Threat Modeling: Tampering in Depth

Learn how tampering threats work and how to mitigate them. Explore how attackers can tamper with a variety of systems and tools, from debuggers to cloud services.

Introduction

• Mitigate tampering threats
• Four-question framework
• Tampering as part of STRIDE

1. Tampering with a Process

• Debuggers and input
• Libraries
• Mobile

2. Tampering with Storage

• Tampering with local storage
• Permissions
• Effects of tampering

3. Tampering with Things

• Whose screw? Physical tampering matters
• Debug interfaces are exposed

4. Tampering with Time Itself

• Time is increasingly important

5. Tampering with Cloud

• Controls and authentication
• Becoming Jane Admin

6. Tampering with Data Flows

• Channels and messages
• Replay and reflection
• Headers: Injection and order

7. Integrity Defenses

• Prevention and detection goals
• Crypto
• Something more privileged

Conclusion

• Next steps