The Design of an Ontology for ATT&CK and its Application to Cybersecurity.

The spread of attacks in computer networks and within systems can have severe consequences for both individuals and organizations. One approach to preventing the spread of attacks is to use ontological aid, which is the use of ontologies to provide a structured representation of knowledge about the attack and its components, especially the ones who often disguise themselves to remain undetected for a long time within the system. As soon as one particular stage of such an attack is detected, it is imperative to reduce the amount of spread so that no permanent damage can be done. For this, the security analyst must boil down to technical details from a behavioral perspective so that proper defensive initiatives can be taken. We propose an ontology that will aid security analysts to find out the list of vulnerabilities to be patched so that an ongoing attack campaign can be prevented from spreading even more.