1

What could be the Relationship between threat analysis and attack modeling.

Both are pretty close, have different perspectives but I need to know the relationships or in other words, how can they got integrated in an organization.

Update: Here are the two definitions found on net:

Cyber threat analysis is a process in which the knowledge of internal and external information vulnerabilities pertinent to a particular organization is matched against real-world cyber attacks.

Analyzing the threat is the steps of

  • defining the scope of threats/risks
  • Collecting/gathering necessary information
  • Analyzing the data (Threat/Vulnerability Analysis of Risks and determining the level of Risk)
  • Action, Mitigation & Anticipation [Ref]

Attack Modeling "One of the points we need to make here is that when you try to model things from an adversarial viewpoint, you are Attack Modeling, not Threat Modeling. When you start with a vulnerability, and see what kind of damage you can do, you are modeling an attack. This is how traditional 'bug hunting' "threat modeling" operates. So technically, we haven't been threat modeling at all, we've been attack modeling.

Examples: THREAT: Getting our customer data exposed to unauthorised individuals. RISK: The likelihood of getting our customer data exposed is medium and if realised would result in a $5,000,000 financial loss in addition to loss of customer loyalty. ATTACK: Exploiting an SQL Injection vulnerability resulting in the bad guy being able to download the customer database. It is important to remember this distinction when you are performing your security evaluations, threat modelling, and penetration testing." Ref

Mohammad
  • 517
  • 6
  • 17

1 Answers1

0

I'm not sure where you got those definitions, but let me try to simplify.

The English word "threat" has many meanings. "There's a threat of a hurricane this weekend." "He threatened to hit me!" "There's a buffer overflow threat." Similarly, "Someone could use a buffer overflow to attack that."

In my book on threat modeling, I defined a 4 step framework for thinking about threat modeling:

  1. What are we working on?
  2. what can go wrong?
  3. what will we do about it?
  4. did we do a good job?
Adam Shostack
  • 2,659
  • 1
  • 10
  • 12
  • Thanks, that was a nice understanding on that modelling. But my question was regarding "threat analysis" and "attack modelling". Would you lindly shed light on those terms? – Mohammad Apr 22 '18 at 19:17
  • I do not know where you got those terms, or in what way you're using them. – Adam Shostack Apr 22 '18 at 20:15
  • As I said, the terms have many meanings, and I was unsure which ones you're using. Best of luck. – Adam Shostack Apr 22 '18 at 20:54
  • Thanks a lot. That was so kind of you and your answer enlightened me as well. – Mohammad Apr 22 '18 at 21:06
  • Here [link](https://www.techrepublic.com/article/attack-modeling-vs-threat-modeling/) I found the difference between them: "One of the points we need to make here is that when you try to model things from an adversarial viewpoint, you are Attack Modeling, not Threat Modeling. When you start with a vulnerability, and see what kind of damage you can do, you are modeling an attack. This is how traditional 'bug hunting' "threat modeling" operates. So technically, we haven't been threat modeling at all, we've been attack modeling." – Mohammad Apr 23 '18 at 07:01