부산대학교 도서관

Security threats and attacks have recently increased in complexity, requiring rapid understanding of vulnerabilities and responses to attacks. ATT&CK and CAPEC are databases that compile attack patterns against vulnerabilities and help develop countermeasures and defenses in the security domain. Although the relationships between attack patterns are defined in these databases, the databases are manually manipulated, potentially resulting in delays in reflecting information and in relationship omissions. This paper proposes applying fine-tuned bidirectional encoder representations from transformers (BERT) to use ATT&CK, CAPEC, and their combined datasets to detect abstract–concrete relationships between attack patterns. In our evaluation, the model trained on the combined dataset of ATT&CK and CAPEC achieved the highest accuracy. For the models trained on each individual dataset, differences in the similarity of the attack pattern pair descriptions between ATT&CK and CAPEC resulted in differences in the accuracy of the binary classification task.