SAD LAB -3

AIM- To study and perform Threat modelling using STRIDE methodology

Theory-
Threat Modelling:

At its core, threat modelling is a systematic approach employed during the software
development lifecycle to analyze and pre-emptively address security concerns. It involves
identifying potential threats, evaluating their potential impact, and formulating strategies to
mitigate these threats. By adopting threat modelling, engineers can effectively integrate
security considerations into the design phase of their projects, ensuring that vulnerabilities are
identified and rectified before they can be exploited.

STRIDE Framework:

The STRIDE framework serves as an invaluable tool within the realm of threat modeling. It's
an acronym encompassing six distinct threat categories: Spoofing, Tampering, Repudiation,
Information Disclosure, Denial of Service (DoS), and Elevation of Privilege. Each category
encapsulates a specific type of threat that software systems might encounter. These categories
act as a comprehensive guide, enabling engineers to categorize and analyze potential security
risks systematically.

Understanding the STRIDE Categories:

 Spoofing: This involves an attacker impersonating a legitimate entity. For instance,

inadequate authentication mechanisms can expose the system to unauthorized access
attempts.
 Tampering: Unauthorized modification of data or code, often due to insufficient data
validation, can lead to compromised system integrity.
 Repudiation: Poorly logged user actions can enable users to deny their involvement,
posing challenges during incident investigations.
 Information Disclosure: Weak access controls might allow unauthorized users to gain
access to sensitive information, leading to data breaches.
 Denial of Service (DoS): Inadequate resource management can make the system
vulnerable to flooding attacks, rendering it unavailable to legitimate users.

SAD SHAH JENIL IT_B22_2005103

  Elevation of Privilege: Flaws in authorization can allow unauthorized users to gain
access to higher-level functions, potentially compromising the system's security.

STRIDE MODEL for Financial Web App

Threat
Category Definition Vulnerability Example Counter Measures

Weak authentication
Falsely presenting oneself allowing unauthorized Implement strong multi-
Spoofing as another entity access factor authentication

Unauthorized
modification of data or Manipulating transaction Implement data integrity
Tampering code data to alter amounts checks and encryption

Denying a performed Customer denies making a Implement detailed

Repudiation action or transaction financial transaction transaction logging

Apply principle of least

Information Unauthorized access to Inadequate access controls privilege, encrypt sensitive
Disclosure sensitive information exposing customer data data

Denial of Disrupting services to Overloading server to Implement rate limiting, use

Service affect availability cause app unavailability load balancers

Unauthorized access to
Elevation of higher-level Exploiting a vulnerability Regularly update software,
Privilege functionalities to gain admin access apply least privilege

LAB OUTCOME – LO2 To understand the Owasp methodologies and standards.

Conclusion-

In an environment where cyber threats are constantly evolving, security measures need to be
integrated proactively. The combination of threat modeling and STRIDE allows engineers to
identify vulnerabilities, customize security measures, and create a robust cybersecurity
culture within the engineering community.

SAD SHAH JENIL IT_B22_2005103