Title: AI-Driven Security Requirements Elicitation
Presented By: Sugandha Malviya - Assistant Professor of Computer Science
When: Wednesday, April 17, 2024
Time: 3:00 -3:50 pm
Where: Robert Bell, room 353 (Game Design Studio)
Abstract: Security requirements are essential for defining the security needs of software systems, yet eliciting these requirements is often complex due to their technical and context-specific nature. The traditional security requirement elicitation processes are typically manual, time-consuming, and prone to errors, leading to a strong motivation to automate this process.
I will discuss how artificial intelligence (AI), particularly machine learning (ML), natural language processing (NLP), and large language models (LLMs), are currently being utilized to enhance the requirements elicitation process. These technologies have shown significant promise in understanding and processing complex language data, thus providing a foundation for automating the elicitation process. Additionally, I will introduce proposed solutions that utilize LLMs to identify and address misuse cases, a critical aspect of security that focuses on anticipating and mitigating potential malicious uses of software systems. These solutions aim to streamline the elicitation process and enhance the robustness and security of software systems by effectively integrating advanced AI techniques.
Bio: Dr. Sugandha Malviya is an Assistant Professor of Computer Science with more than a decade of experience in research and teaching. She earned her Ph.D. in Computer and Information Sciences from DePaul University, Chicago. Her dissertation focuses on the visual representation of traceability queries, emphasizing the domain of questions for Requirements Engineering. She earned her M.E. in Computer Science and Engineering and B.E. in Information Technology from universities in India.
Her research interests include topics in Software Engineering, Databases, and Machine Learning. She is the author or co-author of several papers published in top software and requirements engineering conferences, workshops, and journals, including REJ, ESEC/FSE, ASE, RE, and REFSQ.
Light refreshments will be served