Threat Modeling with STRIDE Method (Part III)
This is the third post of a series on Threat Modeling. It describes “STRIDE Methodology in Threat Modelling?”.
The series consists of following posts:
1.The basics of Threat Modeling
2. An approach to Threat Modeling
3. Threat Modeling with STRIDE Method
Note that this post outlines STRIDE Threat Modeling method. This post does not cover in-depth exploration of STRIDE method but enough for you to get the gist of it. There are many different methods to do Threat Modeling such as PASTA, CVSS, attack trees.
STRIDE is an acronym for the following terms:
S: Spoofing
T: Tampering
R: Repudiation
I: Information disclosure
D: Denial of service
E: Elevation of privilege
Spoofing: Spoofing is another way of saying impersonating. In a spoofing attack, the attacker impersonates another person and gain unauthorised access to sensitive data.
A very common example of it is when an email is sent from a false email address, appearing to be someone else. Typically, these emails request sensitive data. A vulnerable or unaware recipient provides the requested data which will utilised by an attacker to assume the new identity.
Tampering: Tampering involves the process of modifying the data without authorisation. This can be performed by external or internal entities who modifies the data or delete it.
Often, data tampering coincides with other potential threats. For example: An attacker can modify a configuration file to gain system control, insert a malicious file, or delete/modify a log file.
Tampering can be solved by creating a consistent backup process. A daily backup will make sure that your data can be retrieved to its original state after it has been tampered with.
Repudiation: It occurs when a user claims that he/she did not perform the malicious activity when it is clear that he/she did.
Attackers can perform a malicious activity on your organisation’s application and claim to have no connection to it. He/She can easily modify or erase any footprint and throw away any connections he/she might have with that activity.
Information disclosure: This means revealing information that was meant to be hidden, which violates confidentiality. It is also known as information leakage. It happens when an application or website unintentionally reveals data to unauthorised users.
Information leakage is very common and can arise from publicly exposed content or insecurely configured application.
Denial of service: Denial of Service (DoS) attacks restrict an authorised user from accessing resources that they should be able to access. DoS attacks are performed by flooding your application with thousands of fake requests.
An attacker may not get access to data or any financial benefits with DOS attacks, but this activity can cost resources outage.
Elevation of privilege: Elevation of privilege allows an unauthorised user to gain access to the information that he/she are not authorised to view.
An example of this attack could be as simple as an elevation through data tampering where the attacker modifies the disk or memory to execute unauthorised commands.
References:
Thank you for reading this post! Stay tuned for the following posts of this series. If you have any feedback, feel free to contact me on Twitter: sschhatra
