Domain-specific Threat Modeling for Mobile Communication Systems

Thumbnail Image

Files

master_Chen_Hsin-Yi_2021.pdf (5.57 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2021-08-23

Department

Major/Subject

Advanced Materials for Innovation and Sustainability

Mcode

SCI3113

Degree programme

Master’s Programme in Security and Cloud Computing (SECCLO)

Language

en

Pages

75+10

Series

Abstract

As the attack surface and the number of incidents in mobile communication net- works increase, threat intelligence gathering and sharing among different parties becomes essential. There are many generic threat modeling frameworks for soft- ware and information system, but none of them is targeted for the telecommunication industry. A common conceptual framework and threat taxonomy is needed for communicating the threats between industry players or to form a high-level view of the state of security of a mobile network. Therefore, Nokia Bell Labs has developed the Bhadra framework, a conceptual framework for threat modeling in mobile communication systems. The goal of this thesis is to improve the Bhadra framework and explore its use cases. First, we developed a web tool to support the threat and attack modeling process with the framework. We modeled 60 attacks from literature with the tool. To improve the framework, we performed two iterations of framework refinement. First, we added some missing techniques found during the attack modeling process. Second, we conducted peer modeling and sought input from security experts. Based on the results, we added the Reconnaissance tactic to cover adversarial behavior before gaining an initial foothold, modified and reorganized the attacks techniques, and edited technique descriptions to provide clearer definitions and concrete examples. Additionally, we performed a graph-theoretic analysis of the 60 attack models to gain insights on the relative importance of the attack techniques, the diversity of the attack paths from initial access to impact, and common attack patterns. Moreover, we evaluated the usability of the tool and the reliability and usefulness of the refined framework. The study participants generally gave positive feedback about the usability of the tool and the framework. Furthermore, the participants are interested in integrating the framework or the tool into their work processes, including threat modeling, mitigation and prevention, anomaly detection and investigation, threat intelligence sharing, and security management.

Description

Supervisor

Aura, Tuomas

Thesis advisor

Rao, Siddharth

Keywords

threat modeling, security framework, mobile communication, telecommunication, graph analysis, usability study

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202108298545

Collections

[dipl] Perustieteiden korkeakoulu / SCI