{"id":"https://openalex.org/W4413680140","doi":"https://doi.org/10.1109/csr64739.2025.11130133","title":"ThreatSpider: CTI-Driven Semi-Automated Threat Modelling for Cybersecurity Certification","display_name":"ThreatSpider: CTI-Driven Semi-Automated Threat Modelling for Cybersecurity Certification","publication_year":2025,"publication_date":"2025-08-04","ids":{"openalex":"https://openalex.org/W4413680140","doi":"https://doi.org/10.1109/csr64739.2025.11130133"},"language":"en","primary_location":{"id":"doi:10.1109/csr64739.2025.11130133","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130133","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5080723499","display_name":"Ahmed Amro","orcid":"https://orcid.org/0000-0002-3390-0772"},"institutions":[{"id":"https://openalex.org/I204778367","display_name":"Norwegian University of Science and Technology","ror":"https://ror.org/05xg72x27","country_code":"NO","type":"education","lineage":["https://openalex.org/I204778367"]}],"countries":["NO"],"is_corresponding":true,"raw_author_name":"Ahmed Amro","raw_affiliation_strings":["Norwegian University of Science and Technology,Dept. of Information Security and Communication Technology (IIK),Gj&#x00F8;vik,Norway"],"affiliations":[{"raw_affiliation_string":"Norwegian University of Science and Technology,Dept. of Information Security and Communication Technology (IIK),Gj&#x00F8;vik,Norway","institution_ids":["https://openalex.org/I204778367"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5038704333","display_name":"Georgios Kavallieratos","orcid":"https://orcid.org/0000-0003-1278-1943"},"institutions":[{"id":"https://openalex.org/I12337491","display_name":"University Graduate Center","ror":"https://ror.org/01svqjv39","country_code":"NO","type":"education","lineage":["https://openalex.org/I12337491"]},{"id":"https://openalex.org/I4210090492","display_name":"Kjeller Innovasjon (Norway)","ror":"https://ror.org/000e19x32","country_code":"NO","type":"company","lineage":["https://openalex.org/I4210090492"]}],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Georgios Kavallieratos","raw_affiliation_strings":["University of Oslo,Dept. of Technology Systems,Kjeller,Norway,2007"],"affiliations":[{"raw_affiliation_string":"University of Oslo,Dept. of Technology Systems,Kjeller,Norway,2007","institution_ids":["https://openalex.org/I4210090492","https://openalex.org/I12337491"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5080723499"],"corresponding_institution_ids":["https://openalex.org/I204778367"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.37732793,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"619","last_page":"625"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9908999800682068,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.978600025177002,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.8076735734939575},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7527300119400024},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.622656524181366},{"id":"https://openalex.org/keywords/political-science","display_name":"Political science","score":0.07213518023490906},{"id":"https://openalex.org/keywords/law","display_name":"Law","score":0.05542841553688049}],"concepts":[{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.8076735734939575},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7527300119400024},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.622656524181366},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.07213518023490906},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.05542841553688049}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr64739.2025.11130133","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr64739.2025.11130133","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2025 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[{"id":"https://openalex.org/F4320334322","display_name":"HORIZON EUROPE Framework Programme","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W2500946548","https://openalex.org/W2906691034","https://openalex.org/W2921968294","https://openalex.org/W2944962671","https://openalex.org/W2973138250","https://openalex.org/W3123076006","https://openalex.org/W3176289544","https://openalex.org/W4294768537","https://openalex.org/W4308971593","https://openalex.org/W4309756669","https://openalex.org/W4312250199","https://openalex.org/W4320915672","https://openalex.org/W4361267523","https://openalex.org/W4376606549","https://openalex.org/W4387730598","https://openalex.org/W4391302954","https://openalex.org/W4396876108","https://openalex.org/W4399660984","https://openalex.org/W4400649808"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2066052364","https://openalex.org/W4243365217","https://openalex.org/W2224296908","https://openalex.org/W2023743128","https://openalex.org/W3109981693","https://openalex.org/W2381980429","https://openalex.org/W2384206113"],"abstract_inverted_index":{"Threat":[0,32],"modelling":[1,27],"is":[2],"a":[3,24],"critical":[4],"component":[5],"of":[6,14,41,70,113],"cybersecurity":[7,45,103,131],"risk":[8,157],"management,":[9],"especially":[10],"in":[11,94],"the":[12,39,48,67,76],"context":[13],"secure":[15],"system":[16,49,149],"development":[17,50,97],"and":[18,44,63,83,89,108,123,152,156],"certification.":[19],"This":[20],"paper":[21],"introduces":[22],"ThreatSpider,":[23],"semi-automated":[25],"threat":[26,72,78,154],"framework":[28],"driven":[29],"by":[30],"Cyber":[31],"Intelligence":[33],"(CTI)":[34],"sources,":[35],"designed":[36],"to":[37,75,125,144],"streamline":[38],"identification":[40],"threats,":[42],"mitigations,":[43],"requirements":[46],"throughout":[47],"lifecycle.":[51],"By":[52],"leveraging":[53],"multiple":[54],"CTI":[55],"feeds,":[56],"such":[57,140],"as":[58,141],"ATT&CK,":[59],"ATLAS,":[60],"EMB3D,":[61],"SPARTA,":[62],"NVD,":[64],"ThreatSpider":[65,114],"enables":[66],"continuous":[68],"generation":[69],"up-to-date":[71],"models":[73],"tailored":[74],"ever-evolving":[77],"landscape.":[79],"The":[80,111],"tool\u2019s":[81],"systematic":[82],"automated":[84],"approach":[85],"reduces":[86],"manual":[87],"effort":[88],"analysis":[90],"time,":[91],"supporting":[92],"industries":[93],"maintaining":[95],"agile":[96],"practices":[98],"while":[99],"seeking":[100],"compliance":[101],"with":[102],"standards":[104],"like":[105],"IEC":[106],"62443":[107],"ISO":[109],"27001.":[110],"evaluation":[112],"across":[115],"diverse":[116],"use":[117],"cases":[118],"highlights":[119],"its":[120],"adaptability,":[121],"effectiveness,":[122],"potential":[124],"become":[126],"an":[127],"essential":[128],"instrument":[129],"for":[130],"certification":[132],"efforts.":[133],"Future":[134],"enhancements":[135],"will":[136],"address":[137],"identified":[138],"limitations,":[139],"extending":[142],"support":[143],"additional":[145],"technology":[146],"domains,":[147],"harmonizing":[148],"property":[150],"granularity,":[151],"integrating":[153],"prioritization":[155],"assessment":[158],"functionalities.":[159]},"counts_by_year":[],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}