Security Assessment of Software Design using Neural Network
This addresses the high cost of late security integration in software development for developers, though it appears incremental as it applies an existing neural network method to a new domain.
The paper tackles the problem of identifying security flaws early in software design by training a back propagation neural network to detect attack patterns from design scenarios, with results showing its performance in identifying possible attacks.
Security flaws in software applications today has been attributed mostly to design flaws. With limited budget and time to release software into the market, many developers often consider security as an afterthought. Previous research shows that integrating security into software applications at a later stage of software development lifecycle (SDLC) has been found to be more costly than when it is integrated during the early stages. To assist in the integration of security early in the SDLC stages, a new approach for assessing security during the design phase by neural network is investigated in this paper. Our findings show that by training a back propagation neural network to identify attack patterns, possible attacks can be identified from design scenarios presented to it. The result of performance of the neural network is presented in this paper.