TRABALHOS DE FIM DE CURSO @PUC-Rio
| Título: | EVALUATING THE POTENTIAL OF LARGE LANGUAGE MODELS IN SECURITY RELATED SOFTWARE REQUIREMENTS CLASSIFICATION | ||||||||||||
| Autor(es): |
MURILO DE SA MARTIN |
||||||||||||
| Colaborador(es): |
JULIANA ALVES PEREIRA - Orientador |
||||||||||||
| Catalogação: | 28/ABR/2025 | Língua(s): | ENGLISH - UNITED STATES |
||||||||||
| Tipo: | TEXT | Subtipo: | SENIOR PROJECT | ||||||||||
| Notas: |
[pt] Todos os dados constantes dos documentos são de inteira responsabilidade de seus autores. Os dados utilizados nas descrições dos documentos estão em conformidade com os sistemas da administração da PUC-Rio. [en] All data contained in the documents are the sole responsibility of the authors. The data used in the descriptions of the documents are in conformity with the systems of the administration of PUC-Rio. |
||||||||||||
| Referência(s): |
[pt] https://www.maxwell.vrac.puc-rio.br/projetosEspeciais/TFCs/consultas/conteudo.php?strSecao=resultado&nrSeq=70140@1 [en] https://www.maxwell.vrac.puc-rio.br/projetosEspeciais/TFCs/consultas/conteudo.php?strSecao=resultado&nrSeq=70140@2 |
||||||||||||
| DOI: | https://doi.org/10.17771/PUCRio.acad.70140 | ||||||||||||
| Resumo: | |||||||||||||
|
Effective classification of security-related software requirements is essential for mitigating potential threats and ensuring robust system design. This study investigates the accuracy of large language models (LLMs) in classifying security-related requirements compared to traditional machine learning (ML) methods. Using the SecReq and PROMISE_exp datasets, we
evaluated nine LLMs across various prompt engineering strategies. The results demonstrate that LLMs achieve high accuracy and outperform traditional ML models in several evaluation scenarios and that prompt engineering can significantly enhance the model’s ability to identify security-related requirements. This work underscores the domain-generalization capabilities of LLMs and their potential to streamline requirements classification without the complexity of feature engineering or dataset-specific fine-tuning often required by ML approaches. Researchers, practitioners, and tool developers can leverage these findings to advance automated approaches in security requirements engineering.
|
|||||||||||||
|
|||||||||||||