A Comparative Analysis of Threat Modelling Methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN

Nitin Naik, Paul Jenkins, Paul Grace, Dishita Naik, Shaligram Prajapat, Jingping Song

Research output: Unpublished contribution to conferenceUnpublished Conference Paper

Abstract

Novel cybersecurity threats are constantly emerging and posing significant security challenges to organisations; therefore, it is important for organisations to proactively analyse existing and emerging cybersecurity threats against their systems. Threat modelling methods are very effective in proactively analysing cybersecurity threats and enhancing organisational security policies and defence mechanisms against these cybersecurity threats. Several threat modelling methods have been proposed, and it is important for security experts to select the appropriate threat modelling method for an organisation according to their specific security challenges and cybersecurity threats. This paper will present a comparative analysis of six threat modelling methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN. It will provide a concise description of all the aforementioned threat modelling methods, and subsequently, a comparative analysis of these six threat modelling methods for highlighting their relative strengths and limitations.
Original languageEnglish
Number of pages11
DOIs
Publication statusPublished - 28 Oct 2024

Fingerprint

Dive into the research topics of 'A Comparative Analysis of Threat Modelling Methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN'. Together they form a unique fingerprint.

Cite this