A review of threat modelling and its hybrid approaches to software security testing

As organizations seek to fulfill their objectives in the 21st century, they have come to immensely depend on reliable and secure software as a core component of their organizational asset to achieve their set goals. Irrespective of the size, nature or sector of these firms, securing the software asset has gained momentum given major software security issues in the form of incessant cyber-attacks to sensitive and confidential data which could bring huge losses to both the organization and her customers. However, a critical approach to defending the organization’s software infrastructure is anticipating the nature of the exploits from the attacker’s perspective before they occur and strategizing mitigation plans in order to prevent these attacks from being successful. This is called Threat Modeling. The objective of this paper is to identify existing challenges in this research field and establish the grounds for a credible research activity therefore the researchers present a review of literatures on threat modelling activities overs the years and the subsequent hybrids developed to cater for the weaknesses of the techniques used. It was discovered that software applications suffered from analysis paralysis due to over-specification of security requirements while using hybrid threat modeling techniques. Furthermore, we discuss briefly our proposed approach to using hybrid threat modeling using a set of coherent modeling techniques in tackling a particular security vulnerability plaguing web applications while avoiding analysis paralysis.

[1]  Zhuhua Cai,et al.  Software Vulnerability Discovery Techniques: A Survey , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[2]  Maybin K. Muyeba,et al.  Threat Modeling Revisited: Improving Expressiveness of Attack , 2008, 2008 Second UKSIM European Symposium on Computer Modeling and Simulation.

[3]  Dianxiang Xu,et al.  Threat-driven modeling and verification of secure software using aspect-oriented Petri nets , 2006, IEEE Transactions on Software Engineering.

[4]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[5]  Ravishankar K. Iyer,et al.  A data-driven finite state machine model for analyzing security vulnerabilities , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[6]  Andreas L. Opdahl,et al.  Comparing attack trees and misuse cases in an industrial setting , 2014, Inf. Softw. Technol..

[7]  Dianxiang Xu,et al.  A threat model‐based approach to security testing , 2013, Softw. Pract. Exp..

[8]  Dianxiang Xu,et al.  Towards an Enhanced Design Level Security: Integrating Attack Trees with Statecharts , 2011, 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement.

[9]  Amel Mammar,et al.  A systematic approach to integrate common timed security rules within a TEFSM-based system specification , 2012, Inf. Softw. Technol..

[10]  Alwyn Roshan Pais,et al.  Security-aware Software Development Life Cycle (SaSDLC) - Processes and tools , 2009, 2009 IFIP International Conference on Wireless and Optical Communications Networks.

[11]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[12]  Inger Anne Tøndel,et al.  Combining Misuse Cases with Attack Trees and Security Activity Models , 2010, 2010 International Conference on Availability, Reliability and Security.

[13]  Mano Paul Software Security : Being Secure in an Insecure World , .

[14]  Frank Swiderski,et al.  Threat Modeling , 2018, Hacking Connected Cars.

[15]  Punam Bedi,et al.  Identifying Security Requirements Hybrid Technique , 2009, 2009 Fourth International Conference on Software Engineering Advances.

[16]  Dianxiang Xu,et al.  Automated Security Test Generation with Formal Threat Models , 2012, IEEE Transactions on Dependable and Secure Computing.

[17]  Andreas L. Opdahl,et al.  Towards a Hacker Attack Representation Method , 2010, ICSOFT.

[18]  Andreas L. Opdahl,et al.  Experimental comparison of attack trees and misuse cases for security threat identification , 2009, Inf. Softw. Technol..

[19]  Andrea Avancini Security testing of web applications: A research plan , 2012, 2012 34th International Conference on Software Engineering (ICSE).

[20]  Dianxiang Xu,et al.  A Threat Model Driven Approach for Security Testing , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).