A Data-Driven Threat Modelling Language for Ensuring Cyber Security Assurance
PhD Thesis
Alwaheidi, M. 2024. A Data-Driven Threat Modelling Language for Ensuring Cyber Security Assurance. PhD Thesis University of East London School of Architecture, Computing and Engineering https://doi.org/10.15123/uel.8xx0x
Authors | Alwaheidi, M. |
---|---|
Type | PhD Thesis |
Abstract | In the context of a rapidly evolving business environment characterized by persistent cyber threats targeting enterprises and the introduction of new attack vectors through technological advancements, the significance of data intelligence is experiencing exponential growth, and ensuring uninterrupted business operations becomes increasingly challenging. To effectively defend against these threats and gain a comprehensive understanding of security posture, organizations must evaluate their digital infrastructure. Threat modelling is essential for understanding system threats, mitigating risks from current weaknesses, and developing strategic countermeasures for improving cybersecurity posture. Threat modelling systematically analysing the complex relationship between digital infrastructures, applications, and potential attackers. Threat modelling is a challenging task due to the variety of generated, stored, or processed data by digital infrastructure. However, many existing methodologies for threat modelling often struggle to examine and prioritize data-related threats. This highlights the need for innovations in this field to guarantee comprehensive security assurance. The research methodology encompasses Four stages, literature review, then model and tool development, lastly the evaluation and conclusion. Each part contributes to the overall development and evaluation of the data-driven threat modelling and analysis approach. This thesis contributes a novel threat modelling approach to address the aforementioned challenges. The proposed model, known as d-TM (Data-driven Threat Modelling), presents a comprehensive and innovative approach to data-driven threat modelling, specifically designed to enhance the understanding and differentiation of data-related threats, surpassing existing models in terms of value. d-TM offers distinct advantages stemming from its integration of data across multiple levels of abstraction and phases. By incorporating this comprehensive approach within the organizational architecture, d-TM enables a methodical examination of the attack landscape, extending from the user endpoint to the target data storage. The focus is mainly on the actors involved and the different levels of threat layers that have been identified. d-TM adopts a three-tiered strategy that subdivides data cybersecurity assurance into management, control, and business factors. Each of these factors is viewed as a composite of three interconnected components: storage, processing, and transmission. Moreover, the model leverages its visual presentation of digital assets interaction among each other’s using data-flow diagram (DFD) and dynamic capabilities to adapt to the evolving threat landscape, offering the latest updates by interfacing with prominent security catalogues such as MITRE CWE, CAPEC and NIST. The innovative data-driven threat modelling (d-TM) approach focuses on weaknesses as the root cause of vulnerabilities, which empowers organizations to proactively strengthen security measures. The d-TM model is further empowered by its automation capabilities, which automate the entire process of threat analysis, streamlining and expediting the identification, assessment, and ascertaining the most effective controls to mitigate threats. Finally, d-TM is evaluated using three real case scenarios to determine its applicability to the current emerging industry. The results show that d-TM effectively identifies and quantifies the threats that are potential for any major disruption to the business. The evaluation includes scenarios from healthcare, supply chain and IT service provider sectors. With its emphasis on security assurance and the ability to proactively |
Keywords | Threat Modelling; Data-driven; Security assurance |
Year | 2024 |
Publisher | University of East London |
Digital Object Identifier (DOI) | https://doi.org/10.15123/uel.8xx0x |
File | License File Access Level Anyone |
Publication dates | |
Online | 19 Jun 2024 |
Publication process dates | |
Completed | 22 May 2024 |
Deposited | 19 Jun 2024 |
Copyright holder | © 2024, The Author |
https://repository.uel.ac.uk/item/8xx0x
Download files
153
total views205
total downloads5
views this month5
downloads this month