Threat Modeling for Cyber Range: An Ontology-Based Approach

  • Lei GongEmail author
  • Yu Tian
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 517)


Cyber Range has become a very important means to support tasks such as network security technology validation, network weapon testing, training of network attack and defense and network risk assessment. However, Cyber Ranger faces many security threats from internal and external environments. In order to establish an adaptive security protection system, threat modeling is needed to analyze potential threats and provide security solutions. In this paper, we present a novel threat modeling method for Cyber Range. Based on ontology and knowledge graph, our research focuses on the design of threat ontology, knowledge base, and unified description specification. Typical cases are given to demonstrate our approach. This study could serve as groundwork for further Cyber Range researches including security architecture, situation awareness and intelligent decision-making.


Cyber range Threat modeling Ontology Knowledge graph Threat knowledge extraction 


  1. 1.
    Hernan, S., Lambert, S., Ostwald, T., et al.: Threat modeling-uncover security design flaws using the stride approach. MSDN Mag.-Louisville 68–75 (2006)Google Scholar
  2. 2.
    Schneier, B.: Attack trees—modeling security threats. Dr, Dobb’s J. 24 (1999)Google Scholar
  3. 3.
    Ericson, C.A.: Fault tree analysis. Hazard Anal. Tech. Syst. Saf. 183–221 (2005)Google Scholar
  4. 4.
    Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Trans. Softw. Eng. 25(5), 633–650 (1999)CrossRefGoogle Scholar
  5. 5.
    Phillips, C., Swiler, L.P.: A Graph-Based System for Network-Vulnerability Analysis, 1998. ACM (1998)Google Scholar
  6. 6.
    Jajodia, S., Noel, S.: Topological vulnerability analysis. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness. Advances in Information Security, vol. 46. Springer, Boston, MA (2010)Google Scholar
  7. 7.
    Moore, A.P., Kennedy, K.A., Dover, T.J.: Introduction to the special issue on insider threat modeling and simulation. Comput. Math. Organ. Theory 22(3), 1–12 (2016)CrossRefGoogle Scholar
  8. 8.
    Barnum, S.: Standardizing cyber threat intelligence information with the structured threat information eXpression (STIX). MITRE Corp. 11, 1–22 (2012)Google Scholar
  9. 9.
    Gibb, W.: Nettraveler in openioc format. FireEye (2013)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.China Academy of Electronics and Information TechnologyBeijingChina

Personalised recommendations