1 |
Kapetanakis, S., Filippoupolitis, A., Loukas, G., and Murayziq, T., "Profiling cyber attackers using case-based reasoning", Proceedings of 19th UK workshop on case-based reasoning, pp. 39-48, 2014. https://researchgate.net/publication/301221761_Profiling_cyber_attackers_using_Case-based_Reasoning
|
2 |
Choi, C. H., Shin, C. H., Shin, S. U., Seo, S. Y., Lee, I. S., "Deep learning for estimating next action of cyber attack", Proceedings of Korea Institute of Military Science and Technology annual conference, pp. 1075-1076, 2021.
|
3 |
Al-Mohannadi, H., Mirza, Q., Namanya, A., Awan, I., Cullen, A., Disso, J., "Cyber-attack modeling analysis techniques:An overview", Proceedings of IEEE 4th international conference on future internet of things and cloud workshops, pp. 69-76, 2016. https://doi.org/10.1109/W-FiCloud.2016.29
DOI
|
4 |
MITRE ATT&CK, https://attack.mitre.org
|
5 |
Liu, D., Zhang, H., Yu, H., Liu, X., Zhao, Y., Lv, G., "Research and application of APT attack defense and detection technology based on big data technology", Proceedings of IEEE 9th International Conference on Electronics Information and Emergency Communication, pp. 1-4, 2019. https://doi.org/10.1109/ICEIEC.2019.8784483
DOI
|
6 |
Kim, H., Kwon, H. J., and Kim, K. K., "Modified cyber kill chain model for multimedia service environments", Journal of Multimedia Tools and Application, vol .78 no. 3, pp. 3153-3170, 2019. https://doi.org/10.1007/s11042-018-5897-5
DOI
|
7 |
Choi, C. H., Shin, S. U., Shin, C. H., "Performance evaluation method of cyber attack behaviour forecasting based on mitigation", Proceedings of International Conference on information and communication Technology Convergence, pp. 13-15, 2021. https://doi.org/10.1109/ICTC52510.2021.9620951
DOI
|
8 |
Choi, C. H., Shin, C. H., Shin, S. U., "Cyber attack group classification based on TTP information", Proceedings of Internet Computing and Service spring conference, vol. 23, no. 1, pp. 7-8, 2021.
|
9 |
Hutchins, E. M. Cloppert, M. J., and Amin, R., M. "Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chain", Journal of Leading Issues in Information Warfare & Security Research, vol. 1 no. 1, pp. 80, 2011. https://lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf
|
10 |
M. Gul and E. Kugu, "A Survey on anti-forensics techniques,", Proceedings of International Artificial Intelligence and Data Processing Symposium, pp. 1-6, 2017. https://doi.org/10.1109/IDAP.2017.8090341
DOI
|
11 |
Son, K. H., Kim, B. I., and Lee, T. J., "Cyber-attack group analysis method based on association of cyber-attack information", Transaction on Internet and Information Systems, vol. 14, no. 1, pp.260-280, 2020. https://doi.org/10.3837/tiis.2020.01.015
DOI
|
12 |
Hwang, C. W., Kim, D. Y., and Lee, T. J., "Semi-supervised based unknown attack detection in EDR environment", Transactions on Internet and Information Systems. vol. 14, no. 12, pp. 4909-4926, 2020. https://doi.org/10.3837/tiis.2020.12.016
DOI
|
13 |
Han, M. L., Han, H. Ch., Kang, A. R., Kwak, B. I., Mohaisen, A., and Kim H. K., "WHAP: Web-hacking profiling using case-based reasoning", Proceedings of IEEE Conference on Communication and Network Security pp., 344-345, 2016. https://doi.org/10.1109/CNS.2016.7860503
DOI
|
14 |
Choi, C. H., Lee, H. S., Jung, I. H., Park, J. H., and Yoon, H. S.,"E-mail Clustering for Cyber Attack Attribution", Proceedings of Korea Institute of Military Science and Technology annual conference, pp.1289-1290, 2018.
|
15 |
Kawai, M., Ota, K., and Dong, M., "Improved malgan: Avoiding malware detector by leaning cleanware features", Proceedings of IEEE International Conference on Artificial Intelligence in Information and Communication, pp. 40-45, 2019. https://doi.org/10.1109/ICAIIC.2019.8669079
DOI
|
16 |
Milajerdi, S. M., Gjomemo, R., Eshete, B., Sekar, R., and Venkatakrishnan, V. N., "Holmes: real-time apt detection through correlation of suspicious information flows.", Proceedings of IEEE Symposium on Security and Privacy, pp. 1137-115. 2019. https://doi.org/10.1109/SP.2019.00026
DOI
|
17 |
Watters, P., McCombie, S., Layton, R., and Pieprzyk J., "Characterising and predicting cyber attacks using the cyber attacker model profile(CAMP)", Journal of Money Laundering Control, vol. 15, pp. 430-441, 2012. https://doi.org/10.1108/13685201211266015
DOI
|
18 |
Stahl, A., and Roth-Berghofer, T., "Rapid prototyping of CBR Applications with the Open Source Tool my CBR", Proceedings of the 9th European Conference on Advances in Case-Based Reasoning, pp. 615-629, 2008. https://doi.org/10.1007/978-3-540-85502-6_42
DOI
|
19 |
Jung, I. H., Lee, H. S, Choi, C. H., and Yoon, H. S., "A Study for Creator System Information Identification Based on Document Type Malware", Proceedings of Korea Institute of Military Science and Technology annual conference, pp.1504-1505, 2018
|
20 |
Cho, H. S., Lee, S. G., Kim, B. I., Shin, Y. S., and Lee, T. J., "The study of prediction of same attack group by comparing similarity of domain", Proceedings of International conference on information and communication technology convergence, pp. 1220-1222, 2015. https://doi.org/10.1109/ICTC.2015.7354779
DOI
|
21 |
Kim, W. J., Park, C. W., Lee, S. J., and Lim J. S., "Methods for Classification and Attack Prediction of Attack Groups based on Framework of Cyber Defense Operations", Journal of KIISE:Computing Practices and Letters. vol. 20, no.6, pp.317-328, 2014. http://www.dbpia.co.kr/journal/articleDetail?nodeId=NODE02432562
|
22 |
Shin, Y. S., Kim, K. M., Lee, J., Lee, K. H., "ART: Automated reclassification for threat actors based on ATT&CK matrix similarity", Proceedings of World Automation Congress, pp.15-20, 2021. https://doi.org/10.23919/WAC50355.2021.9559514
DOI
|
23 |
APT & CyberCriminal Campaign Collections, https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections
|
24 |
Husari, G., Al-Shaer, E., Ahmed, M., Chu, B., and Niu, X., "TTPDrill: Automatic and accurate extraction of threat actions from unstructured text of CTI Sources", 33rd annual computer security applications conference, pp. 103-115, 2017. https://doi.org/10.1145/3134600.3134646
DOI
|
25 |
Mikolov, T., Chen, K., Corrado, G., and Dean, J., "Efficient estimation of word representations in vector space", arXiv preprint arXiv:1301.3781, 2013. https://doi.org/10.48550/arXiv.1301.3781
DOI
|
26 |
Choi, C. H., Lee, H. S., Jung, I. H., Yoo, C. G., and Yoon, H. S., "Statistical Analysis of EML Header for Cyber Attacker Tracing", Proceedings of Korea Institute of Military Science and Technology annual conference, pp.1141-1142, 2017.
|
27 |
Jung, I. H., Lee, H. S, Choi, C. H., Yoo, C. G., and Yoon, H. S., "A Study for Specific information identification of attackers through document type malware analysis", Proceedings of Korea Institute of Military Science and Technology annual conference, pp.1185-1186, 2017.
|
28 |
Choi, C. H., Shin, C. H., Shin, S. U., Seo, S. Y., Lee, I. S., "Cyber Attack Group Classification using Siamese LSTM", Proceedings of Korea Institute of Military Science and Technology annual conference, pp. 1425-1426, 2022.
|
29 |
APTNotes, https://github.com/aptnotes/data,
|
30 |
APT report collected blackorbird, https://github.com/blackorbird/APT_REPORT
|
31 |
Legoy, V., Caselli, M., Seifert, C., and Peter, A, "Automated retrieval of ATT&CK tactics and techniques for cyber threat reports.", arXiv preprint arXiv:2004.14322, 2020. https://doi.org/10.48550/arXiv.2004.14322
DOI
|
32 |
Scikit-learn, https://scikit-learn.org
|
33 |
Threat Report ATT&CK Mapping(TRAM), https://github.com/center-for-threat-informed-defense/tram/
|
34 |
XGBoost, https://github.com/dmlc/xgboost
|