Exploring the MITRE ATT&CK® Matrix in SE Education

• In Event: Cybercrime Prevention and Education: Interdisciplinary Approaches to Digital Safety and Security

Abstract

Cybersecurity is a multidisciplinary field that requires understanding of human behavior. To reinforce this idea and encourage non-technical students to partici-pate in cybersecurity, an experiential learning project was implemented to an up-per-level undergraduate criminal justice class. This paper is focused on a class project in which groups of students mapped a social engineering case study onto the MITRE ATT&CK framework to understand the adversarial mindset. The pa-per provides background information on the ATT&CK framework, compares groups’ mappings to each other within the class as well as against a mapping done by an ATT&CK representative, and offers a discussion on the analysis. This paper demonstrates that while someone with more knowledge and experi-ence using the framework may map a SE case study differently than multidisci-plinary students who are experiencing it for the first time, there is not a single correct way to map onto the matrix. Having students experience this mapping project allows them to understand the breakdown of an adversary’s behavior and interpret key tactics and techniques in a way that fits their mapping needs. This paper also demonstrates how a SE case study can be mapped onto the ATT&CK framework despite SE not being the focus of the framework, and that SE uses tactics and techniques that are also relevant to technical cyberattacks. The authors hope to encourage more interdisciplinary cybersecurity education by sharing this course project.

Author

• Katorah Williams, University of South Florida