Cover Image

Catalogue-based guideline for misuse case

Misuse case is one of the security requirement elicitation techniques that are easy to use and learn. Unfortunately, the current guideline provided is too general. The process of identifying the misuse case and threats is open for the analyst's interpretation. Lack of knowledge in security thre...

Full description

Saved in:
Bibliographic Details
Main Authors: Khairuddin, Muhammad Asyraf, Abd Ghani, Abdul Azim, Zulzalil, Hazura, Hassan, Saadah
Format: Article
Published: Little Lion Scientific 2022
Online Access:http://psasir.upm.edu.my/id/eprint/100635/
http://www.jatit.org/volumes/onehundred01.php
Tags: Add Tag
No Tags, Be the first to tag this record!
id my.upm.eprints.100635
record_format eprints
spelling my.upm.eprints.1006352023-09-21T06:58:46Z http://psasir.upm.edu.my/id/eprint/100635/ Catalogue-based guideline for misuse case Khairuddin, Muhammad Asyraf Abd Ghani, Abdul Azim Zulzalil, Hazura Hassan, Saadah Misuse case is one of the security requirement elicitation techniques that are easy to use and learn. Unfortunately, the current guideline provided is too general. The process of identifying the misuse case and threats is open for the analyst's interpretation. Lack of knowledge in security threats also can make it worse. These problems can lead to analysis paralysis situation. In this paper, we proposed a catalogue-based guideline to support misuse case techniques to elicit security requirements. This guideline consists of two catalogues used to assist software developers in identifying attacks and threats from a misuse case diagram. We experimented with selected students to evaluate the effectiveness of the guideline in identifying threats and types of threats. We also evaluated the usability of the guideline by conducting experts reviews. Experiment's result shows sufficient evidence that using the misuse case with the proposed catalogue-based guideline is more effective in identifying threats and types of threats than using the misuse case without a guideline. Expert review's result also shows that the catalogue-based guideline is more usable in identifying threats than without using the guideline. Little Lion Scientific 2022-01 Article PeerReviewed Khairuddin, Muhammad Asyraf and Abd Ghani, Abdul Azim and Zulzalil, Hazura and Hassan, Saadah (2022) Catalogue-based guideline for misuse case. Journal of Theoretical and Applied Information Technology, 100 (1). 38 - 51. ISSN 1992-8645; ESSN: 1817-3195 http://www.jatit.org/volumes/onehundred01.php
institution Universiti Putra Malaysia
building UPM Library
collection Institutional Repository
continent Asia
country Malaysia
content_provider Universiti Putra Malaysia
content_source UPM Institutional Repository
url_provider http://psasir.upm.edu.my/
description Misuse case is one of the security requirement elicitation techniques that are easy to use and learn. Unfortunately, the current guideline provided is too general. The process of identifying the misuse case and threats is open for the analyst's interpretation. Lack of knowledge in security threats also can make it worse. These problems can lead to analysis paralysis situation. In this paper, we proposed a catalogue-based guideline to support misuse case techniques to elicit security requirements. This guideline consists of two catalogues used to assist software developers in identifying attacks and threats from a misuse case diagram. We experimented with selected students to evaluate the effectiveness of the guideline in identifying threats and types of threats. We also evaluated the usability of the guideline by conducting experts reviews. Experiment's result shows sufficient evidence that using the misuse case with the proposed catalogue-based guideline is more effective in identifying threats and types of threats than using the misuse case without a guideline. Expert review's result also shows that the catalogue-based guideline is more usable in identifying threats than without using the guideline.
format Article
author Khairuddin, Muhammad Asyraf
Abd Ghani, Abdul Azim
Zulzalil, Hazura
Hassan, Saadah
spellingShingle Khairuddin, Muhammad Asyraf
Abd Ghani, Abdul Azim
Zulzalil, Hazura
Hassan, Saadah
Catalogue-based guideline for misuse case
author_facet Khairuddin, Muhammad Asyraf
Abd Ghani, Abdul Azim
Zulzalil, Hazura
Hassan, Saadah
author_sort Khairuddin, Muhammad Asyraf
title Catalogue-based guideline for misuse case
title_short Catalogue-based guideline for misuse case
title_full Catalogue-based guideline for misuse case
title_fullStr Catalogue-based guideline for misuse case
title_full_unstemmed Catalogue-based guideline for misuse case
title_sort catalogue-based guideline for misuse case
publisher Little Lion Scientific
publishDate 2022
url http://psasir.upm.edu.my/id/eprint/100635/
http://www.jatit.org/volumes/onehundred01.php
_version_ 1781706677545861120
score 13.160551

Similar Items