Abstract:
Security has become a crucial performance measure in today's computer and network systems. One important aspect of this security is to understand the issue as to how different threats could lead to a negative impact and disasters on the functions of a network system. With this consideration, this paper proposes a threat preference approach to evaluate the impact of threats to a system. The proposed approach is synergized with the well-known STRIDE threat model. A tool is also developed to evaluate the level of overall level of overall given a number of threats and threat given a number of threats and threat preference rules. Preliminary analysis of the approach highlights the effectiveness in mitigating threats and attacks.