Cyber threat modeling has evolved to address increasingly complex cyber threats. Initially used in risk assessment and system security analysis to define threats and risks in information systems, it now faces greater demands as web technologies rapidly expand, bringing new threats that require more adaptive, efficient identification methods. This study focuses on developing a cyber threat modeling system using actors' digital footprints and the STRIDE framework. A review of existing literature shows the potential of machine learning, specifically Logistic Regression, in automating threat detection. The model was trained on a synthetic dataset containing IP addresses, browsing history, device information, and other activities associated with potential threat events. To evaluate the efficiency of the system, the accuracy, the precision rate, the recall rate, and F1-score have been used. Outcomes showed that with regard to majority-class threats, the system yielded high levels of identification, however, minority-class threats, were disguised by the method due to the effect of data skewness. Even with such measures as SMOTE used to increase the accuracy of the model, more work can be done by using real world data to help in the detection of these threats. The use of this system shows that synthesis of data for modeling of cyber threats lacks real life data to raise the degree of accuracy, which necessitates the use of real-life datasets. Consequently, this study can be considered as the first attempt to combine the elements of machine learning and threat modelling frameworks.

Authors: O. Owolafe, Peter Oluwafemi Lawanson

Published in: International Conference for Internet Technology and Secured Transactions (ICITST-2024)

• Date of Conference: 4-6 November 2024
• DOI: 10.20533/ICITST.2024.0025
• ISBN: 978-1-913572-76-1
• Conference Location: St Anne’s College, Oxford University, UK