Threat modeling framework for mobile communication systems
share
Due to the complex nature of mobile communication systems, most of the security efforts in its domain are isolated and scattered across underlying technologies. This has resulted in an obscure view of the overall security. In this work, we attempt to fix this problem by proposing a domain-specific threat modeling framework. By gleaning from a diverse and large body of security literature, we systematically organize the attacks on mobile communications into various tactics and techniques. Our framework is designed to model adversarial behavior in terms of its attack phases and to be used as a common taxonomy matrix. We also provide concrete examples of using the framework for modeling the attacks individually and comparing them with similar ones.
READ FULL TEXT