探索生成式人工智能在软件开发生命周期中增强网络安全的作用

IF 4.5 Q2 COMPUTER SCIENCE, THEORY & METHODS
Array Pub Date : 2025-09-09 DOI:10.1016/j.array.2025.100509
Hussein A. Al-Hashimi , Rafiq Ahmad Khan , Hathal S. Alwageed , Asaad M. Algarni , Sarra Ayouni , Alaa Omran Almagrabi
{"title":"探索生成式人工智能在软件开发生命周期中增强网络安全的作用","authors":"Hussein A. Al-Hashimi ,&nbsp;Rafiq Ahmad Khan ,&nbsp;Hathal S. Alwageed ,&nbsp;Asaad M. Algarni ,&nbsp;Sarra Ayouni ,&nbsp;Alaa Omran Almagrabi","doi":"10.1016/j.array.2025.100509","DOIUrl":null,"url":null,"abstract":"<div><h3>Context</h3><div>The rapid integration of Generative AI (GenAI) technologies in various sectors has introduced new opportunities and challenges. One of the areas where GenAI is gaining prominence is cybersecurity, particularly within the Software Development Life Cycle (SDLC). As cyber threats evolve, there is a growing need to explore innovative solutions to mitigate vulnerabilities during software development.</div></div><div><h3>Objectives</h3><div>This study investigates the role of GenAI in enhancing cybersecurity in the SDLC. It examines current security practices, recent advancements in AI-driven security solutions, and the potential of GenAI to strengthen threat detection, vulnerability management, and risk mitigation. Additionally, the research identifies key opportunities and challenges associated with integrating GenAI into SDLC processes, highlighting its implications for secure software development and future industry practices.</div></div><div><h3>Methods</h3><div>This research employs a mixed-methods approach to investigate the role of GenAI in cybersecurity. Specifically, it combines a Systematic Literature Review (SLR) with questionnaire-based data collection targeting software development and cyber defense experts. The SLR aims to identify prevailing themes and gaps, while the questionnaire gathers insights from IT professionals about their experiences and perspectives on GenAI systems.</div></div><div><h3>Results</h3><div>Our research shows that GenAI technology enhances SDLC security by supporting development through vulnerability detection, threat modeling, secure coding practices, and incident response. However, our review shows that AI adoption introduces ethical risks alongside reliability issues with AI-created results and challenges to integrate it into standard development methods.</div></div><div><h3>Conclusion</h3><div>The integration of GenAI into the SDLC offers significant potential for enhancing cybersecurity. While challenges such as algorithm transparency and the need for skilled professionals remain, the benefits of AI in proactive threat detection and response make it a promising tool for future cybersecurity strategies in software development.</div></div>","PeriodicalId":8417,"journal":{"name":"Array","volume":"28 ","pages":"Article 100509"},"PeriodicalIF":4.5000,"publicationDate":"2025-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Exploring the role of generative AI in enhancing cybersecurity in software development life cycle\",\"authors\":\"Hussein A. Al-Hashimi ,&nbsp;Rafiq Ahmad Khan ,&nbsp;Hathal S. Alwageed ,&nbsp;Asaad M. Algarni ,&nbsp;Sarra Ayouni ,&nbsp;Alaa Omran Almagrabi\",\"doi\":\"10.1016/j.array.2025.100509\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><h3>Context</h3><div>The rapid integration of Generative AI (GenAI) technologies in various sectors has introduced new opportunities and challenges. One of the areas where GenAI is gaining prominence is cybersecurity, particularly within the Software Development Life Cycle (SDLC). As cyber threats evolve, there is a growing need to explore innovative solutions to mitigate vulnerabilities during software development.</div></div><div><h3>Objectives</h3><div>This study investigates the role of GenAI in enhancing cybersecurity in the SDLC. It examines current security practices, recent advancements in AI-driven security solutions, and the potential of GenAI to strengthen threat detection, vulnerability management, and risk mitigation. Additionally, the research identifies key opportunities and challenges associated with integrating GenAI into SDLC processes, highlighting its implications for secure software development and future industry practices.</div></div><div><h3>Methods</h3><div>This research employs a mixed-methods approach to investigate the role of GenAI in cybersecurity. Specifically, it combines a Systematic Literature Review (SLR) with questionnaire-based data collection targeting software development and cyber defense experts. The SLR aims to identify prevailing themes and gaps, while the questionnaire gathers insights from IT professionals about their experiences and perspectives on GenAI systems.</div></div><div><h3>Results</h3><div>Our research shows that GenAI technology enhances SDLC security by supporting development through vulnerability detection, threat modeling, secure coding practices, and incident response. However, our review shows that AI adoption introduces ethical risks alongside reliability issues with AI-created results and challenges to integrate it into standard development methods.</div></div><div><h3>Conclusion</h3><div>The integration of GenAI into the SDLC offers significant potential for enhancing cybersecurity. While challenges such as algorithm transparency and the need for skilled professionals remain, the benefits of AI in proactive threat detection and response make it a promising tool for future cybersecurity strategies in software development.</div></div>\",\"PeriodicalId\":8417,\"journal\":{\"name\":\"Array\",\"volume\":\"28 \",\"pages\":\"Article 100509\"},\"PeriodicalIF\":4.5000,\"publicationDate\":\"2025-09-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Array\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2590005625001365\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Array","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2590005625001365","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0

摘要

生成式人工智能(GenAI)技术在各个领域的快速集成带来了新的机遇和挑战。GenAI日益突出的领域之一是网络安全,特别是在软件开发生命周期(SDLC)中。随着网络威胁的发展,越来越需要探索创新的解决方案来减轻软件开发过程中的漏洞。目的探讨GenAI在提高SDLC网络安全中的作用。它审查了当前的安全实践、人工智能驱动的安全解决方案的最新进展,以及GenAI在加强威胁检测、漏洞管理和风险缓解方面的潜力。此外,该研究还确定了将GenAI集成到SDLC过程中的关键机遇和挑战,强调了其对安全软件开发和未来行业实践的影响。方法本研究采用混合方法研究GenAI在网络安全中的作用。具体来说,它结合了系统文献综述(SLR)和基于问卷的数据收集,目标是软件开发和网络防御专家。SLR旨在确定流行的主题和差距,而问卷调查收集IT专业人员关于他们对GenAI系统的经验和观点的见解。结果我们的研究表明,GenAI技术通过漏洞检测、威胁建模、安全编码实践和事件响应来支持开发,从而增强了SDLC的安全性。然而,我们的研究表明,人工智能的采用带来了伦理风险,以及人工智能创造的结果的可靠性问题,以及将其整合到标准开发方法中的挑战。结论将GenAI集成到SDLC中具有增强网络安全的巨大潜力。虽然算法透明度和对熟练专业人员的需求等挑战仍然存在,但人工智能在主动威胁检测和响应方面的优势使其成为软件开发中未来网络安全战略的有前途的工具。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

Exploring the role of generative AI in enhancing cybersecurity in software development life cycle

Exploring the role of generative AI in enhancing cybersecurity in software development life cycle

Context

The rapid integration of Generative AI (GenAI) technologies in various sectors has introduced new opportunities and challenges. One of the areas where GenAI is gaining prominence is cybersecurity, particularly within the Software Development Life Cycle (SDLC). As cyber threats evolve, there is a growing need to explore innovative solutions to mitigate vulnerabilities during software development.

Objectives

This study investigates the role of GenAI in enhancing cybersecurity in the SDLC. It examines current security practices, recent advancements in AI-driven security solutions, and the potential of GenAI to strengthen threat detection, vulnerability management, and risk mitigation. Additionally, the research identifies key opportunities and challenges associated with integrating GenAI into SDLC processes, highlighting its implications for secure software development and future industry practices.

Methods

This research employs a mixed-methods approach to investigate the role of GenAI in cybersecurity. Specifically, it combines a Systematic Literature Review (SLR) with questionnaire-based data collection targeting software development and cyber defense experts. The SLR aims to identify prevailing themes and gaps, while the questionnaire gathers insights from IT professionals about their experiences and perspectives on GenAI systems.

Results

Our research shows that GenAI technology enhances SDLC security by supporting development through vulnerability detection, threat modeling, secure coding practices, and incident response. However, our review shows that AI adoption introduces ethical risks alongside reliability issues with AI-created results and challenges to integrate it into standard development methods.

Conclusion

The integration of GenAI into the SDLC offers significant potential for enhancing cybersecurity. While challenges such as algorithm transparency and the need for skilled professionals remain, the benefits of AI in proactive threat detection and response make it a promising tool for future cybersecurity strategies in software development.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Array
Array Computer Science-General Computer Science
CiteScore
4.40
自引率
0.00%
发文量
93
审稿时长
45 days
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信