Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Artcle STRIDE and Threat Modeling. For this assignment, you will select a curren

ID: 3729913 • Letter: A

Question

Artcle STRIDE and Threat Modeling.

For this assignment, you will select a current (within the last 2 years) article or research paper to review. The article your select MUST be different from the one you reviewed for the Lesson 3 assignment. You may select any article or research paper that is related to Threat Modeling, and specifically references STRIDE. The attached rubric will provide more information on the content requirements, but here is a short list of what I want:

1) Your review should be 1/2 to 1 page, single spaced.

2) Please upload a Microsoft Word document to submit your review.

3) You should summarize the content of the article or paper and explain how it relates to STRIDE and Threat Modeling.

4) Provide your own assessment of the article. (Did it make sense? Did you learn anything from it? Do you agree or disagree with the content?)

5) Use the APA style for the paper and any references.

Explanation / Answer

Hi,

The below link is the research paper which i used to write the review of THREAT MODELING AND SPECIFICALLY STRIDE.

https://pdfs.semanticscholar.org/550f/aeb15d64020c6a995c291b6b9f44f8be656d.pdf

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Threat Modeling is a process by which potential threats can be identified,enumerated and prioiritized.At Board Level there are three types of threat Modeling Techniques, They are namely STRIDE,ATTACK TREES and ATTACK LIBRARIES.

The STRIDE approach was invented by Loren Kohnfelder and Praerit Garg in 1999.STRIDE is an acronym for a threat modeling system that originated at Microsoft. This Tecnique can be used for the enumeration of the threats based on the attcak properties.We have different kinds of Attack Properties in STRIDE.The Attack properties are namely Spoofing,Tampering,Repudiation,Information Disclosure,Denial-of-service,Elivation of Prevellige.Spoofing is a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver(Authentication is the Security Theme).Tampering is technique where illegal changes are made to the data(Integrity is the security Theme).Information Disclosure is revealing too much information about the system or data,by ana unauthorized person(Confidentiallity is the Security Theme).Repudiation is denial of truth of something(Non Repudation is the Security Theme).Denial-of-service is service interruptions for a host or system connected to the Internet(Availability is the security theme).Elivation of prevellige is providing more prevellige to access data ,by that the attacker can access the adminstartive prevlliged modules as well(Authorization is the Security Theme).The Stride Technique is useful in identifying the threats,but how to lessen the threats is not addreessed.

Attack Trees is the conceptual representation of the threats.The Threats are represented in the tree structure,where our primary goal will be the root node,And leaf nodes will be sub goals.In this tree nodes can be represented by "AND" or "Or" nodes.This modeling suits only for the high level representation of the threats not for granular level representation.This Thechnique alone cannot yeild best results for Threat Modelling.Attack Library is technique used to identify the threats from the attackers percepective,This is more check-list model ,since it is adopting attackers percepective.Attack library techniques helps in the mitigation of the threats. But this technique poses a challenge to structure a way to address the defence against these attacks.

Now comes in to picture,HYBRID THREAT MODELING Technique.This is the combination of the threat modeling techniques.By using both the STRIDE and ATTACK LIBRARY.So,the threats can be identified,prioirtized and enumerated by the Stride and threat mitigation can be done by Attack library.Thus we can get the best results of the threat modeling Techniques.

======================================================================================

I got a good knowledge of the threat modelling techniques from the Article ,And I do agree with the content which is very meaningful, easily understandable and logically apt .Since the author of the article didnot use more complex terms,I understood better.

Hope this will help.....

Related Questions

Arrow Industries employos a standard cost system in which direct materials inven
Question #2501846
Arrow Industries employos a standard cost system in which direct materials inven
Question #2501847
Arrow Industries employos a standard cost system in which direct materials inven
Question #2501848
Arrow Industries employs a standard cost system in which direct materials invent
Question #2381903
Arrow Industries employs a standard cost system in which direct materials invent
Question #2478348
Arrow Industries employs a standard cost system in which direct materials invent
Question #2486484
Arrow Industries employs a standard cost system in which direct materials invent
Question #2494274
Arrow Products typically earns a contribution margin ratio of 25 percent and has
Question #2569269
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Art\'s Arts and Crafts Emporium pays its employees based on hours worked and com
Next
Artemisia Press is a maker of upscale stationery. Its products are made from the

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.