**4. Cyber security threat models**

The method of threat modeling is a collection of techniques used to construct a system abstraction, profile possible attacks, goals and procedures, including potential threats index that may occur [62]. A typical threat modeling process includes five components which are threat intelligence, asset identification, mitigation capability, risk assessment and threat mapping. Threat models require the application of Artificial Intelligence for prompt risk reporting. In the second quarter of 2018, the cost of cyber crime damage is projected to hit \$6 trillions annually by 2021 and the vulnerabilities of the malware that target machine have been up to 151%. Therefore, Intelligence User Interface (IUI) is desirous for threat modeling. There can be external or internal threats, with catastrophic consequences. Attacks may completely bypass programs or leak confidential information that reduces the customer interest in the system's provider.

*Application of Artificial Intelligence in User Interfaces Design for Cyber Security Threat Modeling DOI: http://dx.doi.org/10.5772/intechopen.96534*

There are over a dozen mainstream threat models applied to Cyber Security. Threat models have been in existence since the late 1990s to help fortify cyber security. Meanwhile, [63] noted that irrespective of the availability of various threat models, they all follow five steps. First is a granular breakdown of infrastructure or application, then determining the threats, followed by its preventive measures, next is severity reduction (mitigations) and lastly, ranking of threats [35]. The predictability capacity of the machine learning algorithms is a major factor in threat modeling. There are twelve threat models, but the pioneering model is Microsoft's STRIDE that sprung-off in 1999 and gave rise to subsequent models. STRIDE results in a few false positives and is ideal for teams with little security expertise [64]. Other top models include DREAD, PASTA, LINDDUN, Trike, OCTAVE, CVSS, hTMM, Attack Trees, Persona Non-Grata (PnG), Security Cards, Quantitative TMM and VAST Modeling [65]. An analysis of threat models discovered that hybrid threat models handle more potential attacks than single models [62]. This analysis also recommended the PASTA model because it has a well-structured layout, and its implementation is attributed to sub-systems rather than the whole system. Another threat model worthy of note is the Persona Non-Grata (PnG), tailored to UX design, where users' behaviors and interactions with UIs are analyzed. It outputs a few false positives and it is ideal when the system's weakness is known else it becomes difficult to pinpoint likely threats. The Security Cards model is another endorsement ideal for unusual or advanced attacks and is dependent on brainstorming about possible intrusions. The major drawback of Security Cards is its high false positives [64]. **Table 6** shows the comparative analysis of the features of the most common threat modeling methods that are widely in use.

### **4.1 Cyber security threat modeling process**

Threat modeling involve a number of processes and aspects for efficient mitigation. Failure to include these set of components might lead to incompletion in modeling thereby preventing proper threats prevention. The list of those components is as follows:

#### *4.1.1 Threat analysis*

This is called threat intelligence. This has to do with the granular breakdown of infrastructure or application. The section contains information on threat types, affected devices, monitoring mechanism, vulnerability exploitation tools and processes and attackers' motivations. Security analysts also gather and use online sources, proprietary solutions or security communications channels to access information on threat intelligence. This is used to improve the awareness and knowledge on emerging risks to determine the right course of action. Most importantly, it tries to understand the data flow across the system.

#### *4.1.2 Identification of asset*

This is called threat determination. Security teams need an in-house inventory of the components and data used, the location of those assets and the security procedures used. This inventory allows security teams to monitor identified vulnerabilities for their assets. It helps to gain insight for asset modifications from an inventory in real-time. For instance, warnings to the possibilities of attacks if assets are introduced, with or without allowed approval. This involves identifying all potential and current threats to the applications/systems.


*Software Usability*

*Application of Artificial Intelligence in User Interfaces Design for Cyber Security Threat Modeling DOI: http://dx.doi.org/10.5772/intechopen.96534*


**Table 6.**

 *Comparative analysis of threat modeling methods.*
