| First level threats | Second level threats | Damage | Solutions |
| Data not effectively protected | Data tampering | Data distortion or invalid | Tamper detection, User authentication, data encryption, Tamper proof material |
| Data exposure | Illegal use User’ data | User authentication, data encryption, Audit, Construct machine learning model | |
| Data monitored or collected | Privacy disclosure | Establishment of special system, data encryption | |
| User exception | Illegal act | Break the role code of conduct | Intrusion detection, Establishment of special system, User behavior analysis |
| Unauthorized access | Illegal processing of data | Access control | |
| Weak safety awareness | Create a breakthrough for attackers | Empirical research | |
| Vulnerability of Defense system | Bug | Used to destroy the database | Safety assessment, Empirical framework |
| Inaccurate identification | Reject normal users and accept illegal users | User authentication | |
| External attack | Spam | Occupy a lot of storage space and commit fraud | Access control |
| Malicious traffic | Server works abnormally | Audit, Intrusion detection | |
| SQL injection | Embedded trojan horse and illegal right raising | Access control, Access control, User behavior analysis, System risk prediction | |
| Illegal access | Break system authentication mechanism and obtain others data | User authentication, Establishment of special system, Intrusion detection | |
| Malicious software | Illegal access to user secret data | Data encryption, Malware detection, Intrusion detection | |
| DDoS attack | System functions not available | Intrusion detection, Access control | |
| Bypass and physical attack | Hardware Damage and less preventable | Intrusion detection, Tamper proof material |