STRIDE Threats:
Spoofing, Tampering, Repudiation, Information disclosure, Denial of service(DoS), Elevation of privilege.
In this, the three STRIDE threats which I chose are Spoofing, Tampering and Denial of service.
Spoofing: Spoofing means misrepresenting itself successfully through a person or system in a situation where that fools a target which interacts with that as a misrepresented system. This comes in many forms, in network security ARP (Address resolution protocol) and BGP (Border gateway protocol) spoofing plague the internet as Man in the middle attacks.
Example: The best example of identifying spoofing is illegally accessing and then using another user’s authenticated information, like username and password.
Tampering: Tampering is the act of modifying the data through the unauthorized channels, this is one of the biggest security threats that can face any application or organization. This will involve the malicious modification of data.
Example: Unauthorized changes made to persistent data.
In the instances, wherever the data packets are being transmitted unprotected a hacker can interrupt the data packets flow and modify its all information and then send it to the different designated address.
Denial of Service: This can interrupt the whole system for the service done by the host which is connected to the internet. These attacks have become more increasing in complexity. Therefore, this attack is now known as most prevalent attack in the internet.
Example: By making the server temporarily unused, you must protect some of the DoS threats which by default increases the system’s availability and reliability.