Validating the Meta Attack Language using MITRE ATT&amp;amp;CK matrix

Åberg, Oscar; Sparf, Edvin

diva-portal.org

Digitala Vetenskapliga Arkivet

Simple search

Advanced search -
Research publications Advanced search -
Student theses Statistics

English Svenska Norsk

Change search

Cite ExportLink to record

Permanent link

https://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-259297

Direct link

http://www.diva-portal.org/smash/record.jsf?pid=diva2:1350884

Cite

Citation style

apa
ieee
modern-language-association-8th-edition
vancouver
Other style

More styles

Language

de-DE
en-GB
en-US
fi-FI
nn-NO
nn-NB
sv-SE
Other locale

More languages

Output format

html
text
asciidoc
rtf

Validating the Meta Attack Language using MITRE ATT&CK matrix

Åberg, Oscar

KTH, School of Electrical Engineering and Computer Science (EECS).

Sparf, Edvin

KTH, School of Electrical Engineering and Computer Science (EECS).

2019 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesisAlternative title

Validering av Meta Attack Language med hjälp av MITRE ATT&CK Matrix (Swedish)

Abstract [en]

When more and more devices are getting connected to each other and to the internet, the security of such devices becomes increasingly important. For large organizations with hundreds or even thousands of connected devices, it can be hard to determine the weak spots of the network in terms of security. A way of finding these weak spots is by using threat modelling. One language which can be used for this is the Meta Attack Language(MAL). The purpose of this report is to study which types of cyber attacks can be expressed with MAL. To do so eleven different attack techniques from the cyber attack database MITRE ATT&CK matrix are implemented in MAL. The report shows that many different attacks can be implemented in MAL. Since all of the randomly selected attacks were possible to implement in MAL this suggests that it is possible to implement all of the attacks from the MITRE ATT&CK matrix in MAL.

Abstract [sv]

När fler och fler enheter kopplas ihop med varandra och med internet blir säkerheten för dessa enheter allt viktigare. Stora organisationer, som kan ha hundratals eller tusentals uppkopplade enheter, kan ha svårt att hitta svagheter i deras säkerhet. Dessa svagheter kan hittas med hjälp av hotmodellering. Meta Attack Language(MAL) kan användas för detta. Syftet med denna rapport är att studera vilka sorts cyberattacker som kan implementeras i MAL. För att göra detta har elva attacktekniker från cyberattacksdatabasen MITRE ATT&CK matrix implementerats i MAL. Rapporten visar att flera olika sorters cyberattacker kan implementeras i MAL. Eftersom slumpmässigt valda attackteknikerna gick att implementera i MAL, är det troligt att alla attackteknikerna i MITRE ATT&CK matrix kan implementeras i MAL.

Place, publisher, year, edition, pages

2019. , p. 28

Series

TRITA-EECS-EX ; 2019:391

National Category

Computer and Information Sciences

Identifiers

URN: urn:nbn:se:kth:diva-259297OAI: oai:DiVA.org:kth-259297DiVA, id: diva2:1350884

Supervisors

Lagerström, Robert

Examiners

Ekeberg, Örjan

Available from: 2019-09-16 Created: 2019-09-12 Last updated: 2022-06-26Bibliographically approved

Open Access in DiVA

fulltext(758 kB)

2111 downloads

File information

File name FULLTEXT01.pdfFile size 758 kBChecksum SHA-512

ab0530548b8d99f0629057f42560fbc7d26178e71f90a93f9fa9e30a2e87ed7ae01e7a1fea21c961beab76e66491b86a12771cd1ba1398d5c4eee2fd7062c8ba

Type fulltextMimetype application/pdf

Total: 2113 downloads

The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Total: 3281 hits