Full Program
Summary:
This project compares three methodologies for recommending relevant attack patterns: topic modeling, text embedding with OpenAI's GPT-4o-mini model, and prompting with the same model. These methods are evaluated based on the relevance of the recommended attack patterns to the software requirement specification project being tested. The CAPEC description and the prerequisites for each attack as criteria. A publicly available SRS will be used to evaluate these three methods. The results showed that the prompting method was the best-performing method for recommending attack patterns.Author(s):
Uriah Moore
United States
Xiaohong Yuan
United States
Hamidreza Moradi
United States