Scribd
Upload
2K views

Sample Report - Threat Model

This document provides a security threat model for an e-commerce application called SIJamsAndJellies.com. It identifies 5 main threats: 1) code is executed on the server through injection attacks, 2) confidential data is disclosed through errors, 3) attackers increase access rights through session hijacking or credential theft, 4) the service becomes unusable through denial of service attacks, and 5) data is compromised through SQL injection or command execution. The threat model overview identifies features, individual threats, creates threat trees to expand each threat, and constructs an escalation model showing relationships between threats.

Uploaded by

LRampaul
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
2K views

Sample Report - Threat Model

This document provides a security threat model for an e-commerce application called SIJamsAndJellies.com. It identifies 5 main threats: 1) code is executed on the server through injection attacks, 2) confidential data is disclosed through errors, 3) attackers increase access rights through session hijacking or credential theft, 4) the service becomes unusable through denial of service attacks, and 5) data is compromised through SQL injection or command execution. The threat model overview identifies features, individual threats, creates threat trees to expand each threat, and constructs an escalation model showing relationships between threats.

Uploaded by

LRampaul
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Sample Report

Security Threat Model


Prepared by Security Innovation

Table of Contents
1.0 Executive Summary ............................................................................................ 3 2.0 Features ............................................................................................................. 3 3.0 Individual Threats ............................................................................................... 3 4.0 Threat Model Overview ....................................................................................... 3 5.0 Threat Trees ....................................................................................................... 4 6.0 Threat Escalation Model ..................................................................................... 7

1.0 Executive Summary


SIJamsAndJellies.com is an e-commerce application that has been instrumented to contains common web application vulnerabilities.

2.0 Features
Authenticated access Authorized access To customer features To application admin features Sensitive data integrity is protected Credentials Confidential information (credit card information) Data integrity is protected user database cannot be tampered with general information (billing address etc) is protected

3.0 Individual Threats


Threat #1: Code is executed on the server Threat #2: Confidential data is disclosed Threat #3: Attacker increases his access rights Threat #4: The service is unusable Threat #5: Data is compromised

4.0 Threat Model Overview


1. 2. 3. 4. Identify features Identify individual threats Create threat trees Construct threat escalation model

5.0 Threat Trees


Threat #1: Code is executed on the server

Threat #1 Code is executed on the server

Inject commands

Overflow buffers

and

Perform SQL injection attacks

Perform OS command injection attacks

Remove client-side validation

Perform long string injection attacks

Threat #2: Confidential data is disclosed

Threat #2 Confidential data is disclosed

Error messages at login time divulge too much information

Study error messages displayed at login failure

Threat #3: Attacker increases his access rights

Threat #3 Attacker increases his access rights

and

Hijack someone elses session

Replay a stolen session

Log in without the proper credentials

Use forceful browsing to access pages with no proper authentication

Perform cross-site scripting attack

Sniff the session ID using a network sniffer

Perform SQL injection

Perform brute-force/ dictionary attacks

Use URL tampering techniques

Threat #4: The service is unusable

Threat #4 The service is unusable

Perform buffer oveflow attack

Perform DoS attacks

and

Remove client-side validation

Perform long string injection attacks

Threat #5: Data is compromised

Threat #5 Data is compromised

Users are added or removed

User information is modified

Perform SQL injection attacks

Perform OS command injection attacks

6.0 Threat Escalation Model

Threat #5 Data is compromised

Threat #1 Code is executed on the server

Users are added or removed

User information is modified

Threat #2 Confidential data is disclosed

Inject commands

Overflow buffers
Error messages at login time divulge too much information

and Perform SQL injection attacks Perform OS command injection attacks Remove client-side validation Perform long string injection attacks
Perform SQL injection attacks Perform OS command injection attacks

Threat #3 Attacker increases his access rights

Attacks against the e-commerce application


Threat #4 The service is unusable

Study error messages displayed at login failure

and Use forceful browsing to access pages with no proper authentication

Hijack someone elses session

Replay a stolen session

Log in without the proper credentials

Perform buffer oveflow attack

Perform DoS attacks

and Perform long string injection attacks

Perform cross-site scripting attack

Sniff the session ID using a network sniffer

Perform SQL injection

Perform bruteforce/dictionary attacks

Use URL tampering techniques

Remove clientside validation

Severity color scheme: Yellow represents P1 issues Green represents P2 issues

You might also like