Abstract: Recently more and more attention has been paid to use active defense in software security because it provides a positive way to guarantee software security and effectively construct high-confidential software. Security requirements were critical to software security assurance. Eliciting security requirements was one of major and difficult tasks during the security assurance. Some typical methods about eliciting security requirements were studied, compared and analyzed with respect to their research methods, application, etc. The current status of different approaches to security requirements elicitation were summarized, and future trends were explored in the end. The above work will provide a valuable reference for carrying out research and application in security requirement engineering.

Key words: Software security,Active defense,Security rectuirements,Threat