Title: Analytic Development through Capability Abstraction of ATT&CK Techniques
Project ID: YarhR11
Domain(s): Cybersecurity
Description:
Research one or more ATT&CK Techniques using the “Capability Abstraction” approach used by SpectreOps to identify low-variance behaviors or “chokepoints” associated with those Techniques, and develop analytics and associated data collection requirements based on those insights.
Desired Skills:
Windows debugging, Splunk or Kibana query construction, Windows Event Logging, Sysmon, WinDbg, Procmon, or equivalents.
Clearance-
US Citizenship Required: No
Active Clearance or Background Investigation Required: No
Level Needed: N/A
Team Information-
Targeted Students: Undergraduate, Graduate
Team Size: 2 to 4
Details: This could be, and has been, accomplished by an individual, or a team. Team size is flexible, though a small group might be optimal.
Specific Requirements-
Focus on Particular University: No
Details: N/A
Timeline-
Focus Timeline: No
Details: N/A
Funding-
Potential Funding: No
Note: Availability of funds not guaranteed
Recent Comments