Business Faculty Publications
Title
Crowd Sourcing the Creation of Personae Non Gratae for Requirements-Phase Threat Modeling
Document Type
Conference Proceeding
Publication Date
2017
Publication Title
2017 IEEE 25th International Requirements Engineering Conference
Keywords
security, online banking, drones, requirements engineering, merging, conferences, software systems, threat modeling
Disciplines
Business | Management Information Systems
Abstract
Security threats should be identified in the early phases of a project so that design solutions can be explored and mitigating requirements specified. In this paper, we present a crowd-sourcing approach for creating Personae non Gratae (PnGs), which model attack goals and techniques of unwanted, potentially malicious users. We present a proof of concept study that takes a diverse collection of potentially redundant PnGs and merges them into a single set. Our approach combines machine learning techniques and visualization. It is illustrated and evaluated using a collection of PnGs collected from undergraduate students for a drone-based rescue scenario. Lessons learned from the proof of concept study are discussed and lay the foundations for future work.
Recommended Citation
Spears, Janine, "Crowd Sourcing the Creation of Personae Non Gratae for Requirements-Phase Threat Modeling" (2017). Business Faculty Publications. 277.
https://engagedscholarship.csuohio.edu/bus_facpub/277
DOI
10.1109/RE.2017.63
