Ontological analysis in the problems of container applications threat modelling

Abstract

Objectives. The main purpose of the work is the experimental verification of the method of automatic threat modelling based on the ontological approach using the example of multicomponent container applications presented in the form of data flow diagrams.Methods. Methods of ontological modelling and knowledge management are used in the work. The Web Ontology Language is used to represent knowledge; automatic reasoning based on description logics is used for threat modelling.Results. A machine-readable set (dataset) of 200 data flow diagrams is developed; each diagram is obtained from the configuration of a real container application and is presented as an ontology and a knowledge graph. An ontological two-level domain-specific threat model of container applications is formed. An experiment is conducted to compare the coverage by threats using the common approach and using domain-specific threats for created dataset. For 95 % of the diagrams, the domain-specific threat model showed the coverage similar or greater than the common approach.Conclusion. The results of the experiment prove the suitability and effectiveness of the ontological approach for automatic threat modelling. The created dataset can be used for various research in the field of automation of threat modelling.