five

MITRE ATT&CK TTP Data Set

收藏
Zenodo2025-05-11 更新2026-05-26 收录
下载链接:
https://zenodo.org/doi/10.5281/zenodo.14907304
下载链接
链接失效反馈
官方服务:
资源简介:
The dataset contains sentences from MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs) along with their corresponding procedure descriptions. Here’s an overview: Columns: Key: Contains TTP techniques and subtechniques. Value: Contains the corresponding procedure descriptions. Data Details: The dataset has 19,747 rows, each representing a procedure linked to a TTP ID. It includes 780 unique TTP IDs covering both MITRE ATT&CK techniques and subtechniques. The TTPs and procedure descriptions were extracted from the enterprise-attack-15.1.json file available on GitHub. Preprocessing and Data Cleansing:The following regex rules were applied to the Value column: Replace URLs related to software with the term "Software":re.sub(r'[.?](https://attack\.mitre\.org/software/.?)', 'Software', text) Replace URLs related to groups with the term "Attacker":re.sub(r'[.?](https://attack\.mitre\.org/groups/.?)', 'Attacker', text) Remove any text within parentheses:str.replace(r'\([^)]*\)', '', regex=True) Remove any text within square brackets:str.replace(r'\[.*?\]', '', regex=True) Remove any leading or trailing whitespace:str.strip() Acknowledgments: Funded by the European Union under the European Defence Fund (GA no. 101121403 - NEWSROOM and GA no. 101121418 - EUCINF). Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Commission. Neither the European Union nor the granting authority can be held responsible for them. This work is co-funded by the Austrian FFG Kiras project ASOC (GA no. FO999905301).

本数据集收录源自MITRE ATT&CK战术、技术与流程(MITRE ATT&CK Tactics, Techniques, and Procedures,简称TTPs)的语句及其配套流程描述。以下为数据集概览: #### 字段说明 Key字段:包含TTP技术与子技术条目; Value字段:包含对应的流程描述文本。 #### 数据详情 本数据集共包含19747条数据,每条数据对应一个关联TTP ID的流程。涵盖780个唯一TTP ID,覆盖MITRE ATT&CK的全部技术及子技术。本数据集的TTP与流程描述均提取自GitHub平台上的enterprise-attack-15.1.json文件。 #### 数据预处理与清洗 针对Value字段应用了如下正则表达式规则: 1. 将与软件相关的URL替换为"Software":`re.sub(r'[.?](https://attack.mitre.org/software/.?)', 'Software', text)` 2. 将与攻击组相关的URL替换为"Attacker":`re.sub(r'[.?](https://attack.mitre.org/groups/.?)', 'Attacker', text)` 3. 移除所有圆括号内的文本:通过`str.replace(r'([^)]*)', '', regex=True)`实现 4. 移除所有方括号内的文本:通过`str.replace(r'[.*?]', '', regex=True)`实现 5. 移除所有首尾空白字符:通过`str.strip()`实现 #### 致谢 本项目由欧盟欧洲国防基金资助(项目编号GA no. 101121403 - NEWSROOM 与 GA no. 101121418 - EUCINF)。本报告所表达的观点仅代表作者本人,不必然反映欧盟或欧洲委员会的立场。欧盟及资助机构不对本内容承担任何责任。本工作同时由奥地利FFG Kiras计划下的ASOC项目联合资助(项目编号GA no. FO999905301)。
提供机构:
Zenodo
创建时间:
2025-02-21
二维码
社区交流群
二维码
科研交流群
商业服务