Threat Extraction Method Based on UML Software Description

Threat modeling is one of the best practices to secure software development. A primary challenge for using this practice is how to extract threats. Existing threat extraction methods to this purpose are mainly based on penetration tests or vulnerability databases. This imposes a non-automated timeconsuming process, which fully relies on the human knowledge and expertise. In this paper, a method is presented, which can extract the threats to a software system based on the existing description of the software behavior. We elaborately describe software behavior with sequence diagrams enriched by security relevant attributes. To enrich a sequence diagram, some attributes and their associated values are added to the diagram elements and the communication between them. We have also developed a threat knowledge base from reliable sources such as CWE and CAPEC lists. Every threat in the knowledge base is described according to its occurrence conditions in the software. To extract threats of a software system, the enriched sequence diagrams describing the software behavior are matched with the threat rules in our knowledge base using a simple inference process. Results in a set of potential threats for the software system. The proposed method is applied on a software application to extract its threats. Our case study indicates the effectiveness of the proposed method compared to other existing methods.

[1]  S R Satapathy Threat modeling in web applications , 2014 .

[2]  Elisa Heymann,et al.  Automating Risk Analysis of Software Design Models , 2014, TheScientificWorldJournal.

[3]  Michael N. Johnstone Threat Modelling with Stride and UML , 2010 .

[4]  Dianxiang Xu,et al.  A Threat Model Driven Approach for Security Testing , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[5]  Shikharesh Majumdar,et al.  Automated threat identification for UML , 2010, 2010 International Conference on Security and Cryptography (SECRYPT).

[6]  Shabir Ahmad,et al.  THREAT MODELLING METHODOLOGIES: A SURVEY , 2014 .

[7]  Steven B. Lipner,et al.  The trustworthy computing security development lifecycle , 2004, 20th Annual Computer Security Applications Conference.

[8]  Xiaohong Yuan,et al.  Developing Abuse Cases Based on Threat Modeling and Attack Patterns , 2015, J. Softw..

[9]  Gary McGraw,et al.  Software Security: Building Security In , 2006, 2006 17th International Symposium on Software Reliability Engineering.