2022
DOI: 10.3390/a15090314
|View full text |Cite
|
Sign up to set email alerts
|

CVE2ATT&CK: BERT-Based Mapping of CVEs to MITRE ATT&CK Techniques

Abstract: Since cyber-attacks are ever-increasing in number, intensity, and variety, a strong need for a global, standardized cyber-security knowledge database has emerged as a means to prevent and fight cybercrime. Attempts already exist in this regard. The Common Vulnerabilities and Exposures (CVE) list documents numerous reported software and hardware vulnerabilities, thus building a community-based dictionary of existing threats. The MITRE ATT&CK Framework describes adversary behavior and offers mitigation strat… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
18
0
1

Year Published

2023
2023
2024
2024

Publication Types

Select...
4
3
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 29 publications
(19 citation statements)
references
References 21 publications
0
18
0
1
Order By: Relevance
“…We then created and deployed a small test network of 15 hosts using containerization and custom bash scripts to generate traffic (The source code for our attack scenario is located here: https://github.com/artemis19/riverside_ scenario.). Using these scripts, we simulated a realistic attack on the network, loosely modeled after the tactics, techniques, and procedures (TTPs) outlined in the MITRE ATT&CK framework 86 as seen in Table 6. This ensured accurate attack timing across all participant sessions to establish a consistent baseline for every participant trial.…”
Section: Methodsmentioning
confidence: 99%
“…We then created and deployed a small test network of 15 hosts using containerization and custom bash scripts to generate traffic (The source code for our attack scenario is located here: https://github.com/artemis19/riverside_ scenario.). Using these scripts, we simulated a realistic attack on the network, loosely modeled after the tactics, techniques, and procedures (TTPs) outlined in the MITRE ATT&CK framework 86 as seen in Table 6. This ensured accurate attack timing across all participant sessions to establish a consistent baseline for every participant trial.…”
Section: Methodsmentioning
confidence: 99%
“…Not only do we want to recognize and block attacks as they occur-we also need to observe external data and the overall network context to predict relevant events and new attack patterns, addressing the so-called threat intelligence landscape. In [9], the authors used two well-known threat databases (CVE and MITRE) and proposed a technique to link and correlate these two sources. The tenth paper [10] used formal ontologies to monitor new threats and identify the corresponding risks in an automated way.…”
Section: Threat Intelligence [910]mentioning
confidence: 99%
“…This Special Issue presents ten papers [1][2][3][4][5][6][7][8][9][10] that can be grouped under five main topics.…”
Section: Introductionmentioning
confidence: 99%
“…However, it may also involve data preprocessing and fine-tuning steps specific to the CVE and ATT&CK techniques domain. It may also require computational resources and expertise in deep learning Grigorescu et al (2022).…”
mentioning
confidence: 99%