Threat modeling plays a critical role in the identification and mitigation of security risks; however, manual approaches are often labor intensive and prone to error. This paper investigates the automation of software threat modeling through the clustering of call graphs using density-based and community detection algorithms, followed by an analysis of the threats associated with the identified clusters. The proposed method was evaluated through a case study of the Splunk Forwarder Operator (SFO), wherein selected clustering metrics were applied to the software's call graph to assess pertinent code-density security weaknesses. The results demonstrate the viability of the approach and underscore its potential to facilitate systematic threat assessment. This work contributes to the advancement of scalable, semi-automated threat modeling frameworks tailored for modern cloud-native environments.

翻译：威胁建模在识别与缓解安全风险中起着关键作用；然而，手动方法通常劳动密集且易出错。本文通过使用基于密度的聚类算法和社区发现算法对调用图进行聚类，进而分析识别出的聚类所关联的威胁，研究了软件威胁建模的自动化。所提出的方法通过Splunk Forwarder Operator（SFO）的案例研究进行评估，其中将选定的聚类指标应用于软件的调用图，以评估相关的代码密度安全弱点。结果证明了该方法的可行性，并强调了其在促进系统性威胁评估方面的潜力。这项工作有助于推动为现代云原生环境定制的、可扩展的半自动化威胁建模框架的发展。