Volume 10 Number 4 (Apr. 2015)
Home > Archive > 2015 > Volume 10 Number 4 (Apr. 2015) >
JSW 2015 Vol.10(4): 491-498 ISSN: 1796-217X
doi: 10.17706/jsw.10.4.491-498

Developing Abuse Cases Based on Threat Modeling and Attack Patterns

Xiaohong Yuan*, Emmanuel Borkor Nuakoh, Imano Williams, Huiming Yu
Department of Computer Science, North Carolina A&T State University, 1601 East Market St., Greensboro, North Carolina, USA.

Abstract—Developing abuse cases help software engineers to think from the perspective of attackers, and therefore allow them to decide and document how the software should react to illegitimate use. This paper describes a method for developing abuse cases based on threat modeling and attack patterns. First potential threats are analyzed by following Microsoft’s threat modeling process. Based on the identified threats, initial abuse cases are generated. Attack pattern library is searched and attack patterns relevant to the abuse cases are retrieved. The information retrieved from the attack patterns are used to extend the initial abuse cases and suggest mitigation method. Such a method has the potential to assist software engineers without high expertise in computer security to develop meaningful and useful abuse cases, and therefore reduce the security vulnerabilities in the software systems they develop.

Index Terms—Abuse case, threat modeling, attack patterns, secure software development.

[PDF]

Cite: Xiaohong Yuan, Emmanuel Borkor Nuakoh, Imano Williams, Huiming Yu, "Developing Abuse Cases Based on Threat Modeling and Attack Patterns," Journal of Software vol. 10, no. 4, pp. 491-498, 2015.

General Information

ISSN: 1796-217X (Online)
Frequency:  Bimonthly (Since 2020)
Editor-in-Chief: Prof. Antanas Verikas
Executive Editor: Ms. Yoyo Y. Zhou
Abstracting/ Indexing: DBLP, EBSCO, Google Scholar, ProQuest, INSPEC(IET), ULRICH's Periodicals Directory, WorldCat, etc
E-mail: jsw@iap.org
  • Apr 26, 2021 News!

    Vol 14, No 4- Vol 14, No 12 has been indexed by IET-(Inspec)     [Click]

  • Jun 22, 2020 News!

    Papers published in JSW Vol 14, No 1- Vol 15 No 4 have been indexed by DBLP     [Click]

  • Sep 13, 2021 News!

    The papers published in Vol 16, No 6 have all received dois from Crossref    [Click]

  • Jan 28, 2021 News!

    [CFP] 2021 the annual meeting of JSW Editorial Board, ICCSM 2021, will be held in Rome, Italy, July 21-23, 2021   [Click]

  • Sep 13, 2021 News!

    Vol 16, No 6 has been published with online version     [Click]