MITRE ATT&CK® is a knowledge base of attack tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
For companies that start to implement Threat Intelligence and plan to use the MITRE ATT&CK framework, it could be interesting to focus first on tactics and techniques that have already been used against companies from the same domain (government, energy, research etc.), or against target that rely on the same infrastructure (Linux or Windows, on-premise or cloud etc.)
The classifier itself can be simple (keyword based) or more evolved (ML or AI based).
The goal of this project is to develop a classifier that can group and present the different information available on MITRE ATT&CK (tool, techniques, hacking group) according to the type of target (government, energy, research etc.), and also according to the type of infrastructure (Windows, Linux, on-premise, cloud etc.).
There are different possibilities to implement the classifier
To start this project you should have some knowledge of programming language.
To achieve this project, you will use following tools and technologies: