Camp2Vec: Embedding cyber campaign with ATT&CK framework for attack group analysis

Insup Lee; Changhee Choi

ICT Express (Dec 2023)

Camp2Vec: Embedding cyber campaign with ATT&CK framework for attack group analysis

Insup Lee,
Changhee Choi

Affiliations

Insup Lee: Cyber Technology Center, Agency for Defense Development, Seoul 05771, Republic of Korea
Changhee Choi: Corresponding author.; Cyber Technology Center, Agency for Defense Development, Seoul 05771, Republic of Korea

Journal volume & issue: Vol. 9, no. 6
pp. 1065 – 1070

Abstract

Read online

As the cyberattack subject has expanded from individual to group, attack patterns have become a complicated form of cyber campaigns. Although detecting the attack groups that operated the cyber campaigns is an important issue, complex methods such as deep learning are difficult to use due to the lack of campaign data. This paper proposes Camp2Vec, a lightweight statistics-based embedding for cyber campaigns, enabling attack group detection. The proposed method models a relationship between a campaign and techniques in the ATT&CK® framework as a document and words. Experimental results with expert-labeled datasets prove that Camp2Vec identifies representative attack groups successfully.

Published in ICT Express

ISSN: 2405-9595 (Online)
Publisher: Elsevier
Country of publisher: Netherlands
LCC subjects: Technology: Technology (General): Industrial engineering. Management engineering: Information technology
Website: http://www.journals.elsevier.com/ict-express/

About the journal

Abstract

Keywords