First level threats | Second level threats | Damage | Solutions |
Data not effectively protected | Data tampering | Data distortion or invalid | Tamper detection, User authentication, data encryption, Tamper proof material |
Data exposure | Illegal use User’ data | User authentication, data encryption, Audit, Construct machine learning model | |
Data monitored or collected | Privacy disclosure | Establishment of special system, data encryption | |
User exception | Illegal act | Break the role code of conduct | Intrusion detection, Establishment of special system, User behavior analysis |
Unauthorized access | Illegal processing of data | Access control | |
Weak safety awareness | Create a breakthrough for attackers | Empirical research | |
Vulnerability of Defense system | Bug | Used to destroy the database | Safety assessment, Empirical framework |
Inaccurate identification | Reject normal users and accept illegal users | User authentication | |
External attack | Spam | Occupy a lot of storage space and commit fraud | Access control |
Malicious traffic | Server works abnormally | Audit, Intrusion detection | |
SQL injection | Embedded trojan horse and illegal right raising | Access control, Access control, User behavior analysis, System risk prediction | |
Illegal access | Break system authentication mechanism and obtain others data | User authentication, Establishment of special system, Intrusion detection | |
Malicious software | Illegal access to user secret data | Data encryption, Malware detection, Intrusion detection | |
DDoS attack | System functions not available | Intrusion detection, Access control | |
Bypass and physical attack | Hardware Damage and less preventable | Intrusion detection, Tamper proof material |