Empirical Research for Software Security : Foundations and Experience

著者名：ben Othmane, Lotfi (EDT)/Jaatun, Martin Gilje (EDT)/Weippl, Edgar (EDT)

CRC Press（2017/11/28発売）

• 言語：ENG
• ISBN：9781498776417
• eISBN：9781351650885

Description

Developing secure software requires the integration of numerous methods and tools into the development process, and software design is based on shared expert knowledge, claims, and opinions. Empirical methods, including data analytics, allow extracting knowledge and insights from the data that organizations collect from their processes and tools, and from the opinions of the experts who practice these processes and methods. This book introduces the reader to the fundamentals of empirical research methods, and demonstrates how these methods can be used to hone a secure software development lifecycle based on empirical data and published best practices.

Table of Contents

1. Empirical Research on Security and Privacy by Design, Koen Yskout, Kim Wuyts, Dimitri Van Landuyt, Riccardo Scandariato, and Wouter Joosen
2. Guidelines for Systematic Mapping Studies in Security Engineering, Michael Felderer and Jeffrey C. Carver
3. An Introduction to Data Analytics for Software Security, Lotfi ben Othmane, Achim D. Brucker, Stanislav Dashevskyi, and Peter Tsalovski
4. Generating Software Security Knowledge Through Empirical Methods, Rene Noel, Santiago Matalonga, Gilberto Pedraza, Hernan Astudillo, and Eduardo B. Fernandez
5. Visual Analytics: Foundations and Experiences in Malware Analysis, Markus Wagner, Dominik Sacha, Alexander Rind, Fabian Fischer, Robert Luh, Sebastian Schrittwieser, Daniel A. Keim, and Wolfgang Aigner
6. Analysis of Metrics for Classification Accuracy in Intrusion Detection, Natalia Stakhanova and Alvaro A. Cardenas
7. The Building Security in Maturity Model as a Research Tool, Martin Gilje Jaatun
8. Agile Test Automation for Web Applications: A Security Perspective, Sandra Domenique Ringmann and Hanno Langweg
9.  Benchmark for Empirical Evaluation of Web Application Anomaly Detectors, Robert Bronte, Hossain Shahriar, and Hisham Haddad
10. Threats to Validity in Empirical Software Security Research, Daniela S. Cruzes and Lotfi ben Othmane