LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is Tampering in STRIDE and what security property does it violate?

Modifying data or code without authorization — it violates Integrity.

Tampering:

Aspect Description
Property violated Integrity
Definition Modify data or code
Examples Modifying a DLL on disk, altering a data packet in transit

Real-world attacks:

  • Tampering with a shared library - attackers who breach a widely-included script (e.g. an analytics provider's JavaScript) can alter what it does on every site that loads it — such as silently rewriting a crypto-withdrawal page to send funds to the attacker.
  • Smart-lock tampering - manipulating the firmware or signals of an internet-connected door lock to unlock it.
  • Man-in-the-middle attacks - sitting between two parties and modifying data in transit.

Mitigation: Digital signatures, checksums, secure channels, code signing.

From Quiz: SPRG / SDL and Threat Modeling | Updated: Jul 14, 2026