{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,8]],"date-time":"2026-07-08T03:24:35Z","timestamp":1783481075287,"version":"3.55.0"},"reference-count":100,"publisher":"Tech Science Press","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["CMC"],"published-print":{"date-parts":[[2025]]},"DOI":"10.32604\/cmc.2024.057587","type":"journal-article","created":{"date-parts":[[2024,12,19]],"date-time":"2024-12-19T09:13:16Z","timestamp":1734599596000},"page":"139-172","source":"Crossref","is-referenced-by-count":11,"title":["Review of Techniques for Integrating Security in Software Development Lifecycle"],"prefix":"10.32604","volume":"82","author":[{"given":"Hassan","family":"Saeed","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Imran","family":"Shafi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jamil","family":"Ahmad","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Adnan Ahmed","family":"Khan","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Tahir","family":"Khurshaid","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Imran","family":"Ashraf","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"17807","published-online":{"date-parts":[[2025]]},"reference":[{"key":"ref1","first-page":"1831","article-title":"Identification and classification of risk factors in distributed agile software development","volume":"21","author":"Khanna","year":"2022","journal-title":"J. Web Eng."},{"key":"ref2","doi-asserted-by":"crossref","first-page":"2643","DOI":"10.1016\/j.procs.2020.03.343","article-title":"Estimation of software development effort: A differential evolution approach","volume":"167","author":"Singal","year":"2020","journal-title":"Procedia Comput. Sci."},{"key":"ref3","unstructured":"H. Assal and S. Chiasson, \u201cSecurity in the software development lifecycle,\u201d presented at the Fourteenth Symp. Usable Privacy Secur. (SOUPS 2018), Baltimore, MD, USA,  Aug. 12\u201314, 2018."},{"key":"ref4","doi-asserted-by":"crossref","first-page":"58458","DOI":"10.1109\/ACCESS.2022.3178301","article-title":"Security assurance model of software development for global software development vendors","volume":"10","author":"Khan","year":"2022","journal-title":"IEEE Access"},{"key":"ref5","series-title":"Software Process Improvement and Capability Determination","first-page":"17","article-title":"DevSecOps: A multivocal literature review","volume":"770","author":"Myrbakken","year":"2017"},{"key":"ref6","doi-asserted-by":"crossref","first-page":"246","DOI":"10.3991\/ijim.v14i11.13269","article-title":"Agile software development: Methodologies and trends","volume":"14","author":"Al-Saqqa","year":"2020","journal-title":"Int. J. Interact. Mob. Technol."},{"key":"ref7","doi-asserted-by":"crossref","unstructured":"I. El Rhaffari and O. Roudi\u00e8s, \u201cBenchmarking SDL and CLASP lifecycle,\u201d presented at the 9th Int. Conf. Intell. Syst.: Theor. Appl. (SITA-14), Rabat, Morocco, May 14\u201315, 2014.","DOI":"10.1109\/SITA.2014.6847280"},{"key":"ref8","first-page":"1","article-title":"Enhancing software security through automation in the software development lifecycle","volume":"1","author":"Sharma","year":"2022","journal-title":"J. Artif. Intell. Cloud Comput."},{"key":"ref9","unstructured":"L. M. Clagett II, \u201cSecurity requirements for the prevention of modern software vulnerabilities and a process for incorporation into classic software development lifecycles,\u201d Ph.D. dissertation, Virginia Tech, Blacksburg, VA, USA, 2009."},{"key":"ref10","doi-asserted-by":"crossref","first-page":"53","DOI":"10.30574\/wjarr.2023.18.3.0944","article-title":"Theory and practice in secure software development lifecycle: A comprehensive survey","volume":"18","author":"Otieno","year":"2023","journal-title":"World J. Adv. Res. Rev."},{"key":"ref11","series-title":"Software Process Improv. Capability Determination: 17th Int. Conf., SPICE 2017","first-page":"17","article-title":"DevSecOps: A multivocal literature review","author":"Myrbakken","year":"Oct. 4\u20135, 2017"},{"key":"ref12","doi-asserted-by":"crossref","first-page":"56","DOI":"10.1109\/MS.2022.3212194","article-title":"Embracing IaC through the DevSecOps philosophy: Concepts, challenges, and a reference framework","volume":"40","author":"Alonso","year":"Feb. 2023","journal-title":"IEEE Softw."},{"key":"ref13","doi-asserted-by":"crossref","first-page":"39","DOI":"10.4018\/978-1-6684-3698-1.ch003","author":"White","year":"2022","journal-title":"Research Anthology on Business Aspects of Cybersecurity"},{"key":"ref14","doi-asserted-by":"crossref","unstructured":"K. Qian, R. M. Parizi, and D. Lo, \u201cOWASP risk analysis driven security requirements specification for secure Android mobile software development,\u201d presented at the IEEE Conf. Dependable Secure Comput. (DSC), Kaohsiung, Taiwan, Dec. 2018.","DOI":"10.1109\/DESEC.2018.8625114"},{"key":"ref15","unstructured":"OWASP Foundation, \u201cOWASP Top 10,\u201d 2021. Accessed: Dec. 04, 2024. [Online]. Available: https:\/\/owasp.org\/www-project-top-ten\/"},{"key":"ref16","doi-asserted-by":"crossref","unstructured":"M. Srivastava, A. Raghuvanshi, and D. Khandelwal, \u201cSecurity and scalability of e-commerce website by OWASP threats,\u201d presented at the 6th Int. Conf. Inf. Syst. Comput. Netw. (ISCON), Mathura, India, Nov. 2023.","DOI":"10.1109\/ISCON57294.2023.10111955"},{"key":"ref17","doi-asserted-by":"crossref","first-page":"230","DOI":"10.30574\/wjaets.2023.8.2.0101","article-title":"Security risks in the software development lifecycle: A review","volume":"8","author":"Odera","year":"2023","journal-title":"World J. Adv. Eng. Technol. Sci."},{"key":"ref18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.26483\/ijarcs.v14i2.6955","article-title":"Secure software development lifecycle: A case for adoption in software SMEs","volume":"14","author":"Umeugo","year":"2023","journal-title":"Int. J. Adv. Res. Comput. Sci."},{"key":"ref19","doi-asserted-by":"crossref","unstructured":"D. Ferdiansyah, R. Isnanto, and J. E. Suseno, \u201cOrganizational indicators on startup software for implementing secure software development lifecycle (SSDL): A systematic literature review,\u201d AIP Conf. Proc., vol. 2683, 2023, Art. no. 040001. doi: 10.1063\/5.0125388.","DOI":"10.1063\/5.0125388"},{"key":"ref20","doi-asserted-by":"crossref","unstructured":"X. Meng, K. Qian, D. Lo, P. Bhattacharya, and F. Wu, \u201cSecure mobile software development with vulnerability detectors in static code analysis,\u201d presented at the Int. Symp. Netw., Comput. Commun. (ISNCC), Rome, Italy, Jun. 2018.","DOI":"10.1109\/ISNCC.2018.8531071"},{"key":"ref21","doi-asserted-by":"crossref","unstructured":"G. Jahanavi, T. Mubeen, R. Aishwarya, and R. Yogitha, \u201cCloud computing using OWASP: Open web application security project,\u201d presented at the 7th Int. Conf. Intell. Comput. Control Syst. (ICICCS), Madurai, India, May 17\u201319, 2023.","DOI":"10.1109\/ICICCS56967.2023.10142457"},{"key":"ref22","doi-asserted-by":"crossref","unstructured":"J. Gregoire, K. Buyens, B. De Win, R. Scandariato, and W. Joosen, \u201cOn the secure software development process: CLASP and SDL compared,\u201d presented at the Third Int. Workshop Softw. Eng. Secure Syst. (SESS\u201907: ICSE Workshops 2007), Minneapolis, MN, USA, May 20\u201326, 2007.","DOI":"10.1109\/SESS.2007.7"},{"key":"ref23","author":"Howard","year":"2006","journal-title":"The Security Development Lifecycle: SDL: A Process for Developing Demonstrably More Secure Software"},{"key":"ref24","doi-asserted-by":"crossref","unstructured":"A. Mohammad, J. Alqatawna, and M. Abushariah, \u201cSecure software engineering: Evaluation of emerging trends,\u201d presented at the 8th Int. Conf. Inf. Technol. (ICIT), Amman, Jordan, May 17\u201318, 2017.","DOI":"10.1109\/ICITECH.2017.8079952"},{"key":"ref25","first-page":"1","article-title":"Secure software development: Best practices","volume":"2","author":"Fauzi","year":"2023","journal-title":"Int. J. Emerg. Multidisciplinaries Comput. Sci. Artif. Intell."},{"key":"ref26","doi-asserted-by":"crossref","unstructured":"M. Kainerstorfer, J. Sametinger, and A. Wiesauer, \u201cSoftware security for small development teams: A case study,\u201d presented at the 13th Int. Conf. Inf. Integr. Web-Based Appl. Serv., Ho Chi Minh City, Vietnam, Dec. 5\u20137, 2011.","DOI":"10.1145\/2095536.2095590"},{"key":"ref27","first-page":"45","article-title":"Changing security with every spiral","volume":"7","author":"Modi","year":"2023","journal-title":"Int. J. Sci. Res. Eng. Manage."},{"key":"ref28","doi-asserted-by":"crossref","first-page":"355","DOI":"10.1201\/9780429424878-14","author":"Roy","year":"2018","journal-title":"Computer and Cyber Security: Principles, Algorithm, Applications, and Perspectives"},{"key":"ref29","doi-asserted-by":"crossref","unstructured":"S. A. Asadollah, \u201cCyberattacks: Modeling, analysis, and mitigation,\u201d presented at the 6th Int. Conf. Comput., Software Modeling (ICCSM), Barcelona, Spain, Jul. 15\u201317, 2022.","DOI":"10.1109\/ICCSM57214.2022.00021"},{"key":"ref30","doi-asserted-by":"crossref","first-page":"662","DOI":"10.1007\/s11623-012-0222-3","article-title":"Building Security IN","volume":"36","author":"McGraw","year":"Sep. 2012","journal-title":"Datenschutz und Datensicherheit-DuD"},{"key":"ref31","unstructured":"K. Tiirik, \u201cComparison of SDL and Touchpoints,\u201d M.S. thesis, Dept. of Computer Science, Univ. of Tartu, Tartu, Estonia, 2013."},{"key":"ref32","doi-asserted-by":"crossref","first-page":"1152","DOI":"10.1016\/j.infsof.2008.01.010","article-title":"On the secure software development process: CLASP, SDL and Touchpoints compared","volume":"51","author":"De Win","year":"Jul. 2009","journal-title":"Inf. Softw. Tech."},{"key":"ref33","unstructured":"M. -G. Lee, H. Sohn, M. Baek, and J. -B. Kim, \u201cA study on secure SDLC specialized in common criteria,\u201d presented at the Int. Conf. Adv. Sci. Technol. Lett., Jeju Island, Republic of Korea, Dec. 2015."},{"key":"ref34","first-page":"1117","article-title":"Identification and integration of security activities for secure agile development","volume":"14","author":"Sharma","year":"Apr. 2022","journal-title":"Int. J. Inf. Technol."},{"key":"ref35","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1016\/j.infsof.2008.09.009","article-title":"Systematic literature reviews in software engineering-A systematic literature review","volume":"51","author":"Kitchenham","year":"Jan. 2009","journal-title":"Inf. Softw. Tech."},{"key":"ref36","doi-asserted-by":"crossref","unstructured":"C. Onwubiko, \u201cSecurity operations centre: Situation awareness, threat intelligence and cybercrime,\u201d presented at the Int. Conf. Cyber Situat. Aware., Data Analytics Assess. (Cyber SA), London, UK, Jun. 2017.","DOI":"10.1109\/CyberSA.2017.8073384"},{"key":"ref37","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2022.106908","article-title":"Successful combination of database search and snowballing for identification of primary studies in systematic literature studies","volume":"147","author":"Wohlin","year":"Mar. 2022, Art. no. 106908","journal-title":"Inf. Softw. Tech."},{"key":"ref38","first-page":"191","author":"Panda","year":"2023","journal-title":"Library Technology with New Perception"},{"key":"ref39","doi-asserted-by":"crossref","DOI":"10.1016\/j.infsof.2020.106397","article-title":"Quality assessment in systematic literature reviews: A software engineering perspective","volume":"130","author":"Yang","year":"Dec. 2021, Art. no. 106397","journal-title":"Inf. Softw. Tech."},{"key":"ref40","doi-asserted-by":"crossref","unstructured":"J. Shah and N. Kama, \u201cExtending function point analysis effort estimation method for software development phase,\u201d presented at the 7th Int. Conf. Softw. Comput. Appl., Kuantan, Malaysia, Feb. 8\u201310, 2018.","DOI":"10.1145\/3185089.3185137"},{"key":"ref41","doi-asserted-by":"crossref","first-page":"143","DOI":"10.5860\/rusq.51n2.143","article-title":"Citation tools in academic libraries: Best practices for reference and instruction","volume":"51","author":"Childress","year":"Winter 2011","journal-title":"Ref. User Serv. Q."},{"key":"ref42","first-page":"7048","article-title":"Security risks in the software development lifecycle","volume":"8","author":"Alenezi","year":"Sep. 2019","journal-title":"Int. J. Recent Technol. Eng."},{"key":"ref43","doi-asserted-by":"crossref","unstructured":"W. Wang, Q. Zeng, and A. P. Mathur, \u201cA security assurance framework combining formal verification and security functional testing,\u201d presented at the 12th Int. Conf. Qual. Softw., Xi\u2019an, China, Aug. 27\u201328, 2012.","DOI":"10.1109\/QSIC.2012.34"},{"key":"ref44","doi-asserted-by":"crossref","first-page":"508","DOI":"10.1108\/ICS-12-2018-0138","article-title":"Collaborative security risk estimation in agile software development","volume":"27","author":"T\u00f8ndel","year":"2019","journal-title":"Inf. Comput. Secur."},{"key":"ref45","doi-asserted-by":"crossref","unstructured":"S. -J. Chen, Y. -C. Pan, Y. -W. Ma, and C. -M. Chiang, \u201cThe impact of the practical security test during the software development lifecycle,\u201d presented at the 24th Int. Conf. Adv. Commun. Technol. (ICACT), Pyeongchang, Republic of Korea, Feb. 13\u201316, 2022.","DOI":"10.23919\/ICACT53585.2022.9728868"},{"key":"ref46","doi-asserted-by":"crossref","unstructured":"M. G. Stochel, \u201cReliability and accuracy of the estimation process\u2014Wideband Delphi vs. wisdom of crowds,\u201d presented at the 35th Annual Comput. Softw. Appl. Conf., Munich, Germany, Jul. 18\u201322, 2011.","DOI":"10.1109\/COMPSAC.2011.53"},{"key":"ref47","doi-asserted-by":"crossref","unstructured":"Y. Zeng, Y. Cheng, G. Xie, and R. Wang, \u201cDesign of mobile application lifecycle security management platform,\u201d presented at the Int. Conf. Comput. Netw., Electron. Autom. (ICCNEA), Xi\u2019an, China, Dec. 10\u201312, 2021.","DOI":"10.1109\/ICCNEA53019.2021.00017"},{"key":"ref48","series-title":"HCI Cybersecurity, Priv. Trust: First Int. Conf., HCI-CPT 2019, Part 21st HCI Int. Conf.","first-page":"39","article-title":"A framework of information security integrated with human factors","volume":"11594","author":"Al-Darwish","year":"Jul. 26\u201331, 2020"},{"key":"ref49","doi-asserted-by":"crossref","unstructured":"O. Kovalenko, O. Smirnov, A. Kovalenko, and S. Kavun, \u201cQuantitative risk assessment method development in the context of the SDLC-model,\u201d presented at the 8th Int. Conf. Probl. Info Commun., Sci Technol. (PIC S&T), Kharkiv, Ukraine, Oct. 5\u20138, 2021.","DOI":"10.1109\/PICST54195.2021.9772143"},{"key":"ref50","first-page":"1445","article-title":"Analysis of software effort estimation by machine learning techniques","volume":"28","author":"Nisa","year":"2023","journal-title":"Ing Syst. Inf."},{"key":"ref51","unstructured":"A. S. Farhan and G. M. Mostafa, \u201cA methodology for enhancing software security during development processes,\u201d presented at the 21st Saudi Comput. Soc. Natl. Comput. Conf. (NCC), Riyadh, Saudi Arabia, Apr. 25\u201326, 2018."},{"key":"ref52","first-page":"71","article-title":"Secure software development practice adoption model: A Delphi study","volume":"10","author":"Kanniah","year":"2018","journal-title":"J. Telecommun., Electronic Comput. Eng."},{"key":"ref53","doi-asserted-by":"crossref","unstructured":"M. Gutfleisch, M. Sch\u00f6ps, S. A. Horstmann, D. Wichmann, and M. A. Sasse, \u201cSecurity champions without support: Results from a case study with OWASP SAMM in a large-scale e-commerce enterprise,\u201d presented at the 2023 Eur. Symp. Usable Secur., Barcelona, Spain, Jun. 12\u201314, 2023.","DOI":"10.1145\/3617072.3617115"},{"key":"ref54","doi-asserted-by":"crossref","unstructured":"Z. A. Maher, H. Shaikh, M. S. Khan, A. Arbaaeen, and A. Shah, \u201cFactors affecting secure software development practices among developers\u2014An investigation,\u201d presented at the 5th Int. Conf. Eng. Technol. Appl. Sci. (ICETAS), Bangkok, Thailand, Nov. 22\u201323, 2018.","DOI":"10.1109\/ICETAS.2018.8629168"},{"key":"ref55","doi-asserted-by":"crossref","unstructured":"M. Alhamed and T. Storer, \u201cPlaying planning poker in crowds: Human computation of software effort estimates,\u201d presented at the IEEE\/ACM 43rd Int. Conf. Softw. Eng. (ICSE), Madrid, Spain, May 25\u201328, 2021.","DOI":"10.1109\/ICSE43902.2021.00014"},{"key":"ref56","doi-asserted-by":"crossref","unstructured":"N. Ziems and S. Wu, \u201cSecurity vulnerability detection using deep learning natural language processing,\u201d presented at the IEEE INFOCOM 2021-IEEE Conf. Comput. Commun. Workshops (INFOCOM WKSHPS), Vancouver, BC, Canada, May 10\u201313, 2021.","DOI":"10.1109\/INFOCOMWKSHPS51825.2021.9484500"},{"key":"ref57","doi-asserted-by":"crossref","unstructured":"P. Kadebu, V. Thada, and P. Chiurunge, \u201cNatural language processing and deep learning towards security requirements classification,\u201d presented at the 3rd Int. Conf. Contemp. Comput. Inform. (IC3I), Gurgaon, India, Dec. 27\u201329, 2018.","DOI":"10.1109\/IC3I44769.2018.9007300"},{"key":"ref58","unstructured":"C. A. Cois and R. Kazman, \u201cNatural language processing to quantify security effort in the software development lifecycle,\u201d presented at the Int. Conf. Softw. Eng. Knowl. Eng. (SEKE), Pittsburgh, PA, USA, Jul. 6\u20138, 2015."},{"key":"ref59","first-page":"1","article-title":"Automatically detect software security vulnerabilities based on natural language processing techniques and machine learning algorithms","volume":"16","author":"Do Xuan","year":"2022","journal-title":"J. ICT Res. Appl."},{"key":"ref60","doi-asserted-by":"crossref","unstructured":"K. Singh, S. S. Grover, and R. K. Kumar, \u201cCyber security vulnerability detection using natural language processing,\u201d presented at the IEEE World AI IoT Congr. (AIIoT), Seattle, WA, USA, May 5\u20139, 2022.","DOI":"10.1109\/AIIoT54504.2022.9817336"},{"key":"ref61","doi-asserted-by":"crossref","unstructured":"M. Wang, L. Xu, and L. Guo, \u201cAnomaly detection of software system logs based on natural language processing,\u201d presented at the Int. Conf. Image Video Process. Artif. Intell., Honolulu, HI, USA, Jul. 12\u201315, 2018, vol. 10836.","DOI":"10.1117\/12.2513857"},{"key":"ref62","doi-asserted-by":"crossref","first-page":"2641","DOI":"10.1007\/s12652-024-04778-y","article-title":"Software security with natural language processing and vulnerability scoring using machine learning approach","volume":"15","author":"Verma","year":"2024","journal-title":"J. Ambient Intell. Humaniz. Comput."},{"key":"ref63","article-title":"Natural language processing: Security-and defense-related lessons learned","author":"Marcellino","year":"2020","journal-title":"RAND Corporation"},{"key":"ref64","first-page":"243","article-title":"Systematic review of software risk assessment and estimation models","volume":"1","author":"Khan","year":"Nov. 2012","journal-title":"Int. J. Eng. Adv. Technol."},{"key":"ref65","doi-asserted-by":"crossref","unstructured":"I. A. T\u00f8ndel, M. G. Jaatun, D. Cruzes, and T. D. Oyetoyan, \u201cUnderstanding challenges to adoption of the protection poker software security game,\u201d presented at the ESORICS 2018 Int. Workshops, Barcelona, Spain, Sep. 6\u20137, 2018.","DOI":"10.1007\/978-3-030-12786-2_10"},{"key":"ref66","unstructured":"A. Olmsted, \u201cSecure software development\u2014Models, tools, architectures and algorithms,\u201d presented at the 11th Int. Conf. Emerg. Secur. Inf., Syst. Technol. (SECURWARE), Barcelona, Spain, Oct. 23\u201327, 2017."},{"key":"ref67","doi-asserted-by":"crossref","unstructured":"M. G. Jaatun and I. A. T\u00f8ndel, \u201cPlaying protection poker for practical software security,\u201d presented at the Product-Focused Softw. Process Improv.: 17th Int. Conf., PROFES 2016, Trondheim, Norway, Nov. 22\u201324, 2016.","DOI":"10.1007\/978-3-319-49094-6_55"},{"key":"ref68","doi-asserted-by":"crossref","unstructured":"H. Rygge and A. J\u00f8sang, \u201cThreat poker: Solving security and privacy threats in agile software development,\u201d presented at the 23rd Nordic Conf. Secure IT Systems (NordSec 2018), Oslo, Norway, Nov. 28\u201330, 2018, pp. 468\u2013483.","DOI":"10.1007\/978-3-030-03638-6_29"},{"key":"ref69","doi-asserted-by":"crossref","DOI":"10.1016\/j.heliyon.2020.e03161","article-title":"The consistency analysis of failure mode and effect analysis (FMEA) in information technology risk assessment","volume":"6","author":"Subriadi","year":"Jan. 2020, Art. no. e03153","journal-title":"Heliyon"},{"key":"ref70","doi-asserted-by":"crossref","unstructured":"M. Da Silva, M. Puys, P. -H. Thevenon, S. Mocanu, and N. Nkawa, \u201cAutomated ICS template for STRIDE Microsoft threat modeling tool,\u201d presented at the 18th Int. Conf. Availab., Reliab. Secur. (ARES), Benevento, Italy, Aug. 28\u201330, 2023.","DOI":"10.1145\/3600160.3605068"},{"key":"ref71","doi-asserted-by":"crossref","DOI":"10.3390\/s22176662","article-title":"Modeling threats to AI-ML systems using STRIDE","volume":"22","author":"Mauri","year":"Aug. 2022, Art. no. 6662","journal-title":"Sensors"},{"key":"ref72","first-page":"45","article-title":"Recommendation of machine learning techniques for software effort estimation using multi-criteria decision making","volume":"30","author":"Kumar","year":"2024","journal-title":"J. Univers. Comput. Sci."},{"key":"ref73","first-page":"173","article-title":"A case study research on software cost estimation using experts\u2019 estimates, wideband Delphi, and planning poker technique","volume":"8","author":"Gandomani","year":"Nov. 2014","journal-title":"Int. J. Softw. Eng. Appl."},{"key":"ref74","unstructured":"W. S. Ismail, \u201cThreat detection and response using AI and NLP in cybersecurity,\u201d presented at the 2020 Int. Conf. Cybersecurity Priv., New York, NY, USA, Jul. 22\u201325, 2020."},{"key":"ref75","doi-asserted-by":"crossref","DOI":"10.1186\/s40537-024-00957-y","article-title":"Advancing cybersecurity: A comprehensive review of AI-driven detection techniques","volume":"11","author":"Salem","year":"Jan. 2024, Art. no. 105","journal-title":"J. Big Data"},{"key":"ref76","doi-asserted-by":"crossref","DOI":"10.1007\/s42452-020-03559-4","article-title":"Artificial intelligence and machine learning in dynamic cyber risk analytics at the edge","volume":"2","author":"Radanliev","year":"Apr. 2020, Art. no. 1773","journal-title":"SN Appl. Sci."},{"key":"ref77","doi-asserted-by":"crossref","DOI":"10.3390\/s23020651","article-title":"A machine learning approach for the NLP-based analysis of cyber threats and vulnerabilities of the healthcare ecosystem","volume":"23","author":"Silvestri","year":"Jan. 2023, Art. no. 651","journal-title":"Sensors"},{"key":"ref78","doi-asserted-by":"crossref","first-page":"853","DOI":"10.3390\/jcp4040040","article-title":"A comprehensive review and assessment of cybersecuri vulnerability detection methodologies","volume":"4","author":"Bennouk","year":"Dec. 2024","journal-title":"J. Cybersecuri Priv."},{"key":"ref79","doi-asserted-by":"crossref","unstructured":"A. A. Ardo, J. M. Bass, and T. Gaber, \u201cTowards secure agile software development process: A practice-based model,\u201d presented at the 48th Euromicro Conf. Softw. Eng. Adv. Appl. (SEAA), Porto, Portugal, Sep. 2\u20135, 2022. doi: 10.1109\/SEAA56994.2022.00031.","DOI":"10.1109\/SEAA56994.2022.00031"},{"key":"ref80","doi-asserted-by":"crossref","first-page":"737","DOI":"10.1007\/s10586-023-03979-y","article-title":"Software effort estimation modeling and fully connected artificial neural network optimization using soft computing techniques","volume":"27","author":"Kassaymeh","year":"Feb. 2024","journal-title":"Cluster Comput."},{"key":"ref81","doi-asserted-by":"crossref","unstructured":"S. Bilgaiyan, S. Mishra, and M. Das, \u201cA review of software cost estimation in agile software development using soft computing techniques,\u201d presented at the 2nd Int. Conf. Comput. Intell. Netw. (CINE), Bhubaneswar, India, Jan. 23\u201324, 2016. doi: 10.1109\/CINE.2016.27.","DOI":"10.1109\/CINE.2016.27"},{"key":"ref82","unstructured":"W. G. Johnson and C. L. Cheng, \u201cA survey of software effort estimation techniques using machine learning research-oriented,\u201d presented at the 10th Int. Conf. Predictive Models Softw. Eng., Denver, CO, USA, Sep. 19\u201320, 2017."},{"key":"ref83","doi-asserted-by":"crossref","unstructured":"P. Brar and D. Nandal, \u201cA systematic literature review of machine learning techniques for software effort estimation models,\u201d presented at the Fifth Int. Conf. Comput. Intell. Commun. Technol. (CCICT), Ghaziabad, India, Feb. 25\u201326, 2022, pp. 494\u2013499.","DOI":"10.1109\/CCiCT56684.2022.00093"},{"key":"ref84","first-page":"867","article-title":"A survey on software estimation techniques in traditional and agile development models","volume":"7","author":"Prakash","year":"Mar. 2017","journal-title":"Indones. J. Electr. Eng. Comput. Sci."},{"key":"ref85","doi-asserted-by":"crossref","unstructured":"F. B. Ahmad and L. M. Ibrahim, \u201cSoftware development effort estimation techniques using long short-term memory,\u201d presented at the Int. Conf. Comput. Sci. Softw. Eng. (CSASE), Duhok, Iraq, Apr. 12\u201313, 2022.","DOI":"10.1109\/CSASE51777.2022.9759751"},{"key":"ref86","doi-asserted-by":"crossref","DOI":"10.7717\/peerj-cs.739","article-title":"Software defect prediction using hybrid model (CBIL) of convolutional neural network (CNN) and bidirectional long short-term memory (Bi-LSTM)","volume":"7","author":"Farid","year":"Dec. 2021, Art. no. e739","journal-title":"PeerJ Comput. Sci."},{"key":"ref87","first-page":"123","article-title":"An improving long short-term memory-grid search-based deep learning neural network for software effort estimation","volume":"16","author":"Marco","year":"Aug. 2023","journal-title":"Int. J. Intell. Eng. Syst."},{"key":"ref88","doi-asserted-by":"crossref","unstructured":"N. Rankovic and D. Rankovic, \u201cPower of LSTM and SHAP in the use case point approach for software effort and cost estimation,\u201d presented at the IEEE 22nd World Symp. Appl. Mach. Intell. Inform. (SAMI), Her\u013eany, Slovakia, Jan. 24\u201326, 2024. doi: 10.1109\/SAMI60510.2024.10432878.","DOI":"10.1109\/SAMI60510.2024.10432878"},{"key":"ref89","doi-asserted-by":"crossref","DOI":"10.3390\/electronics10020168","article-title":"Empirical assessment of machine learning techniques for software requirements risk prediction","volume":"10","author":"Naseem","year":"Jan. 2021, Art. no. 168","journal-title":"Electronics"},{"key":"ref90","article-title":"A deep learning method to mitigate the impact of subjective factors in risk estimation for machinery safety","volume":"14","author":"Zhu","year":"Jun. 2024, Art. no. 4519","journal-title":"Appl. Sci."},{"key":"ref91","doi-asserted-by":"crossref","unstructured":"M. Awais and A. A. Malik, \u201cA comparative analysis of popular software effort estimation techniques,\u201d presented at the Int. Conf. IT Ind. Technol. (ICIT), Karachi, Pakistan, Mar. 12\u201314, 2023.","DOI":"10.1109\/ICIT59216.2023.10335868"},{"key":"ref92","doi-asserted-by":"crossref","first-page":"6855","DOI":"10.1080\/03772063.2022.2027282","article-title":"An optimized neuro-fuzzy network for software project effort estimation","volume":"69","author":"Sharma","year":"Oct. 2023","journal-title":"IETE J. Res."},{"key":"ref93","doi-asserted-by":"crossref","first-page":"80","DOI":"10.33899\/edusj.2022.132274.1201","article-title":"Software development effort estimation techniques: A survey","volume":"31","author":"Alhamdany","year":"Feb. 2022","journal-title":"J. Educ. Sci."},{"key":"ref94","doi-asserted-by":"crossref","unstructured":"A. Kialbekov, \u201cEmpirical study on commonly used combinations of estimation techniques in software development planning,\u201d presented at the Euro. Symp. Softw. Eng. (ESSE 2020), Cambridge, UK, Nov. 5\u20136, 2020.","DOI":"10.1145\/3393822.3432328"},{"key":"ref95","doi-asserted-by":"crossref","unstructured":"V. Chahar and P. K. Bhatia, \u201cUnveiling the art of software testing effort estimation: An in-depth study of current techniques and their analysis,\u201d presented at the Int. Conf. Adv. Comput. Commun. Technol. (ICACCTech), Dehradun, India, Jan. 15\u201317, 2023.","DOI":"10.1109\/ICACCTech61146.2023.00018"},{"key":"ref96","doi-asserted-by":"crossref","unstructured":"J. Lande, N. Tejaswini, H. M. Al-Jawahry, P. Lekshmy, and M. Sridevi, \u201cAutomatic software vulnerability analysis through a multi-head attention and long short-term memory approach,\u201d presented at the Int. Conf. Integr. Circuits Commun. Syst. (ICICACS), Hyderabad, India, Mar. 6\u20138, 2024.","DOI":"10.1109\/ICICACS60521.2024.10499176"},{"key":"ref97","doi-asserted-by":"crossref","unstructured":"M. A. Mateen and A. A. Malik, \u201cA comparative study of the accuracy and efficiency of wideband Delphi and planning poker software effort estimation techniques,\u201d presented at the Int. Conf. IT Ind. Technol. (ICIT), Karachi, Pakistan, Mar. 12\u201314, 2023.","DOI":"10.1109\/ICIT59216.2023.10335782"},{"key":"ref98","unstructured":"F. Calefato and F. Lanubile, \u201cA planning poker tool for supporting collaborative estimation in distributed agile development,\u201d presented at the 6th Int. Conf. Softw. Eng. Adv. (ICSEA), Barcelona, Spain, Oct. 23\u201328, 2011."},{"key":"ref99","doi-asserted-by":"crossref","unstructured":"F. Osses, G. M\u00e1rquez, C. Orellana, and H. Astudillo, \u201cTowards the selection of security tactics based on non-functional requirements: Security tactic planning poker,\u201d presented at the 36th Int. Conf. Chil. Comput. Sci. Soc. (SCCC), Arica, Chile, Oct. 16\u201320, 2017, pp. 1\u20138. doi: 10.1109\/SCCC.2017.8405144.","DOI":"10.1109\/SCCC.2017.8405144"},{"key":"ref100","first-page":"86","article-title":"Software effort estimation using machine learning techniques","volume":"15","author":"Resmi","year":"2023","journal-title":"SAMRIDDHI: J Phys. Sci. Eng. Technol."}],"container-title":["Computers, Materials &amp; Continua"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/file.techscience.com\/files\/cmc\/2025\/TSP_CMC-82-1\/TSP_CMC_57587\/TSP_CMC_57587.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,7]],"date-time":"2025-03-07T07:01:41Z","timestamp":1741330901000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.techscience.com\/cmc\/v82n1\/59230"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"references-count":100,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2025]]},"published-print":{"date-parts":[[2025]]}},"URL":"https:\/\/doi.org\/10.32604\/cmc.2024.057587","relation":{},"ISSN":["1546-2226"],"issn-type":[{"value":"1546-2226","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]}}}