Volume 10 Number 4 (Apr. 2015)
Home > Archive > 2015 > Volume 10 Number 4 (Apr. 2015) >
JSW 2015 Vol.10(4): 491-498 ISSN: 1796-217X
doi: 10.17706/jsw.10.4.491-498

Developing Abuse Cases Based on Threat Modeling and Attack Patterns

Xiaohong Yuan*, Emmanuel Borkor Nuakoh, Imano Williams, Huiming Yu
Department of Computer Science, North Carolina A&T State University, 1601 East Market St., Greensboro, North Carolina, USA.

Abstract—Developing abuse cases help software engineers to think from the perspective of attackers, and therefore allow them to decide and document how the software should react to illegitimate use. This paper describes a method for developing abuse cases based on threat modeling and attack patterns. First potential threats are analyzed by following Microsoft’s threat modeling process. Based on the identified threats, initial abuse cases are generated. Attack pattern library is searched and attack patterns relevant to the abuse cases are retrieved. The information retrieved from the attack patterns are used to extend the initial abuse cases and suggest mitigation method. Such a method has the potential to assist software engineers without high expertise in computer security to develop meaningful and useful abuse cases, and therefore reduce the security vulnerabilities in the software systems they develop.

Index Terms—Abuse case, threat modeling, attack patterns, secure software development.

[PDF]

Cite: Xiaohong Yuan, Emmanuel Borkor Nuakoh, Imano Williams, Huiming Yu, "Developing Abuse Cases Based on Threat Modeling and Attack Patterns," Journal of Software vol. 10, no. 4, pp. 491-498, 2015.

General Information

ISSN: 1796-217X (Online)
Frequency: Monthly (2006-2019); Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC, ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Dec 06, 2019 News!

    Vol 14, No 1- Vol 14, No 4 has been indexed by EI (Inspec)   [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Sep 30, 2020 News!

    The papers published in Vol 15, No 6 have all received dois from Crossref   [Click]

  • Aug 01, 2018 News!

    [CFP] 2020 the annual meeting of JSW Editorial Board, ICCSM 2020, will be held in Rome, Italy, July 17-19, 2020   [Click]

  • Sep 30, 2020 News!

    Vol 15, No 6 has been published with online version     [Click]