An investigation of security controls and MITRE ATT\&CK techniques
Md Rayhanur Rahman, Laurie Williams
TL;DR
This study evaluates how effectively existing security controls mitigate adversarial techniques in cyberattacks, highlighting gaps and proposing critical controls to enhance defense strategies based on MITRE ATTACK framework analysis.
Contribution
It provides a comprehensive analysis of the mitigation capabilities of NIST controls against MITRE ATT&CK techniques, identifying gaps and proposing a prioritized set of critical controls.
Findings
Only 101 out of 298 controls mitigate techniques.
53 techniques cannot be mitigated by any controls.
A set of 20 controls can mitigate 72% of techniques.
Abstract
Attackers utilize a plethora of adversarial techniques in cyberattacks to compromise the confidentiality, integrity, and availability of the target organizations and systems. Information security standards such as NIST, ISO/IEC specify hundreds of security controls that organizations can enforce to protect and defend the information systems from adversarial techniques. However, implementing all the available controls at the same time can be infeasible and security controls need to be investigated in terms of their mitigation ability over adversarial techniques used in cyberattacks as well. The goal of this research is to aid organizations in making informed choices on security controls to defend against cyberthreats through an investigation of adversarial techniques used in current cyberattacks. In this study, we investigated the extent of mitigation of 298 NIST SP800-53 controls over…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Malware Detection Techniques · Information and Cyber Security · Network Security and Intrusion Detection