{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,18]],"date-time":"2026-03-18T13:59:30Z","timestamp":1773842370462,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":126,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,12,2]],"date-time":"2024-12-02T00:00:00Z","timestamp":1733097600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690190","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"2651-2665","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Skipping the Security Side Quests: A Qualitative Study on Security Practices and Challenges in Game Development"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-8829-6074","authenticated-orcid":false,"given":"Philip","family":"Klostermeyer","sequence":"first","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Hanover, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-2315-8989","authenticated-orcid":false,"given":"Sabrina","family":"Klivan","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Hanover, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4284-0473","authenticated-orcid":false,"given":"Sandra","family":"H\u00f6ltervennhoff","sequence":"additional","affiliation":[{"name":"Leibniz University Hannover, Hanover, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2993-2568","authenticated-orcid":false,"given":"Alexander","family":"Krause","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Hanover, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5621-8461","authenticated-orcid":false,"given":"Niklas","family":"Busch","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Hanover, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5644-3316","authenticated-orcid":false,"given":"Sascha","family":"Fahl","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, Hanover, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"https:\/\/newzoo.com\/resources\/trend-reports\/newzoo-global-games-market-report-2023-free-version 2024."},{"key":"e_1_3_2_1_2_1","unstructured":"https:\/\/pwc.com\/gx\/en\/industries\/tmt\/media\/outlook\/insights-and-perspectives.html 2023."},{"key":"e_1_3_2_1_3_1","unstructured":"https:\/\/akamai.com\/newsroom\/press-release\/state-of-the-internet-security-web-attacks-and-gaming-abuse 2019."},{"key":"e_1_3_2_1_4_1","unstructured":"https:\/\/akamai.com\/newsroom\/press-release\/akamai-research-shows-attacks-on-gaming-companies-more-than-doubled-over-past-year 2022."},{"key":"e_1_3_2_1_5_1","unstructured":"L. -E. Dubois and J. Weststar 'Games-as-a-service: Conflicted identities on the new front-line of video game development ' New Media & Society"},{"key":"e_1_3_2_1_6_1","volume-title":"Player Activity and Popularity in Online Social Games and their Implications for Player Retention,' in 16th Annual Workshop on Network and Systems Support for Games (NetGames)","author":"Gu L.","year":"2018","unstructured":"L. Gu and A. L. Jia, 'Player Activity and Popularity in Online Social Games and their Implications for Player Retention,' in 16th Annual Workshop on Network and Systems Support for Games (NetGames), 2018."},{"key":"e_1_3_2_1_7_1","volume-title":"Understanding mobile game success: A study of features related to acquisition, retention and monetization","author":"Moreira A. V. M.","year":"2014","unstructured":"A. V. M. Moreira, V. V. Filho, and G. Ramalho, 'Understanding mobile game success: A study of features related to acquisition, retention and monetization,' 2014."},{"key":"e_1_3_2_1_8_1","unstructured":"https:\/\/forbes.com\/sites\/jasonwosborne\/2023\/05\/25\/how-loot-boxes-in-childrens-video-games-encourage-gambling\/ 2023."},{"key":"e_1_3_2_1_9_1","unstructured":"https:\/\/bbc.co.uk\/news\/entertainment-arts-65855157 2023."},{"key":"e_1_3_2_1_10_1","unstructured":"https:\/\/resources.irdeto.com\/media\/irdeto-global-gaming-survey-report 2018."},{"key":"e_1_3_2_1_11_1","unstructured":"https:\/\/blog.irdeto.com\/video-gaming\/cheating-in-games-everything-you-always-wanted-to-know-about-it\/ 2022."},{"key":"e_1_3_2_1_12_1","unstructured":"https:\/\/washingtonpost.com\/video-games\/2022\/09\/09\/roblox-ads-metaverse\/ 2022."},{"key":"e_1_3_2_1_13_1","unstructured":"https:\/\/theesa.com\/2023-essential-facts\/ 2023."},{"key":"e_1_3_2_1_14_1","unstructured":"https:\/\/flashpoint.io\/blog\/rce-vulnerability-dark-souls\/ 2022."},{"key":"e_1_3_2_1_15_1","unstructured":"https:\/\/trendmicro.com\/en_us\/research\/22\/h\/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html 2022."},{"key":"e_1_3_2_1_16_1","unstructured":"https:\/\/bleepingcomputer.com\/news\/security\/counter-strike-2-html-injection-bug-exposes-players-ip-addresses\/ 2023."},{"key":"e_1_3_2_1_17_1","unstructured":"https:\/\/pcgamer.com\/games\/battle-royale\/respawn-finally-comments-on-apex-cheating-scandal-that-saw-pro-players-games- hijacked- basically-says-nothing-at-all\/ 2024."},{"key":"e_1_3_2_1_18_1","unstructured":"https:\/\/justice.gov\/usao-sdca\/pr\/utah-man-sentenced-computer-hacking-crime 2019."},{"key":"e_1_3_2_1_19_1","unstructured":"https:\/\/washingtonpost.com\/video-games\/2022\/10\/05\/overwatch-2-servers-ddos\/ 2022."},{"key":"e_1_3_2_1_20_1","unstructured":"https:\/\/en.wikipedia.org\/wiki\/2011_PlayStation_Network_outage 2011."},{"key":"e_1_3_2_1_21_1","unstructured":"https:\/\/telegraph.co.uk\/technology\/sony\/8475728\/Millions- of- internet-users-hit-by-massive-Sony-PlayStation-data-theft.html 2011."},{"key":"e_1_3_2_1_22_1","unstructured":"https:\/\/zdnet.com\/article\/ubisoft-confirms-just-dance-data-breach-amid-developer-exodus\/ 2021."},{"key":"e_1_3_2_1_23_1","unstructured":"https:\/\/engadget.com\/cd-projekt-red-says-it-was-hacked-but-wont-pay-any-ransom-090055291.html 2021."},{"key":"e_1_3_2_1_24_1","unstructured":"https:\/\/vice.com\/en\/article\/qjky8d\/hackers-demand-dollar10m-from-riot-games-to-stop-leak-of-league-of-legends-source-code 2023."},{"key":"e_1_3_2_1_25_1","unstructured":"https:\/\/theguardian.com\/games\/2022\/sep\/19\/grand-theft-auto-6-leak-who-hacked-rockstar-and-what-was-stolen 2022."},{"key":"e_1_3_2_1_26_1","unstructured":"https:\/\/polygon.com\/24009631\/insomniac-games-leak-hack-rhysida-files-breach 2023."},{"key":"e_1_3_2_1_27_1","unstructured":"https:\/\/kotaku.com\/crunch-time-why-game-developers-work-such-insane-hours-1704744577 2016."},{"key":"e_1_3_2_1_28_1","unstructured":"https:\/\/time.com\/5603329\/e3-video-game-creators-union\/ 2019."},{"key":"e_1_3_2_1_29_1","unstructured":"https:\/\/pewresearch.org\/short-reads\/2017\/09\/11\/younger-men-play-video-games-but-so-do-a-diverse-group-of-other-americans\/ 2017."},{"key":"e_1_3_2_1_30_1","volume-title":"Risk Management in Video Game Development Projects,' in Proceedings of the 2014 47th Hawaii International Conference on System Sciences","author":"Schmalz M.","year":"2014","unstructured":"M. Schmalz, A. Finn, and H. Taylor, 'Risk Management in Video Game Development Projects,' in Proceedings of the 2014 47th Hawaii International Conference on System Sciences, 2014."},{"key":"e_1_3_2_1_31_1","unstructured":"https:\/\/gamesindustry.biz\/mastering-feature-creep-while-changing-the-world 2017."},{"key":"e_1_3_2_1_32_1","volume-title":"Software Engineering Challenges in Game Development,' in Sixth International Conference on Information Technology: New Generations","author":"Kanode C. M.","year":"2009","unstructured":"C. M. Kanode and H. M. Haddad, 'Software Engineering Challenges in Game Development,' in Sixth International Conference on Information Technology: New Generations, 2009."},{"key":"e_1_3_2_1_33_1","volume-title":"Ankle Sprains, and Keepers of Quality: How is Video Game Development Different from Software Development'\" In Proceedings of the 36th International Conference on Software Engineering","author":"Murphy-Hill E.","year":"2014","unstructured":"E. Murphy-Hill, T. Zimmermann, and N. Nagappan, 'Cowboys, Ankle Sprains, and Keepers of Quality: How is Video Game Development Different from Software Development'\" In Proceedings of the 36th International Conference on Software Engineering, 2014."},{"key":"e_1_3_2_1_34_1","unstructured":"https:\/\/techspot.com\/news\/98046-diablo-4-beta-has-bricking-graphics-cards.html 2023."},{"key":"e_1_3_2_1_35_1","unstructured":"https:\/\/secret.club\/2021\/04\/20\/source-engine-rce-invite.html 2021."},{"key":"e_1_3_2_1_36_1","unstructured":"https:\/\/medium.com\/@prizmant\/hacking-punkbuster-e22e6cf2f36e 2020."},{"key":"e_1_3_2_1_37_1","unstructured":"https:\/\/cyberint.com\/blog\/research\/critical-account-takeover-vulnerability-discovered-and-patched-in-ea-games\/ 2019."},{"key":"e_1_3_2_1_38_1","unstructured":"https:\/\/github.com\/zeropwn\/vulnerability-reports-and-pocs\/blob\/master\/EA-Origin-RCE-CVE-2019--12828.md 2019."},{"key":"e_1_3_2_1_39_1","volume-title":"How is Video Game Development Different from Software Development in Open Source'\" In Proceedings of the 15th International Conference on Mining Software Repositories","author":"Pascarella L.","year":"2018","unstructured":"L. Pascarella, F. Palomba, M. Di Penta, et al., 'How is Video Game Development Different from Software Development in Open Source'\" In Proceedings of the 15th International Conference on Mining Software Repositories, 2018."},{"key":"e_1_3_2_1_40_1","volume-title":"The consolidation of game software engineering: A systematic literature review of software engineering for industry-scale computer games,' Information and Software Technology","author":"Chueca J.","year":"2024","unstructured":"J. Chueca, J. Ver\u00f3n, J. Font, et al., 'The consolidation of game software engineering: A systematic literature review of software engineering for industry-scale computer games,' Information and Software Technology, 2024."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/2889160.2889253"},{"key":"e_1_3_2_1_42_1","volume-title":"Proceedings of the 6th International ICSE Workshop on Games and Software Engineering: Engineering Fun, Inspiration, and Motivation","author":"Ullmann G. C.","year":"2022","unstructured":"G. C. Ullmann, C. Politowski, Y. - G. Gu\u00e9h\u00e9neuc, et al., 'Video Game Project Management Anti-Patterns,' in Proceedings of the 6th International ICSE Workshop on Games and Software Engineering: Engineering Fun, Inspiration, and Motivation, 2022."},{"key":"e_1_3_2_1_43_1","volume-title":"Proceedings of the 17th International Conference on Mining Software Repositories","author":"Politowski C.","year":"2020","unstructured":"C. Politowski, F. Petrillo, G. C. Ullmann, et al., 'Dataset of Video Game Development Problems,' in Proceedings of the 17th International Conference on Mining Software Repositories, 2020."},{"key":"e_1_3_2_1_44_1","volume-title":"Requirements engineering and the creative process in the video game industry,' in 13th IEEE International Conference on Requirements Engineering (RE'05)","author":"Callele D.","year":"2005","unstructured":"D. Callele, E. Neufeld, and K. Schneider, 'Requirements engineering and the creative process in the video game industry,' in 13th IEEE International Conference on Requirements Engineering (RE'05), 2005."},{"key":"e_1_3_2_1_45_1","volume-title":"Comput. Entertain.","author":"Petrillo F.","year":"2009","unstructured":"F. Petrillo, M. Pimenta, F. Trindade, et al., 'What went wrong' A survey of problems in game development,? Comput. Entertain., 2009."},{"key":"e_1_3_2_1_46_1","unstructured":"https:\/\/forbes.com\/sites\/nelsongranados\/2018\/04\/30\/report-cheating-is-becoming-a-big-problem-in-online-gaming\/ 2018."},{"key":"e_1_3_2_1_47_1","unstructured":"https:\/\/readwrite.com\/how-the-multiplayer-gaming-industry-is-evolving-due-to-hacks-cheats\/ 2023."},{"key":"e_1_3_2_1_48_1","volume":"202","author":"Agrahari V.","unstructured":"V. Agrahari, S. Shanbhag, S. Chimalakonda, et al., 'A catalogue of game-specific anti-patterns based on GitHub and Game Development Stack Exchange,? J. Syst. Softw., 2023.","journal-title":"J. Syst. Softw."},{"key":"e_1_3_2_1_49_1","volume-title":"Taxonomy of online game security,' Electron","author":"Ki J.","year":"2004","unstructured":"J. Ki, J. Hee Cheon, J. -U. Kang, et al., 'Taxonomy of online game security,' Electron. Library, 2004."},{"key":"e_1_3_2_1_50_1","volume-title":"IT Security Issues Within the Video Game Industry,' International Journal of Computer Science & Information Technology","author":"Mohr S.","year":"2011","unstructured":"S. Mohr and S. Rahman, 'IT Security Issues Within the Video Game Industry,' International Journal of Computer Science & Information Technology, 2011."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.5555\/1202447"},{"key":"e_1_3_2_1_52_1","volume-title":"Security design in online games,' in Proceedings of the 19th Annual Computer Security Applications Conference","author":"Yan J.","year":"2003","unstructured":"J. Yan, 'Security design in online games,' in Proceedings of the 19th Annual Computer Security Applications Conference, 2003."},{"key":"e_1_3_2_1_53_1","volume-title":"A systematic classification of cheating in online games,' in Proceedings of 4th ACM SIGCOMM Workshop on Network and System Support for Games","author":"Yan J.","year":"2005","unstructured":"J. Yan and B. Randell, 'A systematic classification of cheating in online games,' in Proceedings of 4th ACM SIGCOMM Workshop on Network and System Support for Games, 2005."},{"key":"e_1_3_2_1_54_1","doi-asserted-by":"publisher","DOI":"10.1145\/1306813.1306839"},{"key":"e_1_3_2_1_55_1","volume-title":"Security in online games: Current implementations and challenges","author":"Parizi R.","year":"2019","unstructured":"R. Parizi, A. Dehghantanha, K.-K. R. Choo, et al., Security in online games: Current implementations and challenges. 2019."},{"key":"e_1_3_2_1_56_1","volume-title":"A State Saturation Attack against Massively Multiplayer Online Videogames,' in Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP","author":"Bryant B.","year":"2021","unstructured":"B. Bryant. and H. Saiedian., 'A State Saturation Attack against Massively Multiplayer Online Videogames,' in Proceedings of the 7th International Conference on Information Systems Security and Privacy - ICISSP, 2021."},{"key":"e_1_3_2_1_57_1","volume-title":"Survey and research direction on online game security,' in Proceedings of the Workshop at SIGGRAPH Asia","author":"Woo J.","year":"2012","unstructured":"J. Woo and H. K. Kim, 'Survey and research direction on online game security,' in Proceedings of the Workshop at SIGGRAPH Asia, 2012."},{"key":"e_1_3_2_1_58_1","volume-title":"Surv.","author":"Yahyavi A.","year":"2013","unstructured":"A. Yahyavi and B. Kemme, 'Peer-to-peer architectures for massively multi-player online games: A Survey,' ACM Comput. Surv., 2013."},{"key":"e_1_3_2_1_59_1","volume-title":"An evaluation of videogame network architecture performance and security,' Computer Networks","author":"Bryant B.","year":"2021","unstructured":"B. Bryant and H. Saiedian, 'An evaluation of videogame network architecture performance and security,' Computer Networks, 2021."},{"key":"e_1_3_2_1_60_1","volume-title":"Improvement of Online Game Anti-Cheat System based on Deep Learning,' in 2nd International Conference on Information Science and Education (ICISE-IE)","author":"Zhang Q.","year":"2021","unstructured":"Q. Zhang, 'Improvement of Online Game Anti-Cheat System based on Deep Learning,' in 2nd International Conference on Information Science and Education (ICISE-IE), 2021."},{"key":"e_1_3_2_1_61_1","volume-title":"Anticheat System Based on Reinforcement Learning Agents in Unity,' Information","author":"Lukas M.","year":"2022","unstructured":"M. Lukas, I. Tomicic, and A. Bernik, 'Anticheat System Based on Reinforcement Learning Agents in Unity,' Information, 2022."},{"key":"e_1_3_2_1_62_1","volume-title":"Cheat Detection in a Multiplayer First-Person Shooter Using Artificial Intelligence Tools,' in Proceedings of the 3rd International Conference on Computational Intelligence and Intelligent Systems","author":"Spijkerman R.","year":"2021","unstructured":"R. Spijkerman and E. Marie Ehlers, 'Cheat Detection in a Multiplayer First-Person Shooter Using Artificial Intelligence Tools,' in Proceedings of the 3rd International Conference on Computational Intelligence and Intelligent Systems, 2021."},{"key":"e_1_3_2_1_63_1","volume-title":"8th International Conference on Signal Processing and Integrated Networks (SPIN)","author":"Maario A.","year":"2021","unstructured":"A. Maario, V. K. Shukla, A. Ambikapathy, et al., 'Redefining the Risks of Kernel-Level Anti-Cheat in Online Gaming,' in 8th International Conference on Signal Processing and Integrated Networks (SPIN), 2021."},{"key":"e_1_3_2_1_64_1","volume-title":"Reliability and Security","author":"Dorner C.","year":"2024","unstructured":"C. Dorner and L. D. Klausner, 'If It Looks Like a Rootkit and Deceives Like a Rootkit: A Critical Examination of Kernel-Level Anti-Cheat Systems,' in Proceedings of the 19th International Conference on Availability, Reliability and Security, 2024."},{"key":"e_1_3_2_1_65_1","volume-title":"Towards providing security for mobile games,' in Proceedings of the Eighth ACM International Workshop on Mobility in the Evolving Internet Architecture","author":"Yahyavi A.","year":"2013","unstructured":"A. Yahyavi, J. Pang, and B. Kemme, 'Towards providing security for mobile games,' in Proceedings of the Eighth ACM International Workshop on Mobility in the Evolving Internet Architecture, 2013."},{"key":"e_1_3_2_1_66_1","volume-title":"Identification and analysis of free games' permissions in Google Play,' in 6th International Conference on Information and Communication Systems (ICICS)","author":"Alothali E.","year":"2015","unstructured":"E. Alothali, F. Belqasmi, O. Alfandi, et al., 'Identification and analysis of free games' permissions in Google Play,' in 6th International Conference on Information and Communication Systems (ICICS), 2015."},{"key":"e_1_3_2_1_67_1","volume-title":"The Price to Play: A Privacy Analysis of Free and Paid Games in the Android Ecosystem,' in Proceedings of the ACM Web Conference","author":"Laperdrix P.","year":"2022","unstructured":"P. Laperdrix, N. Mehanna, A. Durey, et al., 'The Price to Play: A Privacy Analysis of Free and Paid Games in the Android Ecosystem,' in Proceedings of the ACM Web Conference, 2022."},{"key":"e_1_3_2_1_68_1","volume-title":"Analyzing Security and Privacy Risks in Android Video Game Applications,' in Advanced Information Networking and Applications","author":"Phaenthong R.","year":"2024","unstructured":"R. Phaenthong and S. Ngamsuriyaroj, 'Analyzing Security and Privacy Risks in Android Video Game Applications,' in Advanced Information Networking and Applications, 2024."},{"key":"e_1_3_2_1_69_1","volume-title":"Software engineering research for computer games: A systematic review,' Information and Software Technology","author":"Ampatzoglou A.","year":"2010","unstructured":"A. Ampatzoglou and I. Stamelos, 'Software engineering research for computer games: A systematic review,' Information and Software Technology, 2010."},{"key":"e_1_3_2_1_70_1","volume-title":"A Practical Guide for Novice Investigators,' Qualitative Report","author":"Turner D.","year":"2010","unstructured":"D. Turner, 'Qualitative Interview Design: A Practical Guide for Novice Investigators,' Qualitative Report, 2010."},{"key":"e_1_3_2_1_71_1","volume-title":"Interview Techniques for UX Practitioners","author":"Wilson C.","year":"2014","unstructured":"C. Wilson, 'Interview Techniques for UX Practitioners,' in 2014."},{"key":"e_1_3_2_1_72_1","volume-title":"Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes,' in 2018 IEEE Symposium on Security and Privacy (SP)","author":"Votipka D.","year":"2018","unstructured":"D. Votipka, R. Stevens, E. Redmiles, et al., 'Hackers vs. Testers: A Comparison of Software Vulnerability Discovery Processes,' in 2018 IEEE Symposium on Security and Privacy (SP), 2018."},{"key":"e_1_3_2_1_73_1","volume-title":"I'm a stats guy\": a qualitative root cause analysis of barriers to adversarial machine learning defenses in industry,' in Proceedings of the 32nd USENIX Conference on Security Symposium","author":"Mink J.","year":"2023","unstructured":"J. Mink, H. Kaur, J. Schm\u00fcser, et al., '\"Security is not my field, I'm a stats guy\": a qualitative root cause analysis of barriers to adversarial machine learning defenses in industry,' in Proceedings of the 32nd USENIX Conference on Security Symposium, 2023."},{"key":"e_1_3_2_1_74_1","unstructured":"S. H\u00f6ltervennhoff P. Klostermeyer N. W\u00f6hler et al. '\"I wouldn't want my unsafe code to run my pacemaker\": an interview study on the use comprehension and perceived risks of unsafe rust ' in Proceedings of the 32nd USENIX Conference on Security Symposium 2023."},{"key":"e_1_3_2_1_75_1","unstructured":"https:\/\/unity.com\/ 2024."},{"key":"e_1_3_2_1_76_1","unstructured":"https:\/\/unrealengine.com\/ 2024."},{"key":"e_1_3_2_1_77_1","unstructured":"https:\/\/slashdata.co\/post\/did-you-know-that-60-of-game-developers-use-game-engines 2023."},{"key":"e_1_3_2_1_78_1","unstructured":"https:\/\/pocketgamer.biz\/news\/82129\/79-of-devs-are-increasingly-pressured-to-release-unfinished-games\/ 2023."},{"key":"e_1_3_2_1_79_1","unstructured":"https:\/\/pcmag.com\/opinions\/stop-giving-your-money-to-game-publishers-that-sell-now-patch-later 2022."},{"key":"e_1_3_2_1_80_1","unstructured":"https:\/\/gamesindustry.biz\/what-can-we-learn-from-newly-enacted-salary-transparency-laws 2023."},{"key":"e_1_3_2_1_81_1","volume-title":"Are We There Yet' Data Saturation in Qualitative Research.,' Qualitative Report","author":"Fusch P. I.","year":"2015","unstructured":"P. I. Fusch and L. R. Ness, 'Are We There Yet' Data Saturation in Qualitative Research.,' Qualitative Report, 2015."},{"key":"e_1_3_2_1_82_1","volume-title":"Constructing Grounded Theory","author":"Charmaz K.","year":"2014","unstructured":"K. Charmaz, Constructing Grounded Theory. 2014."},{"key":"e_1_3_2_1_83_1","volume-title":"Grounded theory in practice","author":"Strauss A.","year":"1997","unstructured":"A. Strauss and J. M. Corbin, Grounded theory in practice. 1997."},{"key":"e_1_3_2_1_84_1","volume-title":"Grounded theory research: Procedures, canons and evaluative criteria,' Qualitative Sociology","author":"Corbin J.","year":"1990","unstructured":"J. Corbin and A. Strauss, 'Grounded theory research: Procedures, canons and evaluative criteria,' Qualitative Sociology, 1990."},{"key":"e_1_3_2_1_85_1","volume-title":"Grounded theory for qualitative research: A practical guide","author":"Urquhart C.","year":"2012","unstructured":"C. Urquhart, Grounded theory for qualitative research: A practical guide. 2012."},{"key":"e_1_3_2_1_86_1","volume-title":"Grounded theory: A practical guide","author":"Birks M.","year":"2015","unstructured":"M. Birks and J. Mills, Grounded theory: A practical guide. 2015."},{"key":"e_1_3_2_1_87_1","doi-asserted-by":"publisher","DOI":"10.1145\/3359174"},{"key":"e_1_3_2_1_88_1","volume-title":"Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories,' in 32nd USENIX Security Symposium (USENIX Security 23)","author":"Krause A.","year":"2023","unstructured":"A. Krause, J. H. Klemmer, N. Huaman, et al., 'Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories,' in 32nd USENIX Security Symposium (USENIX Security 23), 2023."},{"key":"e_1_3_2_1_89_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP46215.2023.10179410"},{"key":"e_1_3_2_1_90_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2024-0010"},{"key":"e_1_3_2_1_91_1","volume-title":"2024 IEEE Symposium on Security and Privacy (SP)","author":"Klivan S.","year":"2024","unstructured":"S. Klivan, S. H\u00f6ltervennhoff, R. Panskus, et al., 'Everyone for Themselves' A Qualitative Study about Individual Security Setups of Open Source Software Contributors,' in 2024 IEEE Symposium on Security and Privacy (SP), 2024."},{"key":"e_1_3_2_1_92_1","volume-title":"Contextual Design: Defining Customer-Centered Systems","author":"Beyer H.","year":"1997","unstructured":"H. Beyer and K. Holtzblatt, Contextual Design: Defining Customer-Centered Systems. 1997."},{"key":"e_1_3_2_1_93_1","volume":"201","author":"Kenneally E.","unstructured":"E. Kenneally and D. Dittrich, 'The Menlo Report: Ethical Principles Guiding Information and Communication Technology Research,' SSRN Electronic Journal, 2012.","journal-title":"SSRN Electronic Journal"},{"key":"e_1_3_2_1_94_1","unstructured":"https:\/\/playfab.com\/ 2024."},{"key":"e_1_3_2_1_95_1","volume-title":"A comprehensive review of the Swiss cheese model in risk management,' Safety in Extreme Environments","author":"Shabani T.","year":"2023","unstructured":"T. Shabani, S. Jerie, and T. Shabani, 'A comprehensive review of the Swiss cheese model in risk management,' Safety in Extreme Environments, 2023."},{"key":"e_1_3_2_1_96_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2024-0010"},{"key":"e_1_3_2_1_97_1","volume-title":"Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019)","author":"Mhaidli A. H.","year":"2019","unstructured":"A. H. Mhaidli, Y. Zou, and F. Schaub, ?\"We Can?t Live Without Them!\" App Developers? Adoption of Ad Networks and Their Considerations of Consumer Risks,? in Fifteenth Symposium on Usable Privacy and Security (SOUPS 2019), 2019."},{"key":"e_1_3_2_1_98_1","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2024.23013"},{"key":"e_1_3_2_1_99_1","unstructured":"https:\/\/github.com\/gmh5225\/awesome-game-security 2024."},{"key":"e_1_3_2_1_100_1","unstructured":"https:\/\/github.com\/OWASP\/www-project-game-security-framework\/blob\/master\/migrated_content.md 2024."},{"key":"e_1_3_2_1_101_1","volume":"201","author":"Ramesh B.","unstructured":"B. Ramesh, L. Cao, and R. Baskerville, 'Agile Requirements Engineering Practices and Challenges: An Empirical Study,' Information Systems Journal, 2010.","journal-title":"Information Systems Journal"},{"key":"e_1_3_2_1_102_1","volume-title":"Security in Agile Software Development: A Practitioner Survey,' Information and Software Technology","author":"Rindell K.","year":"2021","unstructured":"K. Rindell, J. Ruohonen, J. Holvitie, et al., 'Security in Agile Software Development: A Practitioner Survey,' Information and Software Technology, 2021."},{"key":"e_1_3_2_1_103_1","volume-title":"Management of Quality Requirements in Agile and Rapid Software Development: A Systematic Mapping Study,' Information and Software Technology","author":"Behutiye W.","year":"2020","unstructured":"W. Behutiye, P. Karhap\u00e4\u00e4, L. L\u00f3pez, et al., 'Management of Quality Requirements in Agile and Rapid Software Development: A Systematic Mapping Study,' Information and Software Technology, 2020."},{"key":"e_1_3_2_1_104_1","volume-title":"Networks and Digital Signal Processing (CSNDSP)","author":"Attwood S.","year":"2022","unstructured":"S. Attwood, N. Onumah, K. Paxton-Fear, et al., 'Security-Focused Prototyping: A Natural Precursor to Secure Development,' in 2022 13th International Symposium on Communication Systems, Networks and Digital Signal Processing (CSNDSP), 2022."},{"key":"e_1_3_2_1_105_1","volume":"200","author":"Matthews B.","unstructured":"B. Matthews, J. Sylvie, S.-H. Lee, et al., 'Addressing Security in Early Stages of Project Life Cycle,' Journal of Management in Engineering, 2006.","journal-title":"'Addressing Security in Early Stages of Project Life Cycle,' Journal of Management in Engineering"},{"key":"e_1_3_2_1_106_1","volume-title":"Proposal of Game Design Document from software engineering requirements perspective,' in 17th International Conference on Computer Games (CGAMES)","author":"Salazar M. G.","year":"2012","unstructured":"M. G. Salazar, H. A. Mitre, C. L. Olalde, et al., 'Proposal of Game Design Document from software engineering requirements perspective,' in 17th International Conference on Computer Games (CGAMES), 2012."},{"key":"e_1_3_2_1_107_1","volume-title":"Threat Modeling Tools: A Taxonomy,' IEEE Security & Privacy","author":"Shi Z.","year":"2022","unstructured":"Z. Shi, K. Graffi, D. Starobinski, et al., 'Threat Modeling Tools: A Taxonomy,' IEEE Security & Privacy, 2022."},{"key":"e_1_3_2_1_108_1","doi-asserted-by":"publisher","DOI":"10.5555\/2829295"},{"key":"e_1_3_2_1_109_1","volume-title":"2021 IEEE\/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS)","author":"Ryan I.","year":"2021","unstructured":"I. Ryan, U. Roedig, and K. -J. Stol, 'Understanding Developer Security Archetypes,' in 2021 IEEE\/ACM 2nd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS), 2021."},{"key":"e_1_3_2_1_110_1","volume":"202","author":"Aalvik H.","unstructured":"H. Aalvik, A. Nguyen-Duc, D. S. Cruzes, et al., 'Establishing a Security Champion in Agile Software Teams: A Systematic Literature Review,' in Advances in Information and Communication, 2023.","journal-title":"'Establishing a Security Champion in Agile Software Teams: A Systematic Literature Review,' in Advances in Information and Communication"},{"key":"e_1_3_2_1_111_1","volume-title":"Big Data and Security (IoTBDS)","author":"Chalishhafshejani S.","year":"2022","unstructured":"S. Chalishhafshejani, B. Pham, and M. Jaatun, 'Automating Security in a Continuous Integration Pipeline,' in Proceedings of the 7th International Conference on Internet of Things, Big Data and Security (IoTBDS), 2022."},{"key":"e_1_3_2_1_112_1","volume-title":"World of Bugs: A Platform for Automated Bug Detection in 3D Video Games,' in 2022 IEEE Conference on Games (CoG)","author":"Wilkins B.","year":"2022","unstructured":"B. Wilkins and K. Stathis, 'World of Bugs: A Platform for Automated Bug Detection in 3D Video Games,' in 2022 IEEE Conference on Games (CoG), 2022."},{"key":"e_1_3_2_1_113_1","volume-title":"AstroBug: Automatic Game Bug Detection Using Deep Learning,' IEEE Transactions on Games","author":"Azizi E.","year":"2024","unstructured":"E. Azizi and L. Zaman, 'AstroBug: Automatic Game Bug Detection Using Deep Learning,' IEEE Transactions on Games, 2024."},{"key":"e_1_3_2_1_114_1","volume-title":"AICodeReview: Advancing code quality with AI-enhanced reviews,' SoftwareX","author":"Almeida Y.","year":"2024","unstructured":"Y. Almeida, D. Albuquerque, E. D. Filho, et al., 'AICodeReview: Advancing code quality with AI-enhanced reviews,' SoftwareX, 2024."},{"key":"e_1_3_2_1_115_1","volume":"202","author":"Rasheed Z.","unstructured":"Z. Rasheed, M. A. Sami, M. Waseem, et al., 'AI-powered Code Review with LLMs: Early Results,' arXiv, 2024.","journal-title":"'AI-powered Code Review with LLMs: Early Results,' arXiv"},{"key":"e_1_3_2_1_116_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP54263.2024.00210"},{"key":"e_1_3_2_1_117_1","volume-title":"Understanding the Effectiveness of Large Language Models in Detecting Security Vulnerabilities,' arXiv","author":"Khare A.","year":"2024","unstructured":"A. Khare, S. Dutta, Z. Li, et al., 'Understanding the Effectiveness of Large Language Models in Detecting Security Vulnerabilities,' arXiv, 2024."},{"key":"e_1_3_2_1_118_1","volume-title":"Detecting Video Game-Specific Bad Smells in Unity Projects,' in Proceedings of the 17th International Conference on Mining Software Repositories","author":"Borrelli A.","year":"2020","unstructured":"A. Borrelli, V. Nardone, G. A. Di Lucca, et al., 'Detecting Video Game-Specific Bad Smells in Unity Projects,' in Proceedings of the 17th International Conference on Mining Software Repositories, 2020."},{"key":"e_1_3_2_1_119_1","volume-title":"Sensei: Enforcing secure coding guidelines in the integrated development environment,' Software: Practice and Experience","author":"Cremer P. De","year":"2020","unstructured":"P. De Cremer, N. Desmet, M. Madou, et al., 'Sensei: Enforcing secure coding guidelines in the integrated development environment,' Software: Practice and Experience, 2020."},{"key":"e_1_3_2_1_120_1","unstructured":"https:\/\/decoded.avast.io\/janvojtesek\/dota-2-under-attack-how-a-v8-bug-was-exploited-in-the-game\/ 2023."},{"key":"e_1_3_2_1_121_1","unstructured":"https:\/\/owasp.org\/www-project-dependency-check\/ 2024."},{"key":"e_1_3_2_1_122_1","unstructured":"https:\/\/docs.github.com\/en\/code-security\/dependabot."},{"key":"e_1_3_2_1_123_1","volume-title":"A Qualitative Study of Dependency Management and Its Security Implications,' in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security","author":"Pashchenko I.","year":"2020","unstructured":"I. Pashchenko, D. -L. Vu, and F. Massacci, 'A Qualitative Study of Dependency Management and Its Security Implications,' in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020."},{"key":"e_1_3_2_1_124_1","volume-title":"What Concerns Game Developers' A Study on Game Development Processes, Sustainability and Metrics,' in 2017 IEEE\/ACM 8th Workshop on Emerging Trends in Software Metrics (WET-SoM)","author":"Kasurinen J.","year":"2017","unstructured":"J. Kasurinen, M. Palacin-Silva, and E. Vanhala, 'What Concerns Game Developers' A Study on Game Development Processes, Sustainability and Metrics,' in 2017 IEEE\/ACM 8th Workshop on Emerging Trends in Software Metrics (WET-SoM), 2017."},{"key":"e_1_3_2_1_125_1","volume-title":"Acceptance and use of virtual reality games: an extension of HMSAM,' Virtual Reality","author":"Kari T.","year":"2023","unstructured":"T. Kari and M. Kosa, 'Acceptance and use of virtual reality games: an extension of HMSAM,' Virtual Reality, 2023."},{"key":"e_1_3_2_1_126_1","volume-title":"SoK: Authentication in Augmented and Virtual Reality,' in 2022 IEEE Symposium on Security and Privacy (SP)","author":"Stephenson S.","year":"2022","unstructured":"S. Stephenson, B. Pal, S. Fan, et al., 'SoK: Authentication in Augmented and Virtual Reality,' in 2022 IEEE Symposium on Security and Privacy (SP), 2022."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690190","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690190","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T05:54:18Z","timestamp":1755842058000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690190"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":126,"alternative-id":["10.1145\/3658644.3690190","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690190","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}