Automatic rule extraction from vulnerability databases for threat analysis

Sebastian Chlup
2020 unpublished
The aim of this master thesis is to leverage the capabilities of threat modelling and the threat analysis based on it by enabling a threat model to access up-to-date threat and vulnerability information. This information can come from arbitrary sources in structured or unstructured form. Therefore, this work will discuss an information extraction process and explore a custom model utilized for the representation of the resulting data. The repositories serving as information sources are the
more » ... nal Vulnerability Database and Packetstorm. While the focus in Packetstorm will be put on the extraction of relevant information, the NVD is more sophisticated and contains supplementary attributes that can improve risk treatment. Consequently, suitable mappings of these additional facets will be considered. This thesis shows a way for extending an existing rule-based threat model by automating the process of creating rules from real-world vulnerability data and discusses the development of a prototype. The master thesis is accompanied by a "zip" file containing source code and resources required by the application.
doi:10.25365/thesis.65105 fatcat:5mw3bjtbrngifgymq63m5aghmu