Skip navigation

MITRE ATT&CK-driven cyber risk assessment

MITRE ATT&CK-driven cyber risk assessment

Ahmed, Mohamed, Panda, Sakshyam, Panaousis, Emmanouil ORCID: 0000-0001-7306-4062 and Xenakis, Christos (2022) MITRE ATT&CK-driven cyber risk assessment. In: ARES 2022: The 17th International Conference on Availability, Reliability and Security. Vienna, Austria, August 23 - 26, 2022. Association for Computing Machinery (ACM), New York, pp. 1-10. ISBN 978-1450396707 ISSN https://doi.org/10.1145/3538969.3544420 (Online) (doi:https://doi.org/10.1145/3538969.3544420)

[img]
Preview
PDF (AAM)
36991_PANAOUSIS_MITRE_ATT&CK_driven_cyber_risk_assessment.pdf - Accepted Version

Download (1MB) | Preview

Abstract

Assessing the risk posed by Advanced Cyber Threats (APTs) is challenging without understanding the methods and tactics adversaries use to attack an organisation. The MITRE ATT&CK provides information on the motivation, capabilities, interests and tactics, techniques and procedures (TTPs) used by threat actors. In this paper, we leverage these characteristics of threat actors to support informed cyber risk characterisation and assessment. In particular, we utilise the MITRE repository of known adversarial TTPs along with attack graphs to determine the attack probability as well as the likelihood of success of an attack. We further identify attack paths with the highest likelihood of success considering the techniques and procedures of a threat actor. The assessment is supported by a case study of a health care organisation to identify the level of risk against two adversary groups– Lazarus and menuPass.

Item Type: Conference Proceedings
Title of Proceedings: ARES 2022: The 17th International Conference on Availability, Reliability and Security. Vienna, Austria, August 23 - 26, 2022.
Uncontrolled Keywords: security and privacy; mathematics of computing; mathematical analysis; theory of computation; probabilistic computation;
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC)
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Related URLs:
Last Modified: 07 Dec 2022 10:44
URI: http://gala.gre.ac.uk/id/eprint/36991

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics