STRIDE

STRIDE is an easy-to-use threat modeling methodology developed by Microsoft. STRIDE helps in identifying threats and is an abbreviation for the following terms:

For example, an adversary sends an email to a user pretending to be someone else.

For example, an adversary intercepts network packets, changes payment information, and forwards them to the target.

For example, an adversary sends a threatening email to the victim and later denies sending the email.

For example, an adversary gains a user's password using a brute-force attack.

An adversary gains access to a database containing payment information for many users.

For example, an adversary causes a web server to crash by sending a specially crafted TCP packet, thereby denying access to legitimate end users.

For example, an adversary who isn't even authorized for read access, is able to modify the file as well.

An adversary with a normal (non-privileged) account is able to perform administrator level tasks.

The preceding list of threats could be applied to the components of the target model. Multiple threats could be categorized into threat categories, as shown in the following table:

DREAD category
Threat example
Spoofing An attacker impersonating as administrator, sending out phishing mails to all users in the organization.
Tampering An attacker intercepting and modifying the data sent to from the application.
Repudiation An attacker sending a threatening email and later on denying the same.
Information disclosure An attacker getting access to database containing user credentials in plain text.
Denial of service An attacker sending huge number of packets from multiple sources to one single target in order to bring it down.
Elevation of privileges An attacker exploiting a vulnerable component to escalate privileges.