STRIDE is defined to group threats into following six categories:
Denial of Service
Elevation of Privilege.
The simplest way to apply the STRIDE model is to consider how each of the threats in the model affects your application components and each of its connections or relationships with other application components. Essentially, you look at each part of the application and determine whether any threats that fall into the S, T, R, I, D, or E categories.
Spoofing identity: An example of spoofing identity is to illegally accessing and then using another user’s authentication information.
Data Tampering: involves the malicious modification of data in data containers or during the data transition process.
Repudiation: Repudiation threats are associated with users who deny performing an action without other parties having any way to prove otherwise—for example, a user performs an illegal operation in a system that lacks the ability to trace the prohibited operations.
Information disclosure: Exposure of critical information to undesired people/systems.
Denial of service (DoS): Deny service to valid users by making a server or service temporarily unavailable or unusable.
Elevation of privilege: In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access to compromise or destroy the entire system.
Read Threat Modeling - Practice Guide to understand how to use STRIDE during Threat Modeling exercise.