Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix-Reference-Cited by-同舟云学术

Cyber security threat modeling based on the MITRE Enterprise ATT&CK Matrix

Published:2021-06-18 Issue: Volume: Page:
ISSN:1619-1366
Container-title:Software and Systems Modeling
language:en
Short-container-title:Softw Syst Model

Author:

Xiong Wenjun^ORCID,Legrand Emeline,Åberg Oscar,Lagerström Robert^ORCID

Abstract

AbstractEnterprise systems are growing in complexity, and the adoption of cloud and mobile services has greatly increased the attack surface. To proactively address these security issues in enterprise systems, this paper proposes a threat modeling language for enterprise security based on the MITRE Enterprise ATT&CK Matrix. It is designed using the Meta Attack Language framework and focuses on describing system assets, attack steps, defenses, and asset associations. The attack steps in the language represent adversary techniques as listed and described by MITRE. This entity-relationship model describes enterprise IT systems as a whole; by using available tools, the proposed language enables attack simulations on its system model instances. These simulations can be used to investigate security settings and architectural changes that might be implemented to secure the system more effectively. Our proposed language is tested with a number of unit and integration tests. This is visualized in the paper with two real cyber attacks modeled and simulated.

Funder

Swedish Governmental Agency for Innovation Systems

Energimyndigheten

Publisher

Springer Science and Business Media LLC

Subject

Modeling and Simulation,Software

Link

https://link.springer.com/content/pdf/10.1007/s10270-021-00898-7.pdf

Reference60 articles.

1. Al-Fedaghi, S., Moein, S.: Modeling attacks. Int. J. Safety Secur. Eng. 4(2), 97–115 (2014)

2. Applebaum, A., Miller, D., Strom, B., Foster, H., Thomas, C.: Analysis of automated adversary emulation techniques. In: Proceedings of the Summer Simulation Multi-Conference, pp. 1–12 (2017)

3. Baquero, A.O., Kornecki, A.J., Zalewski, J.: Threat modeling for aviation computer security. CrossTalk November/December 1–12,(2015)

4. Bedi, P., Gandotra, V., Singhal, A., Narang, H., Sharma, S.: Threat-oriented security framework in risk management using multiagent system. Software Practice Exp. 43(9), 1013–1038 (2013)

5. Burns, A.J., Johnson, M.E., Caputo, D.D.: Spear phishing in a barrel: insights from a targeted phishing campaign. J. Organiz. Comput. Electron. Commerce 29(1), 24–39 (2019)

Cited by 44 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Understanding Data Breach from a Global Perspective: Incident Visualization and Data Protection Law Review;Data;2024-01-31

2. Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database;IEEE Access;2024

3. A Methodological Approach towards Cyber Risk Management in Land Administrations Systems;Land;2023-12-21

4. Blockchain-Based Trust Management for IoMT Environment;Lecture Notes in Computer Science;2023-12-19

5. Formal Methods and Validation Techniques for Ensuring Automotive Systems Security;Information;2023-12-18