Threat modeling – A systematic literature review

Cybersecurity for autonomous vehicles: Review of attacks and defense

The advancement of data communication technologies promotes widespread data collection and transmission in various application domains, thereby expanding big data significantly. Sensitive information about individuals, which is typically evident or hidden in data, is prone to various privacy attacks and serious risks of privacy disclosure. Corresponding approaches to data privacy preservation have been proposed to provide mechanisms for preserving data privacy while pubilishing useful information or mining valuable information from sanitized data. In this work, we present a comprehensive survey of privacy preservation in big data from the communication perspective. Specifically, we cover the fundamental privacy-preserving framework and privacy-preserving technologies, particularly differential privacy. We also survey the adaptations and variants of differential privacy for different emerging applications and the challenges to differential privacy. In addition, we provide future research directions about privacy preservation in communication field.

Privacy Preservation in Big Data From the Communication Perspective—A Survey

Enterprise systems are growing in complexity, and the adoption of cloud and mobile services has greatly increased the attack surface. To proactively address these security issues in enterprise systems, this paper proposes a threat modeling language for enterprise security based on the MITRE Enterprise ATTC by using available tools, the proposed language enables attack simulations on its system model instances. These simulations can be used to investigate security settings and architectural changes that might be implemented to secure the system more effectively. Our proposed language is tested with a number of unit and integration tests. This is visualized in the paper with two real cyber attacks modeled and simulated.

/pdf/cyber-security-threat-modeling-based-on-the-mitre-enterprise-3oo9u0sxxo.pdf

Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix

A review of threat modelling approaches for APT-style attacks

Modern vehicles are dependent on software, and are often connected to the Internet or other external services, which makes them vulnerable to various attacks. To improve security for Internet facing systems, holistic threat modeling is becoming a common way to proactively make decisions and design for security. One approach that has not been commonly implemented is to enhance the threat models with probabilistic attack simulations. That is, incorporating security intelligence, attack types, vulnerabilities, and countermeasures to get objective security metrics and risk assessments. This combination has been shown efficient in other disciplines, e.g. energy and banking. However, it has so far been fairly unexplored in the vehicle domain. This position paper reviews previous research in the field, and implements a vehicle threat model using a tool called securiCAD, based on which future research requirements for connected vehicle attack simulations are also derived. The main findings are: 1) not much work has been done in the combined area of connected vehicles and threat modeling with attack simulations, 2) initial tests show that the approach is useful, 3) more research in vehicle specific attacks and countermeasures is needed in order to provide more accurate simulation results, and 4) a more tailored metamodel is needed for the vehicle domain.

Threat modeling and attack simulations of connected vehicles : a research outlook

In this paper, we conduct an empirical study with the purpose of identifying common security vulnerabilities discovered in vehicles. The vulnerability information is gathered for 60 vehicle OEMs (Original Equipment Manufacturers) and common vehicle components from the National Vulnerability Database (NVD). Each vulnerability (CVE) is analyzed with respect to its software weakness type (CWE) and severity score (CVSS). 44 unique CVEs were found in NVD and analyzed. The analysis results show that about 50% of the vulnerabilities fall into the medium severity category, and the three most common software weaknesses reported are protection mechanism failure, buffer errors, and information disclosure.

A Study of Security Vulnerabilities and Software Weaknesses in Vehicles

Modern vehicles contain more than a hundred Electronic Control Units (ECUs) that communicate over different in-vehicle networks. These ECUs are often connected to the Internet, which makes them vulnerable to various cyber attacks. Besides, large amounts of data are generated and communicated through vehicular networks, and some of them are sensitive for the vehicle drivers. Previously, a threat modeling language named vehicleLang was proposed for security analysis of vehicles, however, privacy issues of the vehicular data have not been thoroughly addressed. To fill the gap, this paper proposes a privacy-focused enhancement of vehicleLang, and the suggested privacy extension is evaluated by threat modeling with test cases running through the Meta Attack Language (MAL) compiler.

Wenjun Xiong

Papers

Threat modeling – A systematic literature review

Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix

Threat modeling and attack simulations of connected vehicles : a research outlook

A Study of Security Vulnerabilities and Software Weaknesses in Vehicles

Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang