Abstract
This research proposes a comprehensive method for threat modeling in the software design stage, incorporating attack path formalization analysis. The approach involves extracting software defect information through UML active graph decomposition of the application or system and performing threat modeling. The method comprises several steps, including creating and modeling use cases, generating an application/system silhouette, decomposing the application/system using the active graph, constructing a threat tree with key asset information as the threat object, classifying and evaluating the threat object, and calculating the attack path of the threat tree. By comparing it with existing approaches, this invention aims to enhance software product safety, improve software quality, broaden the application range of threat modeling, and achieve automation in threat modeling, resulting in reduced technical threshold, cost, and development time for trusted software development.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal on Recent and Innovation Trends in Computing and Communication
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
