Using Neural Network to Propose Solutions to Threats in Attack Patterns (1401.6226v1)

Abstract: In the last decade, a lot of effort has been put into securing software application during development in the software industry. Software security is a research field in this area which looks at how security can be weaved into software at each phase of software development lifecycle (SDLC). The use of attack patterns is one of the approaches that have been proposed for integrating security during the design phase of SDLC. While this approach help developers in identify security flaws in their software designs, the need to apply the proper security capability that will mitigate the threat identified is very important. To assist in this area, the uses of security patterns have been proposed to help developers to identify solutions to recurring security problems. However due to different types of security patterns and their taxonomy, software developers are faced with the challenge of finding and selecting appropriate security patterns that addresses the security risks in their design. In this paper, we propose a tool based on Neural Network for proposing solutions in form of security patterns to threats in attack patterns matching attacking patterns. From the result of performance of the neural network, we found out that the neural network was able to match attack patterns to security patterns that can mitigate the threat in the attack pattern. With this information developers are better informed in making decision on the solution for securing their application.