@inproceedings{a096fe93d71d4cfaa092b5b7e9310619,
title = "A Comparative Analysis of Threat Modelling Methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN",
abstract = "Novel cybersecurity threats are constantly emerging and posing significant security challenges to organisations; therefore, it is important for organisations to proactively analyse the existing and emerging cybersecurity threats against their systems. Threat modelling methods are very effective in proactively analysing cybersecurity threats and enhancing organisational security policies and defence mechanisms against these cybersecurity threats. Several threat modelling methods have been proposed, and it is important for security experts to select the appropriate threat modelling methods for an organisation according to their specific security challenges and cybersecurity threats. This paper will present a comparative analysis of six threat modelling methods: STRIDE, DREAD, VAST, PASTA, OCTAVE, and LINDDUN. It will provide a concise description of all the aforementioned threat modelling methods, and subsequently, a comparative analysis of these six threat modelling methods for highlighting their relative strengths and limitations.",
keywords = "Cyber Threat, Cyberattack, Cyberthreat, DREAD Model, LINDDUN Model, OCTAVE Model, PASTA Model, STRIDE Model, Threat Modelling, Threat Models, VAST Model",
author = "Nitin Naik and Paul Jenkins and Paul Grace and Dishita Naik and S. Prajapat and Jingping Song",
note = "Publisher Copyright: {\textcopyright} The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.; International Conference on Computing, Communication, Cybersecurity and AI, C3AI 2024 ; Conference date: 03-07-2024 Through 04-07-2024",
year = "2024",
month = dec,
day = "20",
doi = "10.1007/978-3-031-74443-3_16",
language = "English",
isbn = "9783031744426",
series = "Lecture Notes in Networks and Systems",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "271--280",
editor = "Nitin Naik and Paul Grace and Paul Jenkins and Shaligram Prajapat",
booktitle = "Contributions Presented at The International Conference on Computing, Communication, Cybersecurity and AI - The C3AI 2024",
}