Threat P.L.SHP.2

URI: P.L.SHP.2

Package: Theft

Description: Use of admin privilege at Host to control Process: someone with admin rights on stolen device Host can control process Process hosted by that device and use its privileges.

Threat Type: Primary Threat

Matching Pattern:

MP-SHP

Finds a Process running on a shell Host, and optionally the interactive process user and host manager.

(empty)

TheftOfControl at Role_Process

CSG-ContinuousUserAuthentication	Access to process *Process* is controlled by authenticating user *Human* based on their registered usage characteristics captured by a personal device *Host*.
CSG-SecureProcessExecution	Uses hardware security on device *Host* to bootstrap a protected enclave in which *Process* can execute without interference even by someone with admin rights at *Host*.

Threat P.L.SHP.2

MP-SHP

Triggered by Threat (0)

Triggers Secondary Threats (0)

Triggered By Control Strategy (0)

Misbehaviour Sets (1)

Control Strategies (2)