Despite the reported attacks on critical systems, operational techniques such as malware analysis are not used to inform early lifecycle activities, such as security requirements engineering. In our CERT research, it was thought that malware analysis reports (Found in databases such as Rapid 7), could be used to identify misuse cases that pointed towards overlooked security requirements. If such requirements could be identified, they could be incorporated into future systems that were similar to those that were successfully attacked. A process was defined, and then CMU Master of Software Engineering project was sponsored to develop a tool. The hope was that the malware report databases were amenable to automated processing, and that they would point to flaws such as those documented in the CWE and CAPEC databases. It turned out to not be so simple. This talk will describe our initial research results, and the research remaining to be done. A second team of CMU graduate students is continuing to assist in the research and tool development. Their progress as of the time of the conference will also be discussed.
The Joint Task Force on Cybersecurity Education (JTF) was launched in September 2015 with the purpose of developing comprehensive curricular guidance in cybersecurity education that will support future program development and associated educational efforts. The JTF is a collaboration between major international computing societies: Association for Computing Machinery (ACM), IEEE Computer Society (IEEE CS), Association for Information Systems Special Interest Group on Security (AIS SIGSEC), and International Federation for Information Processing Technical Committee on Information Security Education (IFIP WG 11.8).