Cargando…
Empirical Research for Software Security : Foundations and Experience.
"Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that...
| Clasificación: | Libro Electrónico |
|---|---|
| Autor principal: | |
| Otros Autores: | , |
| Formato: | Electrónico eBook |
| Idioma: | Inglés |
| Publicado: |
Milton :
CRC Press,
2017.
|
| Colección: | Series in security, privacy, and trust.
|
| Temas: | |
| Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Half Title; Title Page; Copyright Page; Table of Contents; Preface; List of Figures; List of Tables; Contributors; 1: Empirical Research on Security and Privacy by Design; 1.1 Introduction; 1.2 Empirical Research on Security and Privacy by Design; 1.3 Scoping; 1.4 Planning; 1.5 Operation; 1.6 Analysis and Interpretation; 1.7 Presentation and Packaging; 1.8 Conclusion; 2: Guidelines for Systematic Mapping Studies in Security Engineering; 2.1 Introduction; 2.2 Background on Systematic Mapping Studies in Software Engineering.
- 2.3 Overview of Available Mapping Studies in Security Engineering2.4 Guidelines for Systematic Mapping Studies in Security Engineering; 2.5 Summary; 3: An Introduction to Data Analytics for Software Security; 3.1 Introduction; 3.2 Secure Software Development; 3.3 Software Security Analytical Process; 3.4 Learning Methods Used in Software Security; 3.5 Evaluation of Model Performance; 3.6 More Lessons Learned; 3.7 Conclusion; 3.8 Acknowledgment; 4: Generating Software Security Knowledge Through Empirical Methods; 4.1 Introduction and Motivation; 4.2 Empirical Methods for Knowledge Generation.
- 4.3 Example Application Domain: Secure Software Development Research Project4.4 Experiments; 4.5 Systematic Literature Mappings; 4.6 Case Studies; 4.7 Experimental Replications; 4.8 Conclusions; 4.9 Acknowledgment; 5: Visual Analytics: Foundations and Experiences in Malware Analysis; 5.1 Introduction; 5.2 Background in Malware Analysis; 5.3 Visual Analytics Foundations; 5.4 The Knowledge Generation Process; 5.5 Design and Evaluation for Visual Analytics Systems; 5.6 Experience in Malware Analysis; 5.7 Future Directions; 5.8 Conclusions.
- 6: Analysis of Metrics for Classification Accuracy in Intrusion Detection6.1 Introduction; 6.2 Evaluation Metrics; 6.3 Literature Review; 6.4 What Hinders Adoption of Alternative Metrics; 6.5 Guidelines for Introducing New Evaluation Metrics; 6.6 Conclusions; 6.7 Acknowledgement; 7: The Building Security in Maturity Model as a Research Tool; 7.1 Introduction; 7.2 Background; 7.3 Questionnaires in Software Security; 7.4 A Case Study; 7.5 Discussion; 7.6 Conclusion; 8: Agile Test Automation for Web Applicationsâ#x80;#x94; A Security Perspective; 8.1 Introduction; 8.2 Methodology; 8.3 Risk Assessment.
- 8.4 Testing and Test Automation from the Security Perspective8.5 Static Analysis Tools; 8.6 Dynamic Analysis Tools and Frameworks; 8.7 Evaluating Static/Dynamic Analysis Tools and Frameworks; 8.8 Appraisal of the Tools; 8.9 Conclusion; 9: Benchmark for Empirical Evaluation of Web Application Anomaly Detectors; 9.1 Introduction; 9.2 Literature Review; 9.3 Benchmark Characteristics for Application-Layer Attack Detection Approaches; 9.4 An Example Environment for Generating Benchmark Data; 9.5 Using the Benchmark Dataset to Evaluate an IDS; 9.6 Conclusion.