conducting-linddun-threat-modeling

Installation
SKILL.md

Conducting LINDDUN Threat Modeling

Overview

LINDDUN is a systematic privacy threat modeling methodology developed by the DistriNet research group at KU Leuven. It provides a structured approach to identifying privacy threats in software systems through Data Flow Diagram (DFD) analysis and threat tree catalogs. LINDDUN stands for seven privacy threat categories:

  • Linking — Associating data items with each other or with an individual
  • Identifying — Learning the identity of a data subject
  • Non-repudiation — Being unable to deny an action or association
  • Detecting — Deducing that an individual is involved in a process
  • Data Disclosure — Exposing personal data to unauthorized parties
  • Unawareness — Data subjects being unaware of data processing
  • Non-compliance — Failing to comply with privacy legislation or policies

LINDDUN complements security threat modeling (STRIDE) by focusing specifically on privacy threats. While STRIDE addresses confidentiality, integrity, and availability, LINDDUN addresses unlinkability, anonymity, plausible deniability, undetectability, confidentiality of data content, content awareness, and policy compliance.

LINDDUN Threat Categories Detailed

L — Linking

Installs
9
GitHub Stars
187
First Seen
Jun 9, 2026
conducting-linddun-threat-modeling — mukul975/privacy-data-protection-skills