论文标题
增强用于小组过滤和技术优先级的MITER ATT&CK的Stix表示
Enhancing the STIX Representation of MITRE ATT&CK for Group Filtering and Technique Prioritization
论文作者
论文摘要
在本文中,我们增强了MITER在Stix 2.1格式中提供的ATT&CK组知识库的机器可读表示形式,以使其可用和可查询的其他类型的上下文信息。这些信息包括活动群体的动机,他们来自起源的国家以及他们针对的部门和国家。我们演示了如何利用增强模型来构建可理解的查询来过滤感兴趣的活动组并检索相关的战术智能。
In this paper, we enhance the machine-readable representation of the ATT&CK Groups knowledge base provided by MITRE in STIX 2.1 format to make available and queryable additional types of contextual information. Such information includes the motivations of activity groups, the countries they have originated from, and the sectors and countries they have targeted. We demonstrate how to utilize the enhanced model to construct intelligible queries to filter activity groups of interest and retrieve relevant tactical intelligence.
