Quiz Entry - updated: 2026.07.14
What is Tampering in STRIDE and what security property does it violate?
Modifying data or code without authorization — it violates Integrity.
Tampering:
| Aspect | Description |
|---|---|
| Property violated | Integrity |
| Definition | Modify data or code |
| Examples | Modifying a DLL on disk, altering a data packet in transit |
Real-world attacks:
- Tampering with a shared library - attackers who breach a widely-included script (e.g. an analytics provider's JavaScript) can alter what it does on every site that loads it — such as silently rewriting a crypto-withdrawal page to send funds to the attacker.
- Smart-lock tampering - manipulating the firmware or signals of an internet-connected door lock to unlock it.
- Man-in-the-middle attacks - sitting between two parties and modifying data in transit.
Mitigation: Digital signatures, checksums, secure channels, code signing.