Skip to main content

Impact Estimation of Security Attack and Mitigation Strategy using Goal-Based Threat Modeling in a Peer-to-Peer Cloud System


Addressing non-functional requirements is essential in Requirements Engineering and this also covers security requirements of any system. Threat modeling forms an important way of identifying security requirements. This paper considers an existing Non-Functional Requirement-based (using Softgoal Interdependency Graph or SIG) approach to perform threat modeling on Peer-to-Peer Cloud Systems (P2PCS) for Zeus bot attack. For an attack of Zeus or its variant, a method for impact calculation in case an attack materializes is proposed. The paper also suggests a weighted method of impact calculation of operationalization goals which are mitigation measures to avoid security attacks. Other contribution of this paper is finding minimum set of softgoals using causal logic. Finally, the paper also lists high level security requirements and testing sequences for a given attack scenario. The paper is case study based and provides an exploratory approach towards establishing the practice of goal-based threat modeling as a method for security requirements engineering in a Peer-to-Peer Cloud system.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4


  1. O. Babaoglu, M. Marzolla, Peer-to-peer cloud computing. University of Bologna, Italy, Department of Computer Science and Engineering 9 (2011)

  2. O. Babaoglu, M. Marzolla, M. Tamburini, Design and implementation of a p2p cloud system. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 412–417 (2012). ACM

  3. D. Leprince-Ringuet, Banks are moving their core operations into the cloud at a rapid rate. But new tech brings new challenges. (2021 (accessed October 23, 2021))

  4. N. Alhebaishi, L. Wang, S. Jajodia, A. Singhal, Threat modeling for cloud data center infrastructures. In: International Symposium on Foundations and Practice of Security, pp. 302–319 (2016). Springer

  5. N. Alhebaishi, L. Wang, A. Singhal, Threat modeling for cloud infrastructures. EAI Endors. Trans. Secur. Saf. 5(17), 5 (2018)

    Google Scholar 

  6. S. Manzoor, T. Vateva-Gurova, R. Trapero, N. Suri, Threat modeling the cloud: an ontology based approach. In: International Workshop on Information and Operational Technology Security Systems, pp. 61–72 (2018). Springer

  7. A. Gholami, E. Laure, Advanced cloud privacy threat modeling. arXiv preprint arXiv:1601.01500 (2016)

  8. P. Kamongi, M. Gomathisankaran, K. Kavi, Nemesis: Automated architecture for threat modeling and risk assessment for cloud computing. In: Proc. 6th ASE International Conference on Privacy, Security, Risk and Trust (PASSAT) (2014)

  9. F. Swiderski, W. Snyder, Threat Modeling (Microsoft Press, Redmond, 2004)

    Google Scholar 

  10. B. Schneier, Attack trees. Dr. Dobb’s J. 24(12), 21–29 (1999)

    Google Scholar 

  11. S. Mauw, M. Oostdijk, Foundations of attack trees. In: International Conference on Information Security and Cryptology, pp. 186–198 (2005). Springer

  12. A. Dardenne, A. Van Lamsweerde, S. Fickas, Goal-directed requirements acquisition. Sci. Comput. Program. 20(1–2), 3–50 (1993)

    Article  Google Scholar 

  13. M.N. Johnstone, Threat modelling with stride and uml (2010)

  14. N. Shevchenko, T.A. Chick, P. O’Riordan, T.P. Scanlon, C. Woody, Threat Modeling: A Summary of Available Methods (Carnegie Mellon University Software Engineering Institute Pittsburgh United., Technical report, 2018)

  15. N. Alhebaishi, L. Wang, S. Jajodia, A. Singhal, Threat modeling for cloud data center infrastructures. In: International Symposium on Foundations and Practice of Security, pp. 302–319 (2016). Springer

  16. E.A. Oladimeji, S. Supakkul, L. Chung, Security threat modeling and analysis: a goal-oriented approach. In: Proc. of the 10th IASTED International Conference on Software Engineering and Applications (SEA 2006), pp. 13–15

  17. N. Etaher, G.R. Weir, M. Alazab, From zeus to zitmo: trends in banking malware. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, vol. 1, pp. 1386–1391 (2015). IEEE

  18. Z. Zhu, G. Lu, Y. Chen, Z.J. Fu, P. Roberts, K. Han, Botnet research survey. In: 2008 32nd Annual IEEE International Computer Software and Applications Conference, pp. 967–972 (2008). IEEE

  19. J.B. Grizzard, V. Sharma, C. Nunnery, B.B. Kang, D. Dagon, Peer-to-peer botnets: overview and case study. HotBots 7, 1–1 (2007)

    Google Scholar 

  20. R.A. Certeza, NECURS: The Malware That Breaks Your Security. [TrendMicro] (2014)

  21. D. Andriesse, H. Bos, An analysis of the zeus peer-to-peer protocol. VU University Amsterdam, Tech. Rep. IR-CS-74 (2013)

  22. D. Andriesse, C. Rossow, B. Stone-Gross, D. Plohmann, H. Bos, Highly resilient peer-to-peer botnets are here: An analysis of gameover zeus. In: 2013 8th International Conference on Malicious and Unwanted Software:” The Americas”(MALWARE), pp. 116–123 (2013). IEEE

  23. S. Malenkovich, Defending Yourself Against Cross-Platform Threats. [Kaspersky] (2013)

  24. O.C.A.A. ll, Blackhole Exploit Kit Spam Runs: A Threat Vortex? [Online] (2013)

  25. J. Wyke, Notorious “Gameover” malware gets itself a kernel-mode rootkit..... [Online] (2014)

  26. N. Griffin, Zeus GameOver. [Forcepoint] (2014)

  27. C. for Internet Security Blog, Malware Analysis Report: Nemucod Ransomware. [Center for Internet Security]

  28. H.-Y. Lock, A. Kliarsky, Using ioc (indicators of compromise) in malware forensics. SANS Institute InfoSec Reading Room (2013)

  29. A. Van Lamsweerde, Goal-oriented requirements engineering: A guided tour. In: Requirements Engineering, 2001. Proceedings. Fifth IEEE International Symposium On, pp. 249–262 (2001). IEEE

  30. F. Pub, Standards for security categorization of federal information and information systems (2004)

  31. L. Chung, J.C.S. do Prado Leite, On non-functional requirements in software engineering. In: Conceptual Modeling: Foundations and Applications, pp. 363–379. Springer, Berlin (2009)

  32. J. Mylopoulos, L. Chung, B. Nixon, Representing and using nonfunctional requirements: a process-oriented approach. IEEE Trans. Softw. Eng. 18(6), 483–497 (1992)

    Article  Google Scholar 

  33. A. Dardenne, S. Fickas, A. van Lamsweerde, Goal-directed concept acquisition in requirements elicitation. In: Proceedings of the 6th International Workshop on Software Specification and Design, pp. 14–21 (1991). IEEE Computer Society Press

  34. S. Yamamoto, An approach for evaluating softgoals using weight. In: Information and Communication Technology-EurAsia Conference, pp. 203–212 (2015). Springer

  35. N. Kobayashi, S. Morisaki, N. Atsumi, S. Yamamoto, Quantitative non functional requirements evaluation using softgoal weight. J. Internet Serv. Inf. Secur. 6(1), 37–46 (2016)

    Google Scholar 

  36. D. Geiger, J. Pearl, On the logic of causal models. In: Machine Intelligence and Pattern Recognition vol. 9, pp. 3–14. Elsevier, Berlin (1990)

  37. S. De, M.S. Barik, I. Banerjee, Goal based threat modeling for peer-to-peer cloud. Proc. Comput. Sci. 89, 64–72 (2016)

    Article  Google Scholar 

  38. E. Chiang, T. Menzies, Simulations for very early lifecycle quality evaluations. Softw. Process Improv. Pract. 7(3–4), 141–159 (2002)

    Article  Google Scholar 

  39. E.S. Yu, J. Mylopoulus, Using goals, rules and methods to support reasoning in business process reengineering. Intell. Syst. Account. Financ. Manag. 5(1), 1–13 (1996)

    Article  Google Scholar 

Download references


RE-Tools, an open source requirements modeling toolkit which supports NFR framework for non-functional requirements (NFRs) modeling has been used to gain better understanding of Softgoal Interdependency Graph (SIG).


The authors have not received any financial support, funding or grant from any organization for conducting the study and preparation of the manuscript.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Sanghamitra De.

Ethics declarations

Conflict of Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

De, S., Barik, M.S. & Banerjee, I. Impact Estimation of Security Attack and Mitigation Strategy using Goal-Based Threat Modeling in a Peer-to-Peer Cloud System. J. Inst. Eng. India Ser. B (2022).

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI:


  • Peer-to-Peer Cloud System
  • Softgoal Interdependency Graph (SIG)
  • Zeus botnet
  • Threat modeling
  • Causal Logic