News About John X. Wang

What Every Engineer Should Know About “Persona non Grata” Threat Modeling?

  • Dec 01, 2019 |

    Persona non Grata Threat Actor Profile

    Persona non Grata is a war-gaming method for developing profile for threat actors who could potentially target the organization. This method provides high level insights into system design and the types of TTPs that a threat actor may use to attempt an attack or intrusion on a network.

    For this CRC Press News, we are using an example of a “crown jewels” database and discussing how a security team might apply the threat model examples to the protection of that database. PASTA looked at the various aspects of the database, including

    • the technology stack, business risks associated with uncertainties caused by events that may occur during the protection of the database, and

    • how the intelligence cycle provides a constant, and constantly evolving, security posture in place to proactively search for threats.

    The Persona non Grata method provided an overview of just

    • who might be interested in stealing the database files,

    • what they might want to do with those files, and

    • the potential sophistication levels of the threat actors.

    These profiles help build an understanding of the primary threats to the organization and the tools those threats may employ to stage a potential attack.

    The PnG approach

    • A persona non grata (PnG) represents an archetypal user who behaves in unwanted, possibly nefarious ways.

    • However, like ordinary personas, PnGs have specific goals that they wish to achieve and specific actions that they make take to achieve their goals.

    • Modeling PnG can therefore help us think about the ways in which a system might be vulnerable to abuse, and use this information to specify appropriate mitigating requirements.

    • The PnG approach makes threat modeling more tractable by asking users to focus on attackers, their motivations, and abilities.

    PnG Design principle

    • make problem more tractable by giving modelers a specific focus (here: attackers, motivations, abilities)

    • Once attackers are modeled, process moves on to targets and likely attack mechanisms

    PnG was the most focused TMM, showing the most consistent behavior across team.

    What is a persona?

    Personas are detailed descriptions of imaginary people constructed out of well-understood, highly specified data about real people.

    What is a Persona non Grata

    Persona non Grataan is an unacceptable or unwelcome person.

    Developing a PnG; could you develop one for the unwanted and malicious intruder depicted in the attached picture (credit: https://www.infoq.com/articles/personae-non-gratae)?

    1. Motivations: What is the PnG’s motivations?

    Monetary gain?



    “LoLs” (laughs)?

    1. Goals: How will the PnG fulfill their motivation i.e.

      what do they want to do, and

      how do they plan to get away with it?

    2. Skills: What abilities do they have to achieve their goal?

      What other assets do they have e.g. access to infrastructure,

      relationships to those who have skills?

    3. Misuse cases: What are the misuse cases the PnG can follow to achieve their goals?

    PnG Merging Process

    • Step 1: Discover domain-specific concepts

    • Step 2: Identify attack targets

    • Step 3: Visually display attack mechanisms

    • Step 4: Merge individual threats into new PnGs

    • Step 5: Check for redundancy

    Features of Persona non Grata

    • Uses profiles of potential bad-guy attackers: analysis derives from anticipating what they would do given their defined goals and skills.

    • Helps identify relevant mitigation techniques

    • Direct contribution to risk management

    • Provides consistent results when used continuously

    • Detects only some subsets of threats

    As a threat modeling method, Persona non Grata (PnG) focuses on the motivations and skills of human attackers.

    • It characterizes users as archetypes that can misuse the system and forces analyststo view the system from an unintended use point of view

    • Tendsto detect only a certain subset of threat types

    • This technique fits well into the agile approaches, which incorporates personas.

    We could create a persona non grata with more specific attack strategies to expose vulnerability points of the product.

    See More
    Business & Management, Computer Game Development, Computer Science & Engineering, Engineering - Electrical, Engineering - General, Engineering - Industrial & Manufacturing, Forensics & Criminal Justice, Homeland Security, Information Technology