Analysis and Characterization of Cyber Threats Leveraging the MITRE ATT&CK Database

MITRE ATT&CK is a comprehensive knowledge-base of adversary tactics, techniques, and procedures (TTP) based on real-world attack scenarios. It has been used in different sectors, such as government, academia, and industry, as a foundation for threat modeling, risk assessment, and defensive strategies. There are valuable insights within MITRE ATT&CK knowledge-base that can be applied to various fields and applications, such as risk assessment, threat characterization, and attack modeling. No previous work has been devoted to the comprehensive collection and investigation of statistical insights of the MITRE ATT&CK dataset. Hence, this work aims to extract, analyze, and represent MITRE ATT&CK statistical insights providing valuable recommendations to improve the security aspects of Enterprise, Industrial Control Systems (ICS), and mobile digital infrastructures. For this purpose, we conduct a hierarchical analysis starting from MITRE ATT&CK threat profiles toward the list of techniques in the MITRE ATT&CK database. Finally, we summarize our key findings while providing recommendations that will pave the way for future research in the area.