Camp2Vec: Embedding cyber campaign with ATT&CK framework for attack group analysis

Camp2Vec: Embedding cyber campaign with ATT&CK framework for attack group analysis

As the cyberattack subject has expanded from individual to group, attack patterns have become a complicated form of cyber campaigns. Although detecting the attack groups that operated the cyber campaigns is an important issue, complex methods such as deep learning are difficult to use due to the lac...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:ICT express 2023, 9(6), , pp.1065-1070
Hauptverfasser: Lee, Insup, Choi, Changhee
Format: Artikel
Sprache:eng
Schlagworte:
Cyber campaign
Cyber threat intelligence
MITRE ATT&CK
TF-IDF
TTP sequence
전자/정보통신공학
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:As the cyberattack subject has expanded from individual to group, attack patterns have become a complicated form of cyber campaigns. Although detecting the attack groups that operated the cyber campaigns is an important issue, complex methods such as deep learning are difficult to use due to the lack of campaign data. This paper proposes Camp2Vec, a lightweight statistics-based embedding for cyber campaigns, enabling attack group detection. The proposed method models a relationship between a campaign and techniques in the ATT&CK® framework as a document and words. Experimental results with expert-labeled datasets prove that Camp2Vec identifies representative attack groups successfully.
ISSN:2405-9595
2405-9595
DOI:10.1016/j.icte.2023.05.008