Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database

MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strat...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE access 2024, Vol.12, p.1217-1234
Hauptverfasser:	Al-Sada, Bader, Sadighian, Alireza, Oligeri, Gabriele
Format:	Artikel
Sprache:	eng
Schlagworte:	advanced persistent threat Behavioral sciences Computer crime Computer security Control systems Cyber security cyber threat analysis Cyber threat intelligence Cybersecurity Industrial control Industrial electronics Knowledge based systems Knowledge bases (artificial intelligence) Malware MITRE ATT&CK Risk assessment Security aspects Smart phones Threat assessment Threat models
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1234
container_issue
container_start_page	1217
container_title	IEEE access
container_volume	12
creator	Al-Sada, Bader Sadighian, Alireza Oligeri, Gabriele
description	MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strategies. There are valuable insights within MITRE ATT&CK knowledge-base that can be applied to various fields and applications, such as risk assessment, threat characterization, and attack modeling. No previous work has been devoted to the comprehensive collection and investigation of statistical insights of the MITRE ATT&CK dataset. Hence, this work aims to extract, analyze, and represent MITRE ATT&CK statistical insights providing valuable recommendations to improve the security aspects of Enterprise, Industrial Control Systems (ICS), and mobile digital infrastructures. For this purpose, we conduct a hierarchical analysis starting from MITRE ATT&CK threat profiles toward the list of techniques in the MITRE ATT&CK database. Finally, we summarize our key findings while providing recommendations that will pave the way for future research in the area.
doi_str_mv	10.1109/ACCESS.2023.3344680
format	Article
fullrecord	<record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_proquest_journals_2909273332</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10365138</ieee_id><sourcerecordid>2909273332</sourcerecordid><originalsourceid>FETCH-LOGICAL-c293t-a668e09117282ea77776a29c46bd17f81176750d896ee4c7052dc8a5998a19ad3</originalsourceid><addsrcrecordid>eNpNkE9Lw0AQxRdRsNR-Aj0sCN5S90-y2T2GWLVYEWw8L9Nk0qbUpO6mQvz0pqSHvssMM-8NzI-QW86mnDPzmKTpbLmcCibkVMowVJpdkJHgygQykuryrL8mE--3rJfuR1E8Isukhl3nK0-hLmi6AQd5i676g7ZqatqUNO1W6Gi2cQitpwv8RQfrql7TdoP0fZ59zmiSZQ_pG32CFlbg8YZclbDzODnVMfl6nmXpa7D4eJmnySLIhZFtAEppZIbzWGiBEPdSIEweqlXB41L3CxVHrNBGIYZ5zCJR5BoiYzRwA4Uck_vh7t41Pwf0rd02B9f_460wzIhYSil6lxxcuWu8d1javau-wXWWM3sEaAeA9gjQngD2qbshVSHiWUKqiEst_wGFUmn7</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2909273332</pqid></control><display><type>article</type><title>Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database</title><source>IEEE Open Access Journals</source><source>DOAJ Directory of Open Access Journals</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Al-Sada, Bader ; Sadighian, Alireza ; Oligeri, Gabriele</creator><creatorcontrib>Al-Sada, Bader ; Sadighian, Alireza ; Oligeri, Gabriele</creatorcontrib><description><![CDATA[MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strategies. There are valuable insights within MITRE ATT&CK knowledge-base that can be applied to various fields and applications, such as risk assessment, threat characterization, and attack modeling. No previous work has been devoted to the comprehensive collection and investigation of statistical insights of the MITRE ATT&CK dataset. Hence, this work aims to extract, analyze, and represent MITRE ATT&CK statistical insights providing valuable recommendations to improve the security aspects of Enterprise, Industrial Control Systems (ICS), and mobile digital infrastructures. For this purpose, we conduct a hierarchical analysis starting from MITRE ATT&CK threat profiles toward the list of techniques in the MITRE ATT&CK database. Finally, we summarize our key findings while providing recommendations that will pave the way for future research in the area.]]></description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2023.3344680</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>advanced persistent threat ; Behavioral sciences ; Computer crime ; Computer security ; Control systems ; Cyber security ; cyber threat analysis ; Cyber threat intelligence ; Cybersecurity ; Industrial control ; Industrial electronics ; Knowledge based systems ; Knowledge bases (artificial intelligence) ; Malware ; MITRE ATT&CK ; Risk assessment ; Security aspects ; Smart phones ; Threat assessment ; Threat models</subject><ispartof>IEEE access, 2024, Vol.12, p.1217-1234</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2024</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c293t-a668e09117282ea77776a29c46bd17f81176750d896ee4c7052dc8a5998a19ad3</cites><orcidid>0000-0002-4682-7703 ; 0000-0001-5244-7726 ; 0000-0002-9637-0430</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10365138$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>314,778,782,862,4012,27620,27910,27911,27912,54920</link.rule.ids></links><search><creatorcontrib>Al-Sada, Bader</creatorcontrib><creatorcontrib>Sadighian, Alireza</creatorcontrib><creatorcontrib>Oligeri, Gabriele</creatorcontrib><title>Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database</title><title>IEEE access</title><addtitle>Access</addtitle><description><![CDATA[MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strategies. There are valuable insights within MITRE ATT&CK knowledge-base that can be applied to various fields and applications, such as risk assessment, threat characterization, and attack modeling. No previous work has been devoted to the comprehensive collection and investigation of statistical insights of the MITRE ATT&CK dataset. Hence, this work aims to extract, analyze, and represent MITRE ATT&CK statistical insights providing valuable recommendations to improve the security aspects of Enterprise, Industrial Control Systems (ICS), and mobile digital infrastructures. For this purpose, we conduct a hierarchical analysis starting from MITRE ATT&CK threat profiles toward the list of techniques in the MITRE ATT&CK database. Finally, we summarize our key findings while providing recommendations that will pave the way for future research in the area.]]></description><subject>advanced persistent threat</subject><subject>Behavioral sciences</subject><subject>Computer crime</subject><subject>Computer security</subject><subject>Control systems</subject><subject>Cyber security</subject><subject>cyber threat analysis</subject><subject>Cyber threat intelligence</subject><subject>Cybersecurity</subject><subject>Industrial control</subject><subject>Industrial electronics</subject><subject>Knowledge based systems</subject><subject>Knowledge bases (artificial intelligence)</subject><subject>Malware</subject><subject>MITRE ATT&CK</subject><subject>Risk assessment</subject><subject>Security aspects</subject><subject>Smart phones</subject><subject>Threat assessment</subject><subject>Threat models</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><recordid>eNpNkE9Lw0AQxRdRsNR-Aj0sCN5S90-y2T2GWLVYEWw8L9Nk0qbUpO6mQvz0pqSHvssMM-8NzI-QW86mnDPzmKTpbLmcCibkVMowVJpdkJHgygQykuryrL8mE--3rJfuR1E8Isukhl3nK0-hLmi6AQd5i676g7ZqatqUNO1W6Gi2cQitpwv8RQfrql7TdoP0fZ59zmiSZQ_pG32CFlbg8YZclbDzODnVMfl6nmXpa7D4eJmnySLIhZFtAEppZIbzWGiBEPdSIEweqlXB41L3CxVHrNBGIYZ5zCJR5BoiYzRwA4Uck_vh7t41Pwf0rd02B9f_460wzIhYSil6lxxcuWu8d1javau-wXWWM3sEaAeA9gjQngD2qbshVSHiWUKqiEst_wGFUmn7</recordid><startdate>2024</startdate><enddate>2024</enddate><creator>Al-Sada, Bader</creator><creator>Sadighian, Alireza</creator><creator>Oligeri, Gabriele</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-4682-7703</orcidid><orcidid>https://orcid.org/0000-0001-5244-7726</orcidid><orcidid>https://orcid.org/0000-0002-9637-0430</orcidid></search><sort><creationdate>2024</creationdate><title>Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database</title><author>Al-Sada, Bader ; Sadighian, Alireza ; Oligeri, Gabriele</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c293t-a668e09117282ea77776a29c46bd17f81176750d896ee4c7052dc8a5998a19ad3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>advanced persistent threat</topic><topic>Behavioral sciences</topic><topic>Computer crime</topic><topic>Computer security</topic><topic>Control systems</topic><topic>Cyber security</topic><topic>cyber threat analysis</topic><topic>Cyber threat intelligence</topic><topic>Cybersecurity</topic><topic>Industrial control</topic><topic>Industrial electronics</topic><topic>Knowledge based systems</topic><topic>Knowledge bases (artificial intelligence)</topic><topic>Malware</topic><topic>MITRE ATT&CK</topic><topic>Risk assessment</topic><topic>Security aspects</topic><topic>Smart phones</topic><topic>Threat assessment</topic><topic>Threat models</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Al-Sada, Bader</creatorcontrib><creatorcontrib>Sadighian, Alireza</creatorcontrib><creatorcontrib>Oligeri, Gabriele</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Al-Sada, Bader</au><au>Sadighian, Alireza</au><au>Oligeri, Gabriele</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2024</date><risdate>2024</risdate><volume>12</volume><spage>1217</spage><epage>1234</epage><pages>1217-1234</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract><![CDATA[MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strategies. There are valuable insights within MITRE ATT&CK knowledge-base that can be applied to various fields and applications, such as risk assessment, threat characterization, and attack modeling. No previous work has been devoted to the comprehensive collection and investigation of statistical insights of the MITRE ATT&CK dataset. Hence, this work aims to extract, analyze, and represent MITRE ATT&CK statistical insights providing valuable recommendations to improve the security aspects of Enterprise, Industrial Control Systems (ICS), and mobile digital infrastructures. For this purpose, we conduct a hierarchical analysis starting from MITRE ATT&CK threat profiles toward the list of techniques in the MITRE ATT&CK database. Finally, we summarize our key findings while providing recommendations that will pave the way for future research in the area.]]></abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2023.3344680</doi><tpages>18</tpages><orcidid>https://orcid.org/0000-0002-4682-7703</orcidid><orcidid>https://orcid.org/0000-0001-5244-7726</orcidid><orcidid>https://orcid.org/0000-0002-9637-0430</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2169-3536
ispartof	IEEE access, 2024, Vol.12, p.1217-1234
issn	2169-3536 2169-3536
language	eng
recordid	cdi_proquest_journals_2909273332
source	IEEE Open Access Journals; DOAJ Directory of Open Access Journals; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects	advanced persistent threat Behavioral sciences Computer crime Computer security Control systems Cyber security cyber threat analysis Cyber threat intelligence Cybersecurity Industrial control Industrial electronics Knowledge based systems Knowledge bases (artificial intelligence) Malware MITRE ATT&CK Risk assessment Security aspects Smart phones Threat assessment Threat models
title	Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-15T11%3A05%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Analysis%20and%20Characterization%20of%20Cyber%20Threats%20Leveraging%20the%20MITRE%20ATT&CK%20Database&rft.jtitle=IEEE%20access&rft.au=Al-Sada,%20Bader&rft.date=2024&rft.volume=12&rft.spage=1217&rft.epage=1234&rft.pages=1217-1234&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2023.3344680&rft_dat=%3Cproquest_ieee_%3E2909273332%3C/proquest_ieee_%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2909273332&rft_id=info:pmid/&rft_ieee_id=10365138&rfr_iscdi=true