Ontological analysis in the problems of container applications threat modelling

Ontological analysis in the problems of container applications threat modelling

Objectives. The main purpose of the work is the experimental verification of the method of automatic threat modelling based on the ontological approach using the example of multicomponent container applications presented in the form of data flow diagrams.Methods. Methods of ontological modelling and...

Full description

Saved in:
Bibliographic Details
Main Authors: A. I. Brazhuk, E. V. Olizarovich
Format: Article
Language:Russian
Published: National Academy of Sciences of Belarus, the United Institute of Informatics Problems 2023-12-01
Series:Informatika
Subjects:
computer systems
container applications
system analysis
information security
threat modelling
ontologies
automatic reasoning
description logics
Online Access:https://inf.grid.by/jour/article/view/1265
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Objectives. The main purpose of the work is the experimental verification of the method of automatic threat modelling based on the ontological approach using the example of multicomponent container applications presented in the form of data flow diagrams.Methods. Methods of ontological modelling and knowledge management are used in the work. The Web Ontology Language is used to represent knowledge; automatic reasoning based on description logics is used for threat modelling.Results. A machine-readable set (dataset) of 200 data flow diagrams is developed; each diagram is obtained from the configuration of a real container application and is presented as an ontology and a knowledge graph. An ontological two-level domain-specific threat model of container applications is formed. An experiment is conducted to compare the coverage by threats using the common approach and using domain-specific threats for created dataset. For 95 % of the diagrams, the domain-specific threat model showed the coverage similar or greater than the common approach.Conclusion. The results of the experiment prove the suitability and effectiveness of the ontological approach for automatic threat modelling. The created dataset can be used for various research in the field of automation of threat modelling.
ISSN:1816-0301

Similar Items