**Abstract**

In recent years, Cyber Security threat modeling has been discovered to have the capacity of combatting and mitigating against online threats. In order to minimize the associated risk, these threats need to be modelled with appropriate Intelligent User Interface (IUI) design and consequently the development and evaluation of threat metrics. Artificial Intelligence (AI) has revolutionized every facet of our daily lives and building a responsive Cyber Security Threat Model requires an IUI. The current threat models lack IUI, hence they cannot deliver convenience and efficiency. However, as the User Interface (UI) functionalities and User Experience (UX) continue to increase and deliver more astonishing possibilities, the present threat models lack the predictability capacity thus Machine Learning paradigms must be incorporated. Meanwhile, this deficiency can only be handled through AI-enabled UI that utilizes baseline principles in the design of interfaces for effective Human-Machine Interaction (HMI) with lasting UX. IUI helps developers or designers enhance flexibility, usability, and the relevance of the interaction to improving communication between computer and human. Baseline principles must be applied for developing threat models that will ensure fascinating UI-UX. Application of AI in UI design for Cyber Security Threat Modeling brings about reduction in critical design time and ensures the development of better threat modeling applications and solutions.

**Keywords:** artificial intelligence, cyber security, human computer interaction, intelligent user interface, machine learning, threat model, user experience, user interface

## **1. Introduction**

Cyber Security protect Information Technology (IT) assets, devices, data, programs, and networks from digital attacks or damage using processes, technologies, and practices to mitigate unauthorized access [1, 2]. Cyber security employs a variety of security concepts such as threat modeling to safeguard user's asset,

environment and organization from being attacked. Threat modeling attempts to enhance cyber security by hypothetically analyzing, itemizing, and prioritizing the potential threats using the attacker's point of view [3]; with an accurate and deep understanding of threats to enable risk evaluation, and subsequently prioritize mitigation against an attack. Neglecting the security designers in cyber security and focusing only on human factors in cyber attacks [4] give room for wide penetration to sensitive systems through social engineering. Consequently, this could pose threats to physical machines and human manipulation via social engineering which is the most important aspect of information security. This ascertains the fact that the issue of cyber attack is progressively becoming a threat that militarizes information technology assets.

Cyber security cuts across technical and social matters and this need to be given priority as there have been a paradigm shift in the movement of businesses and government activities to the online platforms [2]. The complexities and interdependency on the technological system, poses a daunting threat to security engineers as devices and infrastructure are networked in socio-technical environment in which they operate. Therefore, the use of Application Program Interface (API) without the system engineer's control greatly undermines the system properties [5]. This gives rise to the creation of different laws with various provision of Cyber Security data protection, and privacy laws that operates from the inception with over 142 countries [6]. The provision of data protection laws and various security concepts such as threat modeling will be efficiently and effectively put into use if priority is also given to User Experience (UX) through the integration of intelligence in User Interface (UI) design. If UX is seen as having a huge effect on UI design, it could assist security experts in the development of intelligent threat modeling tools that can detect anomalies and make users understand the associated threats in every Human Computer Interaction (HCI).

#### **1.1 Cyber security threat modeling**

Threat Modeling (TM) is the basic building block for the establishment of secure systems. Threat modeling is a proactive move towards recognizing potential security concerns and an approach to risk assessment [7]. The success of any cyber security threat model is hinged on the development of an Intelligence System using Artificial Intelligence (AI) paradigms with keen attention on User Interface (UI) that takes into cognizance user interaction. According to [8], particular attention must be paid on what to offer to users as being regarded as a system/tool or an agent/assistant while considering Intelligent User Interface (IUI). IUI must be an Interactive System. Threat modeling must incorporate AI for efficient Human Computer Interaction (HCI) by leveraging on Machine Learning (ML) algorithms to develop a UI with automated capability and improved usability that guarantees high performance. Machine learning algorithm selection for model building can be subjective [9]. Hence, the need for a Multi-Criteria Decision Making (MCDM) approach for optimal algorithm selection [10] is desirable. The threat modeling tools must include components that perceive, learn, interpret, reason and decide; with emphasis on the decision about what is constituted as a threat or not.

Cyber threats lead to risks. Risks in cyber security are as a result of technical vulnerabilities and degradation of fundamental operational practices over time. These practices change organization from safe and sound practices region to a state where an attack will be successful with a greater organizational adverse effect [11]. The security teams investigate threat modeling to assign priority to threats to ensure that attention and resources are spread efficiently. The different levels of priority ensure correct threat mapping resulting from efficient mitigation. Threat modeling often

*Application of Artificial Intelligence in User Interfaces Design for Cyber Security Threat Modeling DOI: http://dx.doi.org/10.5772/intechopen.96534*

assist security teams in maintaining safety against possible emerging threats as it is conducted frequently [7]. This frequency can be improved by applying intelligence in the User Interface (UI) design so that the cyber threats can be appropriately modeled using machine learning algorithms. Areas where there is a lack of protection in the adopted tools can also be clarified by modeling threats and facilitating team decision making where the component is appropriate. Krishnan [12] suggested that Intelligent User Interface (IUI) will also be helpful in the prioritization of current applications based on the predicted threat effects and magnitude.
