Using Malware Analysis to Identify Overlooked Security Requirements
• Presentation
This presentation describes initial research conducted by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws
Publisher
Software Engineering Institute
Abstract
This presentation describes initial research by CERT and Carnegie Mellon to determine if malware report databases were amenable to automated processing to identify flaws such as those documented in the Common Weakness Enumeration (CWE) and Common Attack Pattern Enumeration and Classification (CAPEC) databases.
Part of a Collection
Software Solutions Symposium 2017 - Presentations
This content was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.