Automating threat modeling using an ontology framework: Validated with data from critical infrastructures
2020 (English)In: Cybersecurity, ISSN 2096-4862, Vol. 3, no 1, article id 19Article in journal (Refereed) Published
Abstract [en]
Threat modeling is of increasing importance to IT security, and it is a complex and resource demanding task. The aim of automating threat modeling is to simplify model creation by using data that are already available. However, the collected data often lack context; this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler. The lack of domain knowledge in modeling automation can be addressed with ontologies. In this paper, we introduce an ontology framework to improve automatic threat modeling. The framework is developed with conceptual modeling and validated using three different datasets: a small scale utility lab, water utility control network, and university IT environment. The framework produced successful results such as standardizing input sources, removing duplicate name entries, and grouping application software more logically. © 2020, The Author(s).
Place, publisher, year, edition, pages
Springer Science+Business Media B.V. , 2020. Vol. 3, no 1, article id 19
Keywords [en]
Automated modeling, Conceptual models, Ontologies, Ontology framework, Threat modeling
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:ri:diva-49465DOI: 10.1186/s42400-020-00060-8Scopus ID: 2-s2.0-85091719168OAI: oai:DiVA.org:ri-49465DiVA, id: diva2:1477966
Note
Funding details: VINNOVA; Funding details: Energimyndigheten; Funding details: 832907; Funding text 1: This work has received funding from the European Unions H2020 research and innovation programme under the Grant Agreement No. 832907, Swedish Governmental Agency for Innovation Systems (Vinnova), the Swedish Energy Agency, SweGRIDS, and STandUP for Energy.
2020-10-202020-10-202023-06-08Bibliographically approved