Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore ongoing research into predicting open-source software vulnerabilities through communication analysis in this 21-minute conference talk by Shlok Gilda from the University of Florida, presented at OpenSSF. Discover the development of "FORCE" (Framework for Open-Source Risk and Community Evaluation), an innovative framework designed to proactively assess OSS project risk by analyzing communication patterns within GitHub repositories. Learn how the research examines sentiment, toxicity, outrage, stance, and key discussion topics in developer communications, combining these insights with contributor network analysis and vulnerability data. Understand the methodology behind creating the "Temporal Health Score" (THS), a composite metric that provides early warnings of potential security risks in open-source projects. Gain insights into how prior research in subtle toxicity detection and behavioral analysis informs the FORCE framework design. Examine the potential for actionable insights that can help OSS maintainers improve communication, foster better collaboration, and mitigate identified risks. Participate in the discussion about community feedback on the framework and explore its potential applications for enhancing open-source software security through better understanding of developer communication dynamics.
