A co-occurrence recommendation model of software security requirement

Yilin Xu, Weimin Ge, Xiaohong Li, Zhiyong Feng, Xiaofei Xie, Yude Bai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

To guarantee the quality of software, specifying security requirements (SRs) is essential for developing systems, especially for security-critical software systems. However, using security threat to determine detailed SR is quite difficult according to Common Criteria (CC), which is too confusing and technical for non-security specialists. In this paper, we propose a Co-occurrence Recommend Model (CoRM) to automatically recommend software SRs. In this model, the security threats of product are extracted from security target documents of software, in which the related security requirements are tagged. In order to establish relationships between software security threat and security requirement, semantic similarities between different security threat is calculated by Skip-thoughts Model. To evaluate our CoRM model, over 1000 security target documents of 9 types software products are exploited. The results suggest that building a CoRM model via semantic similarity is feasible and reliable.

本文言語英語
ホスト出版物のタイトルProceedings - 2019 13th International Symposium on Theoretical Aspects of Software Engineering, TASE 2019
出版社Institute of Electrical and Electronics Engineers Inc.
ページ41-48
ページ数8
ISBN(電子版)9781728133423
DOI
出版ステータス出版済み - 7 2019
外部発表はい
イベント13th International Symposium on Theoretical Aspects of Software Engineering, TASE 2019 - Guilin, 中国
継続期間: 7 29 20197 31 2019

出版物シリーズ

名前Proceedings - 2019 13th International Symposium on Theoretical Aspects of Software Engineering, TASE 2019

会議

会議13th International Symposium on Theoretical Aspects of Software Engineering, TASE 2019
国/地域中国
CityGuilin
Period7/29/197/31/19

All Science Journal Classification (ASJC) codes

  • 安全性、リスク、信頼性、品質管理
  • 計算理論と計算数学
  • ソフトウェア
  • 情報システムおよび情報管理

フィンガープリント

「A co-occurrence recommendation model of software security requirement」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル