IoT devices growing 9% to 12.3 billion globally cellular IoT now surpassing 2 billion. https:\/\/iot-analytics.com\/number-connected-iot-devices\/."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2019.2953549"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.5555\/3155562.3155585"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"crossref","unstructured":"Gias Uddin. 2021. Security and Machine Learning Adoption in IoT: A Preliminary Study of IoT Developer Discussions. arxiv:2104.00634\u00a0[cs.CR]  Gias Uddin. 2021. Security and Machine Learning Adoption in IoT: A Preliminary Study of IoT Developer Discussions. arxiv:2104.00634\u00a0[cs.CR]","DOI":"10.1109\/SERP4IoT52556.2021.00013"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.5555\/3155562.3155586"},{"key":"e_1_3_2_1_35_1","volume-title":"Automatic Opinion Mining from API Reviews from Stack Overflow","author":"Uddin Gias","year":"2019","unstructured":"Gias Uddin and Foutse Khomh . 2019. Automatic Opinion Mining from API Reviews from Stack Overflow . IEEE Transactions on Software Engineering( 2019 ), 35. Gias Uddin and Foutse Khomh. 2019. Automatic Opinion Mining from API Reviews from Stack Overflow. IEEE Transactions on Software Engineering(2019), 35."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"crossref","unstructured":"Gias Uddin Foutse Khomh and Chanchal\u00a0K Roy. 2020. Automatic Mining of API Usage Scenarios from Stack Overflow. Information and Software Technology (IST)(2020) 16.  Gias Uddin Foutse Khomh and Chanchal\u00a0K Roy. 2020. Automatic Mining of API Usage Scenarios from Stack Overflow. Information and Software Technology (IST)(2020) 16.","DOI":"10.1016\/j.infsof.2020.106277"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/MS.2014.80"},{"key":"e_1_3_2_1_39_1","volume-title":"An Empirical Study of IoT Topics in IoT Developer Discussions on Stack Overflow. Empirical Software Engineering 26, 121","author":"Uddin Gias","year":"2021","unstructured":"Gias Uddin , Fatima Sabir , Yann-Ga\u00ebl Gu\u00e9h\u00e9neuc , Omar Alam , and Foutse Khomh . 2021. An Empirical Study of IoT Topics in IoT Developer Discussions on Stack Overflow. Empirical Software Engineering 26, 121 ( 2021 ). Gias Uddin, Fatima Sabir, Yann-Ga\u00ebl Gu\u00e9h\u00e9neuc, Omar Alam, and Foutse Khomh. 2021. An Empirical Study of IoT Topics in IoT Developer Discussions on Stack Overflow. Empirical Software Engineering 26, 121 (2021)."},{"key":"e_1_3_2_1_40_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSE.2020.3023664"},{"key":"e_1_3_2_1_41_1","volume-title":"How Do Developers Utilize Source Code from Stack Overflow?Empirical Software Engineering 24 (04","author":"Wu Yuhao","year":"2019","unstructured":"Yuhao Wu , Shaowei Wang , Cor-Paul Bezemer , and Katsuro Inoue . 2019. How Do Developers Utilize Source Code from Stack Overflow?Empirical Software Engineering 24 (04 2019 ), 2. https:\/\/doi.org\/10.1007\/s10664-018-9634-5 10.1007\/s10664-018-9634-5 Yuhao Wu, Shaowei Wang, Cor-Paul Bezemer, and Katsuro Inoue. 2019. How Do Developers Utilize Source Code from Stack Overflow?Empirical Software Engineering 24 (04 2019), 2. https:\/\/doi.org\/10.1007\/s10664-018-9634-5"},{"key":"e_1_3_2_1_42_1","volume-title":"A Study of C\/C++ Code Weaknesses on Stack Overflow","author":"Zhang Haoxiang","year":"2021","unstructured":"Haoxiang Zhang , Shaowei Wang , Heng Li , Tse- Hsun\u00a0Peter Chen , and Ahmed\u00a0 E. Hassan . 2021. A Study of C\/C++ Code Weaknesses on Stack Overflow . IEEE Transactions on Software Engineering PP ( 02 2021 ), 1\u201315. https:\/\/doi.org\/10.1109\/TSE.2021.3058985 10.1109\/TSE.2021.3058985 Haoxiang Zhang, Shaowei Wang, Heng Li, Tse-Hsun\u00a0Peter Chen, and Ahmed\u00a0E. Hassan. 2021. A Study of C\/C++ Code Weaknesses on Stack Overflow. IEEE Transactions on Software Engineering PP (02 2021), 1\u201315. https:\/\/doi.org\/10.1109\/TSE.2021.3058985"},{"key":"e_1_3_2_1_43_1","volume-title":"IoT Security: Ongoing Challenges and Research Opportunities. In IEEE 7th International Conference on Service-Oriented Computing and Applications. 230\u2013234","author":"Zhang Zhi-Kai","year":"2014","unstructured":"Zhi-Kai Zhang , Michael Cheng\u00a0Yi Cho , Chia-Wei Wang , Chia-Wei Hsu , Chong-Kuan Chen , and Shiuhpyng Shieh . 2014 . IoT Security: Ongoing Challenges and Research Opportunities. In IEEE 7th International Conference on Service-Oriented Computing and Applications. 230\u2013234 . Zhi-Kai Zhang, Michael Cheng\u00a0Yi Cho, Chia-Wei Wang, Chia-Wei Hsu, Chong-Kuan Chen, and Shiuhpyng Shieh. 2014. IoT Security: Ongoing Challenges and Research Opportunities. In IEEE 7th International Conference on Service-Oriented Computing and Applications. 230\u2013234."}],"event":{"name":"ESEM '22: ACM \/ IEEE International Symposium on Empirical Software Engineering and Measurement","sponsor":["SIGSOFT ACM Special Interest Group on Software Engineering"],"location":"Helsinki Finland","acronym":"ESEM '22"},"container-title":["Proceedings of the 16th ACM \/ IEEE International Symposium on Empirical Software Engineering and Measurement"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3544902.3546235","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3544902.3546235","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:00:07Z","timestamp":1750186807000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3544902.3546235"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,9,19]]},"references-count":43,"alternative-id":["10.1145\/3544902.3546235","10.1145\/3544902"],"URL":"https:\/\/doi.org\/10.1145\/3544902.3546235","relation":{},"subject":[],"published":{"date-parts":[[2022,9,19]]},"assertion":[{"value":"2022-09-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}