中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/89871
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 80990/80990 (100%)
Visitors : 44340071      Online Users : 758
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/89871


    Title: COMAT: 基於MITRE ATT&CK框架的資安本體庫;COMAT: A Cybersecurity Ontology based on MITRE ATT&CK
    Authors: 廖子杰;LIAO, ZIJIE
    Contributors: 資訊工程學系
    Keywords: MITRE ATT&CK;資訊萃取;本體庫;MITRE ATT&CK;Information Extraction;Ontology
    Date: 2022-08-03
    Issue Date: 2022-10-04 12:03:06 (UTC+8)
    Publisher: 國立中央大學
    Abstract: MITRE ATT&CK 是一個全球可訪問的基於真實世界觀察的對手戰術和技術知識庫。這些收集到的知識可以詳細代表整個攻擊殺傷鏈階段的駭客組織、惡意軟 體、戰術和技術的信息,並有助於對網絡威脅情報(CTI) 技術的調查。然而, MITRE 提供取得資訊的方式: Website、Navigator 不足以搜索複雜的相關信息,以 至於花費大量的時間與人力在查尋。在本文中,我們提出了一種基於 MITRE ATT&CK 框架的資安本體庫,能夠有效地獲取資安的相關知識,並且,我們根據安 全研究人員可能的需求,提供推理路徑,以深入分析資安威脅情資(CTI)的技術,並設計了基於惡意軟體、組織和技術的正向查詢與反向查詢,以更有效地生成完整 的情報。;MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. These collected data uncover the information about adversary group, software, tactic, and technique that can represent whole kill chain phases in detail, and facilitate the investigation of cyber threat intelligence (CTI) techniques. However, the existed interfaces of ATT&CK such as website and Navigator are not enough to search for complex related information. In this paper, we present an ontology based on MITRE ATT&CK to efficiently gain the knowledge. Based on the requirement of security researchers, we derive inference paths to infer techniques that are leveraged to deeply analyze the technology of CTI, and we also design forward- and backward- query based on software, group and technique that are of great significance to the security domain for generating the completed intelligence more efficiency.
    Appears in Collections:[Graduate Institute of Computer Science and Information Engineering] Electronic Thesis & Dissertation

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML43View/Open


    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明