A Comparative Analysis of Threat Modelling Methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN

Nitin Naik*, Paul Jenkins, Paul Grace, Dishita Naik, S. Prajapat, Jingping Song

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Novel cybersecurity threats are constantly emerging and posing significant security challenges to organisations; therefore, it is important for organisations to proactively analyse the existing and emerging cybersecurity threats against their systems. Threat modelling methods are very effective in proactively analysing cybersecurity threats and enhancing organisational security policies and defence mechanisms against these cybersecurity threats. Several threat modelling methods have been proposed, and it is important for security experts to select the appropriate threat modelling methods for an organisation according to their specific security challenges and cybersecurity threats. This paper will present a comparative analysis of six threat modelling methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN. It will provide a concise description of all the aforementioned threat modelling methods, and subsequently, a comparative analysis of these six threat modelling methods for highlighting their relative strengths and limitations.

Original languageEnglish
Title of host publicationContributions Presented at The International Conference on Computing, Communication, Cybersecurity and AI - The C3AI 2024
EditorsNitin Naik, Paul Grace, Paul Jenkins, Shaligram Prajapat
PublisherSpringer Science and Business Media Deutschland GmbH
Pages271-280
Number of pages10
ISBN (Print)9783031744426
DOIs
Publication statusPublished - 20 Dec 2024
EventInternational Conference on Computing, Communication, Cybersecurity and AI, C3AI 2024 - London, United Kingdom
Duration: 3 Jul 20244 Jul 2024

Publication series

NameLecture Notes in Networks and Systems
Volume884 LNNS
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

ConferenceInternational Conference on Computing, Communication, Cybersecurity and AI, C3AI 2024
Country/TerritoryUnited Kingdom
CityLondon
Period3/07/244/07/24

Keywords

  • Cyber Threat
  • Cyberattack
  • Cyberthreat
  • DREAD Model
  • LINDDUN Model
  • OCTAVE Model
  • PASTA Model
  • STRIDE Model
  • Threat Modelling
  • Threat Models
  • VAST Model

Cite this