期刊
CYBERSECURITY
卷 3, 期 1, 页码 -出版社
SPRINGERNATURE
DOI: 10.1186/s42400-020-00060-8
关键词
Threat modeling; Ontologies; Automated modeling; Conceptual models; Ontology framework
类别
资金
- European Unions H2020 research and innovation programme [832907]
- Swedish Governmental Agency for Innovation Systems (Vinnova)
- Swedish Energy Agency
- SweGRIDS and STandUP for Energy
- H2020 Societal Challenges Programme [832907] Funding Source: H2020 Societal Challenges Programme
Threat modeling is of increasing importance to IT security, and it is a complex and resource demanding task. The aim of automating threat modeling is to simplify model creation by using data that are already available. However, the collected data often lack context; this can make the automated models less precise in terms of domain knowledge than those created by an expert human modeler. The lack of domain knowledge in modeling automation can be addressed with ontologies. In this paper, we introduce an ontology framework to improve automatic threat modeling. The framework is developed with conceptual modeling and validated using three different datasets: a small scale utility lab, water utility control network, and university IT environment. The framework produced successful results such as standardizing input sources, removing duplicate name entries, and grouping application software more logically.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据