Cybersecurity has many challenges to address to ensure the protection of a system from an attacker. Consequently, strategies have been developed to address a system’s weakness that an attacker may try to exploit. However, while these approaches may prevent an attacker from getting in from the outside, they do not consider the user’s actions from the inside and how their behavior may inadvertently allow an attack to occur. This paper presents a human-centered approach to threat modeling titled STRIDE-HF, which extends the existing threat modeling framework STRIDE.

A Human Factor Approach to Threat Modeling / Ferro, L. S.; Marrella, A.; Catarci, T.. - 12788:(2021), pp. 139-157. (Intervento presentato al convegno 3rd International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2021, held as part of the 23rd International Conference, HCI International 2021 tenutosi a Virtual, Online) [10.1007/978-3-030-77392-2_10].

A Human Factor Approach to Threat Modeling

Ferro L. S.
;
Marrella A.
;
Catarci T.
2021

Abstract

Cybersecurity has many challenges to address to ensure the protection of a system from an attacker. Consequently, strategies have been developed to address a system’s weakness that an attacker may try to exploit. However, while these approaches may prevent an attacker from getting in from the outside, they do not consider the user’s actions from the inside and how their behavior may inadvertently allow an attack to occur. This paper presents a human-centered approach to threat modeling titled STRIDE-HF, which extends the existing threat modeling framework STRIDE.
2021
3rd International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2021, held as part of the 23rd International Conference, HCI International 2021
Cybersecurity; Human factors; Threat modeling
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
A Human Factor Approach to Threat Modeling / Ferro, L. S.; Marrella, A.; Catarci, T.. - 12788:(2021), pp. 139-157. (Intervento presentato al convegno 3rd International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2021, held as part of the 23rd International Conference, HCI International 2021 tenutosi a Virtual, Online) [10.1007/978-3-030-77392-2_10].
File allegati a questo prodotto
File Dimensione Formato  
Ferro_postprint_A-Human_2021.pdf

accesso aperto

Tipologia: Documento in Post-print (versione successiva alla peer review e accettata per la pubblicazione)
Licenza: Creative commons
Dimensione 602.33 kB
Formato Adobe PDF
602.33 kB Adobe PDF
Ferro_A-Human_2021.pdf

solo gestori archivio

Tipologia: Versione editoriale (versione pubblicata con il layout dell'editore)
Licenza: Tutti i diritti riservati (All rights reserved)
Dimensione 1.62 MB
Formato Adobe PDF
1.62 MB Adobe PDF   Contatta l'autore

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1621881
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 1
  • ???jsp.display-item.citation.isi??? 1
social impact