LAUSR

Research pertaining to threat modeling is significant. However, the existing threat modeling methods suffer from ambiguity, heterogeneity and incompleteness; furthermore, the threat models at different abstraction levels are separated from each other, and the model elements are fragmented. In the knowledge engineering community, an ontology is an explicit specification of a conceptualization. Introducing the ontology method into the study of threat models is an effective way to solve the above problems. This paper creates a multiontology framework for the threat model of information systems (IS) based on domain knowledge (attack and defense knowledge), engineering experience, and industry standards (ISO/IEC 27032). The multiontology framework includes a generalized ontology (GO), a domain ontology (DO), and an application ontology (AO). This paper builds the ontology of each layer and ultimately presents case studies. The results show that the multiontology threat model based on adversarial attack and defense effectively solves the above problems of the existing threat modeling methods. In addition, systematic threat modeling using the multiontology method can be used not only for attack path-based threat analysis but also for adversarial attack and defense-based threat analysis. This method can help detect security issues and effectively guide security personnel.