softwaretestingpoint.com
No Result
View All Result
  • Home
  • News
  • Apps
  • Computers
  • Devices
  • How To
  • Games
  • Home
  • News
  • Apps
  • Computers
  • Devices
  • How To
  • Games
No Result
View All Result
softwaretestingpoint.com
No Result
View All Result
Home News

Security policies may be extracted from software using an automated technique developed by researchers

A group of UTSA academics is investigating if a novel automated method to software security vulnerabilities may be used to avoid software security issues

by admin
March 9, 2022
in News, Security
0
Security policies may be extracted from software using an automated technique developed by researchers
0
SHARES
17
VIEWS
Share on FacebookShare on Twitter

A deep learning model was developed by the team, which included Ram Krishnan, associate professor in the UTSA Department of Electrical and Computer Engineering; Yufei Huang, professor in Electrical and Computer Engineering; Jianwei Niu, associate professor in Computer Science; Ravi Sandhu, professor, and Lutcher Brown Distinguished Chair in Cyber Security; and John Heaps, postdoctoral researcher in the UTSA Institute for Cyber Security, to teach software how to extract security information.

Agile software development, in contrast to conventional software models, is intended to generate software at a quicker rate, reducing the need to spend time on thorough papers and changing software requirements, as is the case with traditional software models. There is just one kind of documentation required: user stories, which are specifications that outline the software’s needs. This method, however, is hampered by behaviors inherent to it, such as the need for continual code modifications, which make it difficult to undertake security assurance evaluations.

In a chance interaction with software professionals in the business, Krishnan came up with the fundamental concept of bridging the gap between security rules and agile software development, he said. In order to begin exploring this challenge and developing a practical solution, we were able to put together a team of teachers and students with experience in cybersecurity, software engineering, and machine learning.”

The researchers investigated a number of different machine learning algorithms before arriving on a deep learning strategy that can handle a variety of various user story styles and lengths. The model is composed of three components that work together to make the prediction: access control classifications, named entity recognition, and access type classification. The categorization of access control information assists the program in determining whether or not user stories include access control information. The actors and data items in the tale are all identified by a named entity. The link between the two is determined by the categorization of access type classifications.

To test their technique, the team used a data collection of 21 online apps, each of which had 50-130 user tales, for a total of 1,600 user stories.

According to Krishnan, “we constructed a learning model based on transformers,” which is an extremely effective machine learning approach, using a dataset of 1,600 user tales. It was possible to extract security rules with high accuracy and display the findings to assist stakeholders in refining user stories and maintaining an overview of the system’s access control, as shown in this case study.”

A crucial tool in the contemporary agile software development life cycle, says Krishnan, this revolutionary new technique will prove to be a game changer.

Since agile software development emphasizes incremental modifications to code, a manual procedure for extracting security rules would be error-prone and time-consuming, according to the author. The use of machine learning and artificial intelligence has shown to be a powerful method in yet another field, says the author.

Krishnan said that the team has numerous ideas for where they would want to take the project in the future.

“We know that, in a completely automated approach, there is little further information regarding access control that can be collected or identified directly from user stories,” Krishnan stated. “That implies that without the intervention of a person, it is difficult or impossible to identify the precise access control of a program from user stories. We want to improve our approach by making it more interactive with stakeholders, who will then be able to contribute to the refinement of the access control information.”

ShareTweetPin

Related Posts

Apple’s ‘ban’ on third-party browsers has prompted a backlash from developers
News

Apple’s ‘ban’ on third-party browsers has prompted a backlash from developers

March 9, 2022
Apple, Google, Microsoft, and Mozilla are working to make the web more consistent
News

Apple, Google, Microsoft, and Mozilla are working to make the web more consistent

March 9, 2022
Google is planning to revamp its ad tracking mechanism for Android smartphones in the near future
Computers

Google is planning to revamp its ad tracking mechanism for Android smartphones in the near future

March 9, 2022
Firefox 98 is released, and it has improved facilities for downloading files
Computers

Firefox 98 is released, and it has improved facilities for downloading files

March 9, 2022
Apple has launched the Mac Studio, the company’s most powerful computer to date
News

Apple has launched the Mac Studio, the company’s most powerful computer to date

March 9, 2022
7 Symptoms of Malware and How to Get Rid of It
How To

7 Symptoms of Malware and How to Get Rid of It

March 8, 2022
Next Post
How do open-source communities function, and how do they benefit everyone?

How do open-source communities function, and how do they benefit everyone?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • 298 Followers

Recommended

Why the software-defined automobile represents a paradigm shift

Why the software-defined automobile represents a paradigm shift

March 8, 2022
Google is planning to revamp its ad tracking mechanism for Android smartphones in the near future

Google is planning to revamp its ad tracking mechanism for Android smartphones in the near future

March 9, 2022
What Software Do Engineers Use When Designing Self-Driving Vehicles?

What Software Do Engineers Use When Designing Self-Driving Vehicles?

March 8, 2022
Apple’s ‘ban’ on third-party browsers has prompted a backlash from developers

Apple’s ‘ban’ on third-party browsers has prompted a backlash from developers

March 9, 2022
Apple has launched the Mac Studio, the company’s most powerful computer to date

Apple has launched the Mac Studio, the company’s most powerful computer to date

March 9, 2022
The technologies that will serve as the foundation for the metaverse (one day)

The technologies that will serve as the foundation for the metaverse (one day)

March 9, 2022

  • About
  • Advertise
  • Contact

ABOUT US
softwaretestingpoint.com - is a popular online magazine about new mobile apps, professional software. Here you can find news, reviews and our opinion.
© 2022 softwaretestingpoint.com. All right Reserved.

No Result
View All Result
  • Homepages
    • Home – Layout 1
  • How To
  • Apps
  • Devices
  • Games

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.