Ontological analysis in the problems of container applications threat modelling

Objectives. The main purpose of the work is the experimental verification of the method of automatic threat modelling based on the ontological approach using the example of multicomponent container applications presented in the form of data flow diagrams.

Methods. Methods of ontological modelling and knowledge management are used in the work. The Web Ontology Language is used to represent knowledge; automatic reasoning based on description logics is used for threat modelling.

Results. A machine-readable set (dataset) of 200 data flow diagrams is developed; each diagram is obtained from the configuration of a real container application and is presented as an ontology and a knowledge graph. An ontological two-level domain-specific threat model of container applications is formed. An experiment is conducted to compare the coverage by threats using the common approach and using domain-specific threats for created dataset. For 95 % of the diagrams, the domain-specific threat model showed the coverage similar or greater than the common approach.

Conclusion. The results of the experiment prove the suitability and effectiveness of the ontological approach for automatic threat modelling. The created dataset can be used for various research in the field of automation of threat modelling.

1. Shostack A. Experiences threat modeling at Microsoft. MODSEC@ MoDELS, 2008, vol. 2008, 35 p.

2. Konev A., Shelupanov A., Kataev M., Ageeva V., Nabieva A. A survey on threat-modeling techniques: protected objects and classification of threats. Symmetry, 2022, vol. 14, no. 3, p. 549.

3. Makarevich V. A., Miniukovich K. A., Mulyarchik K. S. Organisation’s information security threat analysis and modelling based on a universal canvas. Zhurnal Belorusskogo gosudarstvennogo universiteta. Ekonomika [Journal of the Belarusian State University. Economics], 2021, no. 1, pp. 57–68 (In Russ.).

4. Kochin V. P., Vorotnitsky U. I. Proektirovanie i obespechenie bezopasnosti integrirovannyh obrazovatel'nyh informacionno-kommunikacionnyh system. Design and Security of Integrated Educational Information and Communication Systems. Minsk, Belarusian State University, 2022, 168 p. (In Russ.).

5. Verreydt S., Van Landuyt D., Joosen W. Expressive and systematic risk assessments with instance-centric threat models. SAC'23: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing, Tallinn, Estonia, 27–31 March 2023. Tallinn, 2023, pp. 1450–1457.

6. Yazov Yu. K., Soloviev S. V., Tarelkin M. A. Logical-linguistic modeling of security threats information in information systems. Voprosy kiberbezopasnosti [Cybersecurity Issues], 2022, no. 4(50), pp. 13–25 (In Russ.).

7. Bolshakov A. S., Zhila A. I., Osin A. V. Fuzzy logic data protection management. Naukoemkie tekhnologii v kosmicheskih issledovaniyah Zemli [High Tech in Earth Space Research], 2021, vol. 13, no. 4, pp. 37–47 (In Russ.).

8. Minyaev A. A. Modeling information security threats in territorial-distributed information systems. Naukoemkie tekhnologii v kosmicheskih issledovaniyah Zemli [High Tech in Earth Space Research], 2021, vol. 13, no. 2, pp. 52–65 (In Russ.).

9. Vasilyev V. I., Vulfin A. M., Kuchkarova N. V. Assessment of current threats to information security using transformer technology. Voprosy kiberbezopasnosti [Cybersecurity Issues], 2022, no. 2(48), pp. 27–38 (In Russ.).

10. Massel L. V., Massel A. G. Semantic modeling in the construction of digital twins of energy objects and systems. Ontologia proektirovania [Ontology of Design], 2023, vol. 13, no. 1(47), pp. 44–54 (In Russ.).

11. Vasilyev V. I., Vulfin A. M., Kirillova A. D., Kuchkarova N. V. Methodology for assessing current threats and vulnerabilities based on cognitive modeling technologies and text mining. Sistemy upravlenia, sviazi i bezopasnosti [Systems of Control, Communication and Security], 2021, no. 3, pp. 110–134 (In Russ.).

12. Kourbatski A., Mulyarchik K. Semantic aspects of the experts’ communication problem in relation to the conceptual design of complex systems. Open Semantic Technologies for Intelligent Systems: 11th International Conference, OSTIS 2021. Communications in Computer and Information Science. Cham, Springer, 2022, vol. 1625, pp. 77–88.

13. Kasumov V. A., Mamedov D. I. Model and method for determining the optimal structure of the security system for critical information infrastructure. Doklady Belorusskogo gosudarstvennogo universiteta informatiki i radioèlektroniki [Reports of the Belarusian State University of Informatics and Radioelectronics], 2023, no. 21(2), pp. 95–103 (In Russ.).

14. Nikitina I. S. The use of data flow diagrams for representation of subject area. Vestnik sovremennyx issledovanii [Bulletin of Modern Research], 2018, no 7.1, pp. 324–328 (In Russ.).

15. Davletshina L. A., Budnikova I. K. Modeling of IT company information flows based on data flow diagrams methodology. Informacionnye texnologii v stroitelnych, socialnych i ekonomicheskich sistemah [Information Technologies in Construction, Social and Economic Systems], 2021, no. 1, pp. 87–91 (In Russ.).

16. Brazhuk A., Olizarovich E. Framework for ontology-driven threat modelling of modern computer system. International Journal of Open Information Technologies, 2020, vol. 8, no. 2, pp. 14–20.

17. Gavrilova T. A. Ontological engineering from history to practical use. Kognitivnye issledovania [Cognitive Research]. In V. D. Soloviev (ed.), 2022, no. 2, pp. 293–307 (In Russ.).

18. Gribova V. V., Shalfeeva E. A. Ontological infrastructures for solving intellectual tasks. Integrirovannye modeli i mjagkie vychislenija v iskusstvennom intellekte (IMMV-2021) : sbornik nauchnyh trudov X Mezhdunarodnoj nauchno-tehnicheskoj konferencii, Kolomna, 17–20 maja 2021 g. [Integrated Models and Soft Computing in Artificial Intelligence (IMMV-2021) : Collection of Scientific Papers of the X International Scientific and Technical Conference, Kolomna, 17–20 May 2021]. Smolensk, Universum, 2021, vol. 1, pp. 68–77 (In Russ.).

19. Gorodetsky V. I., Yusupov R. M. Artificial intelligence: metaphor, science and information technology. Mekhatronika, avtomatizatsiya, upravlenie [Mechatronics, Automation, Control], 2020, no. 21(5), pp. 282–294 (In Russ.).

20. Golenkov V. V., Guliakina N. A., Shunkevich D. V. Main directions of development of intelligent computer systems of new generation and appropriate technology. Science and Innovation, 2023, vol. 2, special iss. 3, pp. 267–280 (In Russ.).

21. Tatur M. M., Lukashevich M. M., Pertsev D. Y., Iskra N. A. Intelligent data analysis and cloud computing. Doklady Belorusskogo gosudarstvennogo universiteta informatiki i radioèlektroniki [Reports of the Belarusian State University of Informatics and Radioelectronics], 2019, no. 6, pp. 62–71 (In Russ.).

22. Gavrilova T. A., Kudrjavcev D. V., Muromcev D. I. Inzhenerija znanij. Modeli i metody. Knowledge Engineering. Models and Methods, Saint Petersburg, Lan', 2016, 324 p. (In Russ.).

23. Milko D. S., Daneev A. V., Gorbylev A. L. Knowledge base of the expert system for cyber security threat modeling. Doklady Tomskogo gosudarstvennogo universiteta sistem upravlenija i radiojelektroniki [Reports of Tomsk State University of Control Systems and Radioelectronics], 2022, vol. 25, no. 1, pp. 61–69 (In Russ).

24. Razin V. V., Tuzovsky A. F. Decision-making method based on situation analysis and semantic technologies. Izvestija Tomskogo politehnicheskogo universiteta. Inzhiniring georesursov [News of Tomsk Polytechnic University. Georesources Engineering], 2012, vol. 321, no. 5, pp. 188–193 (In Russ.).

25. Burakova E. E., Borgest N. M., Korovin M. D. Ontology description languages for high-tech fields of applied engineering. Vestnik Samarskogo gosudarstvennogo ajerokosmicheskogo universiteta im. akademika S. P. Koroljova (Nacional'nogo issledovatel'skogo universiteta) [Bulletin of Samara State Aerospace University named after Academician S. P. Korolev (National Research University)], 2014, no. 3(45), pp. 144–158 (In Russ.).

26. Osipov G. Metody iskusstvennogo intellekta. Artificial Intelligence Methods. Moscow, FIZMATLIT, 2011, 296 p. (In Russ.).

27. Matorin S. I., Mikhelev V. V. System-object determinant analysis. Partitive classification using the formal-semantic normative system. Iskusstvennyj intellekt i prinjatie reshenij [Artificial Intelligence and Decision Making], 2021, no. 1, pp. 15–24 (In Russ).

28. Tuma K., Sion L., Scandariato R., Yskout K. Automating the early detection of security design flaws. Proceedings of the 23rd ACM/IEEE International Conference on Model Driven Engineering Languages and Systems, Virtual Event, Canada, 16–23 October 2020. Canada, 2020, pp. 332–342.

29. Bernsmed K., Cruzes D. S., Jaatun M. G., Iovan M. Adopting threat modelling in agile software development projects. Journal of Systems and Software, 2022, vol. 183, p. 111090.

30. Krinkin K., Kulikov I., Vodyaho A., Zhukova N. Architecture of cloud telecommunication network monitoring platform based on knowledge graphs. 2021 30th Conference of Open Innovations Association FRUCT 2021, Oulu, Finland, 27–29 October 2021. Oulu, 2021, pp. 107–114.

31. Zabavskii V. V., Borbotko T. V. Vulnerabilities in docker container technology. Upravlenie informacionnymi resursami : materialy XVII Mezhdunarodnoj nauchno-prakticheskoj konferencii, Minsk, 12 marta 2021 g. [Information Resource Management : Materials of the XVII International Scientific and Practical Conference, Minsk, 12 March 2021]. Minsk, Akademija upravlenija pri Prezidente Respubliki Belarus', 2021, pp. 208–209 (In. Russ.).

32. Brazhuk A. Threat modeling of cloud systems with ontological security pattern catalog. International Journal of Open Information Technologies, 2021, vol. 9, no. 5, pp. 36–41.