Cybersecurityknowledge~6 mins

Threat modeling (STRIDE, DREAD) in Cybersecurity - Full Explanation

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Introduction

Imagine building a house without checking where it might be vulnerable to break-ins or damage. Threat modeling helps identify possible dangers to a system before they happen, so you can protect it better.

Explanation

STRIDE Model

STRIDE is a way to think about different types of threats by categorizing them into six groups: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege. Each category helps identify specific risks that could harm a system's security.

STRIDE breaks down threats into six clear types to spot weaknesses in a system.

DREAD Model

DREAD is a method to measure how serious a threat is by scoring it on five factors: Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability. This helps prioritize which threats need the most attention.

DREAD scores threats to decide which ones are the most dangerous.

Real World Analogy

Think of planning security for a store. STRIDE is like listing all possible ways a thief could break in or cause trouble. DREAD is like rating each risk by how bad it would be, how easy it is to do, and how likely it is to happen, so the store owner knows what to fix first.

STRIDE Model → Listing all ways a thief might break in or cause problems in a store

DREAD Model → Rating each risk by how bad and likely it is to decide what to fix first

Diagram

┌─────────────┐       ┌─────────────┐
│   STRIDE    │──────▶│ Identify    │
│  (6 threat  │       │ threat types│
│   categories)│       └─────────────┘
└─────────────┘             │
                            ▼
                      ┌─────────────┐
                      │   DREAD     │
                      │ (5 scoring  │
                      │  factors)   │
                      └─────────────┘
                            │
                            ▼
                   ┌─────────────────┐
                   │ Prioritize risks │
                   └─────────────────┘

This diagram shows how STRIDE identifies threat types, which are then scored by DREAD to prioritize risks.

Key Facts

Spoofing → Pretending to be someone else to gain unauthorized access.

Tampering → Changing data or code without permission.

Repudiation → Denying an action that was performed.

Information Disclosure → Exposing private data to unauthorized parties.

Denial of Service → Making a system unavailable to users.

Elevation of Privilege → Gaining higher access rights than allowed.

DREAD → A scoring system to rate threats by Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability.

Common Confusions

Believing STRIDE and DREAD are the same thing.

Believing STRIDE and DREAD are the same thing. STRIDE categorizes types of threats, while DREAD scores how severe those threats are; they work together but serve different purposes.

Thinking DREAD scores are exact measurements.

Thinking DREAD scores are exact measurements. DREAD scores are estimates to help prioritize risks, not precise calculations.

Summary

Threat modeling helps find and fix security problems before they happen.

STRIDE breaks down threats into six clear categories to understand possible attacks.

DREAD scores threats to decide which ones need the most urgent attention.