Indexed by:
Abstract:
Eliciting security requirements in early stage of system development has been widely recognized as an efficient way for minimizing security cost and avoiding recurring security problems. However, in many projects, security requirements are not explicitly specified but rather mixed with other requirements, requiring precise and fast identification of such security requirements. Although several probability-based approaches have been proposed to tackle this problem, they are either imprecise or domain-dependent. In this paper, we propose a tool supported method to efficiently identify security requirements, which combines linguistic analysis with machine learning techniques. In particular, we apply a systematic approach to identify linguistic features of security requirements based on existing security requirements ontologies and linguistic knowledge. We automatically extract such features from textual requirements, which are then used to train security requirements classifiers using typical machine learning techniques. We have implemented a prototype tool to support our approach, and have systematically evaluated our approach based on three realistic requirements specifications. The evaluation results show that our approach has promising potential to train classifiers that can classify requirements specifications from different application domains.
Keyword:
Reprint Author's Address:
Email:
Source :
2017 24TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC 2017)
ISSN: 1530-1362
Year: 2017
Page: 388-397
Language: English
Cited Count:
WoS CC Cited Count: 11
SCOPUS Cited Count: 15
ESI Highly Cited Papers on the List: 0 Unfold All
WanFang Cited Count:
Chinese Cited Count:
30 Days PV: 2
Affiliated Colleges: