This paper demonstrates how semantic knowledge graph integration can bridge organizational threat modeling and adversarial frameworks for responsible AI security assessment. We applied ThreatFinder.ai to an AI-based facial anonymization system, identifying 12 assets, 33 instantiated threats (7 unique), and 157 instantiated controls (28 unique). These outputs were transformed into knowledge graphs and semantically linked to MITRE ATLAS using Sentence-BERT embeddings, creating explicit, auditable mappings between organizational threats and adversarial techniques. The linking produced 123 threat→technique, 72 threat→SubTechnique, and 21 control→mitigation alignments (covering 55 unique threats and 15 unique controls), enabling asset-centric reasoning and transparent security decision-making. The methodology satisfies multiple stakeholder needs: organizational usability through familiar workflows, governance compliance through auditable relations, and ethical transparency through accessible visualizations. These results show that interdisciplinary requirements can drive approaches to AI security that are both technically rigorous and practically usable
This research was funded by the Swedish innovation agency Vinnova under the project Anonymization Defense GUARD (GUarding Anonymization pRoceDures) (reference number: 2023-02996). This work was also supported in part by the European Union\u2019s Horizon Europe research and innovation programme through the project ATHENA \u2013 An exposition on THe forEign informatioN mAnipulation and interference (Grant Agreement 101132686 ATHENA HORIZON-CL2-2023-DEMOCRACY-01). The authors are also grateful to Martin Torstensson for setting up the GUARD project and to Dr. Felix Rosberg for providing access to the facial anonymization models.
QC 20260318