HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

ML-Supported Identification and Prioritization of Threats in the OVVL Threat Modelling Tool

Abstract : Threat Modelling is an accepted technique to identify general threats as early as possible in the software development lifecycle. Previous work of ours did present an open-source framework and web-based tool (OVVL) for automating threat analysis on software architectures using STRIDE. However, one open problem is that available threat catalogues are either too general or proprietary with respect to a certain domain (e.g. .Net). Another problem is that a threat analyst should not only be presented (repeatedly) with a list of all possible threats, but already with some automated support for prioritizing these. This paper presents an approach to dynamically generate individual threat catalogues on basis of the established CWE as well as related CVE databases. Roughly 60% of this threat catalogue generation can be done by identifying and matching certain key values. To map the remaining 40% of our data (~50.000 CVE entries) we train a text classification model by using the already mapped 60% of our dataset to perform a supervised machine-learning based text classification. The generated entire dataset allows us to identify possible threats for each individual architectural element and automatically provide an initial prioritization. Our dataset as well as a supporting Jupyter notebook are openly available.
Document type :
Conference papers
Complete list of metadata

https://hal.inria.fr/hal-03243644
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, May 31, 2021 - 5:58:34 PM
Last modification on : Monday, May 31, 2021 - 6:08:49 PM

File

 Restricted access
To satisfy the distribution rights of the publisher, the document is embargoed until : 2023-01-01

Please log in to resquest access to the document

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Andreas Schaad, Dominik Binder. ML-Supported Identification and Prioritization of Threats in the OVVL Threat Modelling Tool. 34th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), Jun 2020, Regensburg, Germany. pp.274-285, ⟨10.1007/978-3-030-49669-2_16⟩. ⟨hal-03243644⟩

Share

Metrics

Record views

66