@inproceedings{f15f297d04c4448491a5dec3fa508656,
title = "An Introduction to Threat Modelling: Modelling Steps, Model Types, Benefits and Challenges",
abstract = "The proliferation of cybersecurity threats is posing substantial security risks to organisations; therefore, it requires robust countermeasures and defence mechanisms for organisational IT systems, applications and data. Threat modelling is a process of identifying, analysing, prioritising and mitigating threats and their associated vulnerabilities in a system or network. Understanding the threat modelling process, as well as its benefits and limitations, whilst selecting an appropriate threat modelling method that may assist cybersecurity experts in their comprehensive security assessments. The assessments are designed to uncover security gaps and potential threats, to develop robust countermeasures against these potential threats and strengthening the security of organisational IT systems, applications and data. This paper will present a comprehensive study concerning threat modelling including the phases involved in threat modelling, types of threat models and benefits and challenges of threat modelling. Therefore, this comprehensive study concerning threat modelling will simplify the essential terminologies of threat modelling to users in a clear and concise manner.",
keywords = "Cyber Threat, Cyberattack, Cyberthreat, DREAD Model, LINDDUN Model, OCTAVE Model, PASTA Model, STRIDE Model, Threat Modelling, Threat Models, VAST Model",
author = "Nitin Naik and Paul Jenkins and Paul Grace and Dishita Naik and Shaligram Prajapat and Jingping Song",
note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.; International Conference on Computing, Communication, Cybersecurity and AI, C3AI 2024 ; Conference date: 03-07-2024 Through 04-07-2024",
year = "2024",
month = dec,
day = "20",
doi = "10.1007/978-3-031-74443-3_15",
language = "English",
isbn = "9783031744426",
series = "Lecture Notes in Networks and Systems",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "260--270",
editor = "Nitin Naik and Paul Grace and Paul Jenkins and Shaligram Prajapat",
booktitle = "Contributions Presented at The International Conference on Computing, Communication, Cybersecurity and AI - The C3AI 2024",
}