A COMPREHENSIVE THREAT MODELING AND FORENSIC READINESS FRAMEWORK FOR UNIVERSITY ONLINE EXAMINATION PLATFORMS

Abstract

Online examination platforms have emerged as critical academic infrastructure, yet they remain acutely vulnerable to a spectrum of cyber threats including identity fraud, content leakage, behavioral cheating, and denial-of-service attacks. Existing security frameworks lack examination-specific threat models and forensic readiness provisions that are legally defensible in academic misconduct proceedings. This paper proposes the Comprehensive Threat and Forensic Readiness Framework (CTFRF), a novel five-layer architecture that integrates STRIDE-extended threat modeling, AI-driven behavioral anomaly detection, Zero Trust access control, and immutable forensic audit logging specifically tailored for university online examination ecosystems. Empirical evaluation on simulated examination environments demonstrates that CTFRF achieves an overall detection precision of 97.0%, an F1 score of 0.967, and reduces mean incident containment time to under 22 seconds across five attack categories. The framework aligns with ISO 27001:2022, NIST CSF 2.0, and India's Digital Personal Data Protection (DPDP) Act 2023, offering a governance-ready, legally admissible forensic evidence pipeline.