A Study on Practices against Malware in Free Software Projects

Author

Colomina, I. ; Arnedo-Moreno, J. ; Clariso, Robert

Author_Institution

Estudis d´Inf., Multimedia i Telecomun., Univ. Oberta de Catalunya, Barcelona, Spain

fYear

2013

fDate

25-28 March 2013

Firstpage

1070

Lastpage

1075

Abstract

Many popular applications are developed using a free software model, through the collaborative effort of a community which makes the source code available for free. Unfortunately, malicious third parties may attempt to take advantage of this combination of popularity and openness by introducing software components that infect end-users who install the application. To reduce this security risk, several technical procedures and community management practices can be used during software development and distribution. This paper studies these procedures in the free source domain and evaluates their application in two widely-used open source projects, Symfony and Chromium.

Keywords

invasive software; public domain software; risk management; software engineering; Chromium; Symfony; community management practice; free software project; free source domain; malware; open source project; security risk reduction; software component; software development; software distribution; source code; technical procedure; Chromium; Communities; Licenses; Malware; Organizations; Software; collaboration; free software; malware; open source; security; software development;

fLanguage

English

Publisher

ieee

Conference_Titel

Advanced Information Networking and Applications Workshops (WAINA), 2013 27th International Conference on

Conference_Location

Barcelona

Print_ISBN

978-1-4673-6239-9

Electronic_ISBN

978-0-7695-4952-1

Type

conf

DOI

10.1109/WAINA.2013.245

Filename

6550537