MITRE ATT&CK-driven cyber risk assessment
Ahmed, Mohamed, Panda, Sakshyam, Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 and Xenakis, Christos (2022) MITRE ATT&CK-driven cyber risk assessment. In: ARES 2022: The 17th International Conference on Availability, Reliability and Security. Vienna, Austria, August 23 - 26, 2022. Association for Computing Machinery (ACM), New York, pp. 1-10. ISBN 978-1450396707 ISSN https://doi.org/10.1145/3538969.3544420 (Online) (doi:https://doi.org/10.1145/3538969.3544420)
|
PDF (AAM)
36991_PANAOUSIS_MITRE_ATT&CK_driven_cyber_risk_assessment.pdf - Accepted Version Download (1MB) | Preview |
Abstract
Assessing the risk posed by Advanced Cyber Threats (APTs) is challenging without understanding the methods and tactics adversaries use to attack an organisation. The MITRE ATT&CK provides information on the motivation, capabilities, interests and tactics, techniques and procedures (TTPs) used by threat actors. In this paper, we leverage these characteristics of threat actors to support informed cyber risk characterisation and assessment. In particular, we utilise the MITRE repository of known adversarial TTPs along with attack graphs to determine the attack probability as well as the likelihood of success of an attack. We further identify attack paths with the highest likelihood of success considering the techniques and procedures of a threat actor. The assessment is supported by a case study of a health care organisation to identify the level of risk against two adversary groups– Lazarus and menuPass.
Item Type: | Conference Proceedings |
---|---|
Title of Proceedings: | ARES 2022: The 17th International Conference on Availability, Reliability and Security. Vienna, Austria, August 23 - 26, 2022. |
Uncontrolled Keywords: | security and privacy; mathematics of computing; mathematical analysis; theory of computation; probabilistic computation; |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC) Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
Related URLs: | |
Last Modified: | 07 Dec 2022 10:44 |
URI: | http://gala.gre.ac.uk/id/eprint/36991 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year