위험 관리를 위한 MITRE ATT&CK 기반의 정량적 보안 지표

Vol. 34, No. 1, pp. 53-60, 2월. 2024
https://doi.org/10.13089/JKIISC.2024.34.1.53, Full Text:
Keywords: Security Metric, MITRE ATT&CK, risk management
Abstract

Security assessment is an indispensable process for a secure network, and appropriate performance indicators must be present to manage risks. The most widely used quantitative indicator is CVSS. CVSS has a problem that it cannot consider context in terms of subjectivity, complexity of interpretation, and security risks. To compensate for these problems, we propose indicators that itemize and quantify four things: attackers, threats, responses, and assets, taking into account the security context of ISO/IEC 15408 documents. Vulnerabilities discovered through network scanning can be mapped to MITREATT&CK's technology by the connection between weaknesses and attack patterns (CAPEC). We use MITRE ATT&CK's Groups, Tactic, and Mitigations to produce consistent and intuitive scores. Accordingly, it is expected that security evaluation managers will have a positive impact on strengthening security such as corporate networks by expanding the range of choices among security indicators from various perspectives.

Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
김해린, 이승운, 홍수연, "A Quantitative Security Metric Based on MITRE ATT&CK for Risk Management," Journal of The Korea Institute of Information Security and Cryptology, vol. 34, no. 1, pp. 53-60, 2024. DOI: https://doi.org/10.13089/JKIISC.2024.34.1.53.

[ACM Style]
김해린, 이승운, and 홍수연. 2024. A Quantitative Security Metric Based on MITRE ATT&CK for Risk Management. Journal of The Korea Institute of Information Security and Cryptology, 34, 1, (2024), 53-60. DOI: https://doi.org/10.13089/JKIISC.2024.34.1.53.