Polymer: An Adaptive Kill Chain Expanding Cyber Threat Hunting to Multi-Platform Environments

Neto, Antonio Jose Horta; Santos, Anderson Fernandes; Santos, Marcos dos

doi:10.1109/bigdata52589.2021.9671731

Cited by 1 publication

(3 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The cyber kill-chain (CKC) concept was coined by Lockheed Martin [Martin 2014] in 2014 who introduced a 7-step kill-chain. Later, in 2017, Van Den Berg presented the unified kill-chain [Van Den Berg 2017], to resolve some issues not addressed in the original CKC and currently there are proposals to make kill-chains more dynamic, such as polymer kill-chain [Neto et al 2021]. In parallel, MITRE has been organizing since 2018 the techniques used in these attacks, which gave rise to the ATT&CK 2 knowledge base.…”

Section: Kill-chainsmentioning

confidence: 99%

“…The paper proposed by [Noor et al 2019] presents a framework to automate cyber threat attribution. Specifically, the authors profile cyber threat actors (CTAs) based on their attack patterns extracted from cyber threat intelligence (CTI) reports, using the distributional semantics technique of Natural Language Processing.…”

Section: Related Workmentioning

confidence: 99%

“…Most research found in the state of the art has the objective of detecting and recognizing patterns in combating malicious adversaries [Ahn et al 2022, Lin et al 2022, Noor et al 2019]. However, these works have addressed this problem through proposals for a cyber threat attribution using unstructured reports in cyber threat intelligence [Irshad and Siddiqui 2022] and an automated reclassification for threat actors [Shin et al 2021].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Identification of Potential Threats in the Critical Path for Defense Operations by Cross Reference Features Clustering

Horta,

Marinho,

Holanda

2023

Anais Do XXIII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2023)

View full text Add to dashboard Cite

Cyber attacks are a threat to the security of the most diverse types of organizations. To mitigate the risk of suffering successful attacks, organizations use different types of assessments. The research problem addressed in this study is to present, among the behaviors of known threats, those that are similar to the assessment campaign carried out and consequently represent greater risk when attempting attacks using the more exploitable critical path. The purpose of this research is to present a method for identifying the critical path of the threat and the similarity factor by Cross Reference Features (CRF) method to identify the opponents most similar to the procedures used in the assessment campaign carried out. The CRF was used as a baseline for comparison between 2 unsupervised learning algorithms in the threat clustering task. For essays that considered only groups as threats, K-means outperformed the Hierarchical Agglomerative Clustering by 2.4 percentage points, while in the essay with all threats, Hierarchical Agglomerative Clustering surpassed K-means by 2.3%.

show abstract

Section: Kill-chainsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%