Threat Modeling

Threat modeling systemically analyzes a system to determine its security threats. There is existing threat model databases from NIST and MITRE under National Vulnerability Database. However, these databases are event driven. So what does it mean by event-driven? Whenever a new attack is proposed, the database becomes obsolete and require manual entries. Though the vulnerability or weakness might be same, and the attack technique is just different. I plan to use Machine learning and Natural Language Processing to infer interlink between these databases. Later, I plan to connect these vulnerability databases with the underlying hardware properties to mitigate at the root. I plan to collaborate with experts from ML, verification, and computer science domain.