STRIDE-AI: A Threat Modeling Framework for Generative AI Security Assessment

TL;DR

STRIDE-AI is a comprehensive threat modeling framework designed to evaluate and improve the security of generative AI systems, addressing their unique probabilistic vulnerabilities.

Contribution

It introduces a novel AI-specific adaptation of the classical STRIDE threat model and provides a practical web tool for systematic security assessment.

Findings

Reduced attack success rate from 80% to 15% in case study.

Bridged high-level risk standards with technical vulnerability taxonomies.

Validated effectiveness through a deployed LLM chatbot assessment.

Abstract

Traditional cybersecurity methodologies target deterministic systems and fail to address the probabilistic nature of AI, leaving systems vulnerable to attack vectors such as model inversion, data poisoning, and prompt injection. Recent industry reports indicate that a majority of organizations deploying AI lack a dedicated security strategy, with adversarial attacks increasing rapidly year-over-year. We present \textit{STRIDE-AI}, a framework that bridges the gap between high-level risk standards (NIST AI RMF) and technical vulnerability taxonomies (OWASP LLM Top 10). The framework defines a six-phase assessment lifecycle, introduces a threat modeling adaptation of classical STRIDE for AI systems, and is operationalized through a purpose-built web tool. We provide an initial validation of the approach through a black-box assessment of a deployed LLM chatbot, which successfully reduced the attack success rate from 80\% to 15\% in our sandbox case study.