In the era of Internet of Things (IoT) the interconnectedness of devices, and thus the need to protect them against threats increased. The widely used threat modeling method STRIDE can be used to identify the system's vulnerabilities and to determine appropriate mitigation solutions. In connected environments, especially the network layer plays a critical role in achieving security. Based on the Network Functions Virtualization (NFV) concept, network functions can be virtualized and provisioned on standard IT hardware. Virtualized Network Functions (VNFs) increase the flexibility of the provisioning, and thus security network functions, such as firewalls, can be easily deployed. However, in a complex distributed system it is time-consuming, error-prone, and for application architects even not possible to identify and provision the required security functions. For the orchestration and management of applications the TOSCA modeling language can be used to describe the application's components and their relations in a deployment model. The standard was mainly developed for cloud applications but was extended to the network layer. In this paper, we present a TOSCA-based approach for threat modeling based on STRIDE that facilitates the automated VNF selection and injection into TOSCA deployment models. The feasibility of our approach is validated by an extension of the TOSCA modeling tool Winery.