COTTAGE: Supporting Threat Analysis for Security Novices with Auto-Generated Attack Defense Trees

Keita Yamamoto; Masaki Oya; Masaki Hashimoto; Haruhiko Kaiya; Takao Okubo

doi:10.5220/0013556600003964

COTTAGE: Supporting Threat Analysis for Security Novices with Auto-Generated Attack Defense Trees

Keita Yamamoto, Masaki Oya, Masaki Hashimoto, Haruhiko Kaiya, Takao Okubo

2025

Abstract

In software and system development, threat analysis, especially scenario analysis to analyze the steps of an attack, requires a high degree of expertise and long hours of work, which is becoming more and more difficult in short development time, such as Agile and DevOps. In addition, the increased demand for systems has created the need for people without enough security expertise to perform threat analysis. In this paper, we developed COTTAGE, a tool that automatically generates Attack Defense Trees (ADTrees) from CAPEC and CWE knowledge bases and supports the creation of ADTrees that can be used for tree generation by those conducting the analysis. Our evaluation with six security novices demonstrated that COTTAGE enabled participants to perform threat analysis comparable to expert analysis within 30 minutes, whereas experts typically required approximately two days. The case study in a DevOps environment further confirmed COTTAGE’s effectiveness in supporting iterative security analysis through automatically generated reference trees.

Download

Paper Citation

in Harvard Style

Yamamoto K., Oya M., Hashimoto M., Kaiya H. and Okubo T. (2025). COTTAGE: Supporting Threat Analysis for Security Novices with Auto-Generated Attack Defense Trees. In Proceedings of the 20th International Conference on Software Technologies - Volume 1: ICSOFT; ISBN 978-989-758-757-3, SciTePress, pages 132-142. DOI: 10.5220/0013556600003964

in Bibtex Style

@conference{icsoft25,
author={Keita Yamamoto and Masaki Oya and Masaki Hashimoto and Haruhiko Kaiya and Takao Okubo},
title={COTTAGE: Supporting Threat Analysis for Security Novices with Auto-Generated Attack Defense Trees},
booktitle={Proceedings of the 20th International Conference on Software Technologies - Volume 1: ICSOFT},
year={2025},
pages={132-142},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0013556600003964},
isbn={978-989-758-757-3},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Software Technologies - Volume 1: ICSOFT
TI - COTTAGE: Supporting Threat Analysis for Security Novices with Auto-Generated Attack Defense Trees
SN - 978-989-758-757-3
AU - Yamamoto K.
AU - Oya M.
AU - Hashimoto M.
AU - Kaiya H.
AU - Okubo T.
PY - 2025
SP - 132
EP - 142
DO - 10.5220/0013556600003964
PB - SciTePress