Analysis of Security Vulnerabilities Using Misuse Pattern Testing Approach

Abstract: Vulnerability detection is commonly been executed during the testing phase of software development. Current methods are not able to detect system or software security vulnerabilities of certain types of attacks during the early stages of software development. These attacks include both the ones we did not anticipate as well as the ones unknown during the design phase. In this paper we propose a method to detect the security vulnerabilities during the design phase of software development. This approach simulate… Show more

“…Yifan and Boonsiri also recognized the usefulness of pattern testing and proposed a method for detecting security vulnerabilities during design phase [62]. In their approach, they used model testing method to simulate attacks in UML simulation environment in accordance to the misuse patterns which helped uncover existing vulnerabilities that could expose a system to potential threats of certain types of attacks [62]. In addition to that, their method could also indicate which security patterns would be best suited to mitigate such risks.…”

“…In addition to that, their method could also indicate which security patterns would be best suited to mitigate such risks. The benefits reaped from the contribution of model testing helped them analyze system security vulnerabilities during the design phase of software development [62]. Moreover, authors believed this method to be cost-effective and valuable since it had the potentials to improve the design resulting in lower costs as opposed to costs incurred during testing, debugging and maintenance phases of software development [62].…”

Software Engineering Principles and Security Vulnerabilities

“…Yifan and Boonsiri also recognized the usefulness of pattern testing and proposed a method for detecting security vulnerabilities during design phase [62]. In their approach, they used model testing method to simulate attacks in UML simulation environment in accordance to the misuse patterns which helped uncover existing vulnerabilities that could expose a system to potential threats of certain types of attacks [62]. In addition to that, their method could also indicate which security patterns would be best suited to mitigate such risks.…”

“…In addition to that, their method could also indicate which security patterns would be best suited to mitigate such risks. The benefits reaped from the contribution of model testing helped them analyze system security vulnerabilities during the design phase of software development [62]. Moreover, authors believed this method to be cost-effective and valuable since it had the potentials to improve the design resulting in lower costs as opposed to costs incurred during testing, debugging and maintenance phases of software development [62].…”

Software Engineering Principles and Security Vulnerabilities