Browse > Article
http://dx.doi.org/10.5370/KIEEP.2017.66.2.076

Application of Threat Modeling for Security Risk Analysis in Smart Home Service Environment  

Lee, Yun-Hwan (Coon Tec)
Park, Sang-Gun (Division of Smart Electrical and Electronic Engineering, SILLA University)
Publication Information
The Transactions of the Korean Institute of Electrical Engineers P / v.66, no.2, 2017 , pp. 76-81 More about this Journal
Abstract
In this paper, the risk analysis of smart home services was implemented by applying threat modeling. Identified possible threats for safe deployment of smart home services and identified threats through the STRIDE model. Through the creation of the Attack Tree, the attackable risk was analyzed and the risk was measured by applying the DREAD model. The derived results can be used to protect assets and mitigate risk by preventing security vulnerabilities from compromising and identifying threats from adversely affecting services. In addition, the modeled result of the derived threat can be utilized as a basis for performing the security check of the smart home service.
Keywords
Threat modeling; Smart home service; Smart grid; Security assesment; Risk analysis;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 MKE, "Smart Grid Road Map", 2010.
2 "Smart Grid Cyber Security Potential Threats, Vulnerabilities and Risks", PIER Program INTERIM PROJECT REPORT, 2012.
3 P. Hong, S. Lee, M. Park, and S. Kim, "Threat-Based Security Analysis for the Domestic Smart Home Appliance," KIPS Transactions on Computer and Communication Systems, vol. 6, no. 3, pp. 143-158, 2017.   DOI
4 Kim Kyoung Gon, Kim Soo Hoon, "Using Threat Modeling for Risk Analysis of SmartHome", Proceedings of the Korean Institute of Communication Sciences Conference, 2015.
5 Beckers, K., Fa$\ss$bender, S., Heisel, M., & Suppan, S. "A Threat Analysis Methodology for Smart Home Scenarios", Technical Report, 2016.
6 Mikkelsen, Soren Aagaard, Jacobsen, Rune Hylsberg. "Securing the Home Energy Management Platform", 2016.
7 Rao, K. Ram Mohan, and Durgesh Pant. "A threat risk modeling framework for Geospatial Weather Information System (GWIS): a DREAD based study." international Journal of Advanced Computer Science and Applications, 2010.
8 Suppan, Santiago. "A Threat Analysis Methodology for Smart Home Scenarios." Smart Grid Security: Second International Workshop, Revised Selected Papers. vol. 8448. Springer, 2014.
9 Microsoft, "Threat Modeling Web Applications", Available: https://msdn.microsoft.com/en-us/library/hh917316.aspx.
10 Microsoft, "Threat Modeling Tool 2016 Getting Started Guide", 2016.
11 OWASP, "Threat Risk Modeling", Available: https://www.owasp.org/index.php/Threat_Risk_Modeling.