Authors

  • Nafisa Yuldasheva
    Tashkent University Of Information Technologies Named After Muhammad Al-Khwarizmi Tashkent, Uzbekistan

DOI:

https://doi.org/10.37547/tajet/Volume06Issue05-05

Keywords:

Confidentiality authorization threat model

Abstract

This article provides an analysis of possible threats and risks in the implementation of voice-based applications. In particular, threat classification according to STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of Service, Elevation of privileges) methodology, threat risk assessment according to DREAD (Damage Potential, Reproducibility, Exploitability, Affected Users, Discoverability) model and issues of taking protective measures against them are considered

 

References

Khan R. et al. STRIDE-based threat modeling for cyber-physical systems //2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). – IEEE, 2017. – С. 1-6.

Zhang L. et al. A risk-level assessment system based on the STRIDE/DREAD model for digital data marketplaces //International Journal of Information Security. – 2022. – С. 1-17.

Suprihanto D., Wardoyo R., Mustofa K. Determination of weighting assessment on DREAD model using profile matching //International Journal of Advanced Computer Science and Applications. – 2018. – Т. 9. – №. 10. – С. 68-72.

76. Tashev K.A., Fayziyeva D.S., Yuldasheva N.S., Bank tizimlarida zaifliklar va tahdidlar tahlili // “Muhammad al-Xorazmiy avlodlari” ilmiy amaliy va axborot-tahliliy jurnali. № 4 (26), 2023. -B. 218-223

Юлдашева Н.С., Холимтаева И.У., Банк тизимида содир этилган фирибгарликни техник усулларининг таҳлили // G.: “Educational Research in Universal Sciences”. ISSN: 2181-3515. VOLUME 1 | ISSUE 6 | November, 2022. -P. 158-162