Accession Number:

AD1082648

Title:

Automating Reasoning of MITRE ATT and CK for Predicting Cyber Attack Techniques using Statistical Machine Learning

Descriptive Note:

Technical Report

Corporate Author:

Carnegie Mellon University Software Engineering Institute Pittsburgh United States

Personal Author(s):

Report Date:

2019-01-01

Pagination or Media Count:

37.0

Abstract:

MITRE ATT and CK TTP Tactics, Techniques, Procedures are low-level descriptions of adversarial actions. Everyone is interested in using ATT and CK for detection, prediction, forensics, and threat hunting because it provides observables for detecting attacks. Goal Characterize the behavior of APT, malware, and software attacks. Challenges 1. MITRE ATT and CK is not ordered in a technique level important for prediction and threat hunting. 2. MITRE ATT and CK is not ordered in Kill Chain level important to understand attacker strategies and constructing TTP Chains. Hypothesis Do MITRE ATT and CK techniques exhibit associations, preconditions, or post-conditions

Subject Categories:

  • Computer Systems Management and Standards
  • Cybernetics

Distribution Statement:

APPROVED FOR PUBLIC RELEASE