English
Related papers

Related papers: Rule-ATT&CK Mapper (RAM): Mapping SIEM Rules to TT…

200 papers

This work evaluates the performance of Cyber Threat Intelligence (CTI) extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising…

Cryptography and Security · Computer Science 2025-05-07 Hoang Cuong Nguyen , Shahroz Tariq , Mohan Baruwal Chhetri , Bao Quoc Vo

MITRE ATT&CK is a cybersecurity knowledge base that organizes threat actor and cyber-attack information into a set of tactics describing the reasons and goals threat actors have for carrying out attacks, with each tactic having a set of…

The MITRE ATT&CK framework is a widely adopted tool for enhancing cybersecurity, supporting threat intelligence, incident response, attack modeling, and vulnerability prioritization. This paper synthesizes research on its application across…

Cryptography and Security · Computer Science 2025-02-18 Yuning Jiang , Qiaoran Meng , Feiyang Shang , Nay Oo , Le Thi Hong Minh , Hoon Wei Lim , Biplab Sikdar

The widespread adoption of Android devices for sensitive operations like banking and communication has made them prime targets for cyber threats, particularly Advanced Persistent Threats (APT) and sophisticated malware attacks. Traditional…

Cryptography and Security · Computer Science 2025-03-21 Dincy R Arikkat , Vinod P. , Rafidha Rehiman K. A. , Serena Nicolazzo , Marco Arazzi , Antonino Nocera , Mauro Conti

The volume, variety, and velocity of change in vulnerabilities and exploits have made incident threat analysis challenging with human expertise and experience along. Tactics, Techniques, and Procedures (TTPs) are to describe how and why…

Artificial Intelligence · Computer Science 2023-08-24 Reza Fayyazi , Shanchieh Jay Yang

Cybersecurity post-incident reviews are essential for identifying control failures and improving organisational resilience, yet they remain labour-intensive, time-consuming, and heavily reliant on expert judgment. This paper investigates…

Cryptography and Security · Computer Science 2026-01-08 Huan Lin Oh , Jay Yong Jun Jie , Mandy Lee Ling Siu , Jonathan Pan

With frequently evolving Advanced Persistent Threats (APTs) in cyberspace, traditional security solutions approaches have become inadequate for threat hunting for organizations. Moreover, SOC (Security Operation Centers) analysts are often…

Successful defense against dynamically evolving cyber threats requires advanced and sophisticated techniques. This research presents a novel approach to enhance real-time cybersecurity threat detection and response by integrating large…

Cryptography and Security · Computer Science 2025-04-02 Shuva Paul , Farhad Alemi , Richard Macwan

SIEM systems serve as a critical hub, employing rule-based logic to detect and respond to threats. Redundant or overlapping rules in SIEM systems lead to excessive false alerts, degrading analyst performance due to alert fatigue, and…

Cryptography and Security · Computer Science 2025-05-13 Akansha Shukla , Parth Atulbhai Gandhi , Yuval Elovici , Asaf Shabtai

Extracting MITRE ATT\&CK Tactics, Techniques, and Procedures (TTPs) from natural language threat reports is crucial yet challenging. Existing methods primarily focus on performance metrics using data-driven approaches, often neglecting…

Cryptography and Security · Computer Science 2025-05-15 Cheng Meng , ZhengWei Jiang , QiuYun Wang , XinYi Li , ChunYan Ma , FangMing Dong , FangLi Ren , BaoXu Liu

Monitoring the threat landscape to be aware of actual or potential attacks is of utmost importance to cybersecurity professionals. Information about cyber threats is typically distributed using natural language reports. Natural language…

Computation and Language · Computer Science 2024-04-12 Lukas Lange , Marc Müller , Ghazaleh Haratinezhad Torbati , Dragan Milchevski , Patrick Grau , Subhash Pujari , Annemarie Friedrich

Understanding adversarial behavior in cybersecurity has traditionally relied on high-level intelligence reports and manual interpretation of attack chains. However, real-time defense requires the ability to infer attacker intent and…

Cryptography and Security · Computer Science 2025-10-27 Soham Hans , Stacy Marsella , Sophia Hirschmann , Nikolos Gurney

Advanced Persistent Threats (APTs) are prolonged, stealthy intrusions by skilled adversaries that compromise high-value systems to steal data or disrupt operations. Reconstructing complete attack chains from massive, heterogeneous logs is…

Cryptography and Security · Computer Science 2025-09-03 Rujie Dai , Peizhuo Lv , Yujiang Gui , Qiujian Lv , Yuanyuan Qiao , Yan Wang , Degang Sun , Weiqing Huang , Yingjiu Li , XiaoFeng Wang

Attribution of cyber-attacks remains a complex but critical challenge for cyber defenders. Currently, manual extraction of behavioral indicators from dense forensic documentation causes significant attribution delays, especially following…

Cryptography and Security · Computer Science 2025-05-20 Kyla Guru , Robert J. Moss , Mykel J. Kochenderfer

Vulnerability databases, such as the National Vulnerability Database (NVD), offer detailed descriptions of Common Vulnerabilities and Exposures (CVEs), but often lack information on their real-world impact, such as the tactics, techniques,…

Cryptography and Security · Computer Science 2025-10-21 Anders Mølmen Høst , Pierre Lison , Leon Moonen

The MITRE Adversarial Tactics, Techniques and Common Knowledge (MITRE ATT&CK) Attack Technique to Proactive Software Supply Chain Risk Management Framework (P-SSCRM) Task mapping described in this document helps software organizations to…

Software Engineering · Computer Science 2025-07-25 Sivana Hamer , Jacob Bowen , Md Nazmul Haque , Chris Madden , Laurie Williams

SIEM systems are prevalent and play a critical role in a variety of analyst workflows in Security Operation Centers. However, modern SIEMs face a big challenge: they still cannot relieve analysts from the repetitive tasks involved in…

Cryptography and Security · Computer Science 2024-07-19 PeiYu Tseng , ZihDwo Yeh , Xushu Dai , Peng Liu

The escalating complexity and volume of cyberattacks demand proactive detection strategies that go beyond traditional rule-based systems. This paper presents a phase-aware, multi-model machine learning framework that emulates adversarial…

Cryptography and Security · Computer Science 2025-08-26 Chitraksh Singh , Monisha Dhanraj , Ken Huang

Over the last years, threat intelligence sharing has steadily grown, leading cybersecurity professionals to access increasingly larger amounts of heterogeneous data. Among those, cyber attacks' Tactics, Techniques and Procedures (TTPs) have…

Cryptography and Security · Computer Science 2020-04-30 Valentine Legoy , Marco Caselli , Christin Seifert , Andreas Peter

We introduces Crimson, a system that enhances the strategic reasoning capabilities of Large Language Models (LLMs) within the realm of cybersecurity. By correlating CVEs with MITRE ATT&CK techniques, Crimson advances threat anticipation and…

Cryptography and Security · Computer Science 2024-03-05 Jiandong Jin , Bowen Tang , Mingxuan Ma , Xiao Liu , Yunfei Wang , Qingnan Lai , Jia Yang , Changling Zhou
‹ Prev 1 2 3 10 Next ›