Automatic mapping based on CVE and ATT&CK

Abstract

The CVE is a database of cyber security vulnerabilities that describe the characteristics of vulnerabilities. MITRE ATT&CK formalizes attack patterns (including attack tactics and techniques) through abstract theory, and gives corresponding mitigation schemes, so it is significant to identify ATT&CK attack information from CVE. Since there is no link between the two, this paper proposes a Transformer-based mapping scheme to automatically map CVE’s to ATT&CK, and verify it on the CVE dataset, which has a good mapping effect and provides security operators with Intuitive reference.