Secure coding is crucial for the design of secure and efficient software and computing systems. However, many programmers avoid secure coding practices for a variety of reasons. Some of these reasons are lack of knowledge of secure coding standards, negligence, and poor performance of and usability issues with existing code analysis tools. Therefore, it is essential to create tools that address these issues and concerns. This article features the proposal, development, and evaluation of a recommender system that uses text mining techniques, coupled with IntelliSense technology, to recommend fixes for potential vulnerabilities in program code. The resulting system mines a large code base of over 1.6 million Java files using the MapReduce methodology, creating a knowledge base for a recommender system that provides fixes for taint-style vulnerabilities. Formative testing and a usability study determined that surveyed participants strongly believed that a recommender system would help programmers write more secure code.

中文翻译：

---

推荐系统在安全编码中的应用

安全编码对于设计安全高效的软件和计算系统至关重要。但是，许多程序员出于各种原因避免使用安全的编码实践。其中一些原因是缺乏对安全编码标准的了解，过失以及现有代码分析工具的性能不佳以及可用性问题。因此，创建解决这些问题和疑虑的工具至关重要。本文介绍了使用文本挖掘技术和IntelliSense技术的推荐程序系统的建议，开发和评估，以针对程序代码中的潜在漏洞提出修复程序。最终的系统使用MapReduce方法挖掘了超过160万个Java文件的大型代码库，为推荐系统创建知识库，该系统提供针对异味样式漏洞的修复程序。形成性测试和可用性研究确定，参与调查的参与者坚信推荐系统可以帮助程序员编写更安全的代码。