Cyber Threat Emulation
Ladda ner
Publicerad
Författare
Typ
Examensarbete för masterexamen
Master's Thesis
Master's Thesis
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
The rising frequency of cyber attacks presents challenges in protecting confidential data. As technology continues to evolve, it empowers both attackers and defenders to enhance their capabilities to exploit and protect software systems. This dynamic fuels innovation in security measures as organizations seek new and effective methods to mitigate cyber attacks that aim to violate the confidentiality, integrity, and availability of information. To face emerging cyber threats, threat intelligence frameworks have been proven essential for gathering information on the motives, targets, and attack behaviors of threat actor groups. By connecting the information from these frameworks, organizations can facilitate realistic training environments to increase the excellence of security practitioners. In this master thesis, the capability of linking attack techniques used by known threat actor groups and modules for attack execution is investigated. This is done
by developing a mapping framework in an attempt to represent these techniques in SVED and subsequently instantiate this as an attack profile against a virtual organization in CRATE. The results indicate that when a specific CVE-entry (Common Vulnerabilities and Exposures) is prevalent in the incident description, there is a high likelihood of identifying an attack module for an attack technique. However, in the context of the experiment, the thesis has identified difficulties in emulating techniques by known threat actor groups. The evidence implies further research to explore more effective solutions for processing the modules in the attack profiles.
Beskrivning
Ämne/nyckelord
computer science, software engineering, security, sved, crate, lore