Research Article
An Automatic Assessment Method of Cyber Threat Intelligence Combined with ATT&CK Matrix
Table 4
Assessment features and corresponding scores.
| | Assessment feature | Description | Attributes | Score |
| | Alert | The possible harm through the IOCs | Marked high-risk in the database | 3 | | Marked medium-risk in the database | 2 | | Marked low-risk in the database | 1 | | Created time | Timestamp related to IOC | Last day | 5 | | Last week | 4 | | Last month | 3 | | Last year | 2 | | Other | 1 | | External reference | Other threat activities related to this indicator | Multi known reference | 4 | | Single known reference | 3 | | Unknown reference | 2 | | No reference | 1 | | CVE | Check if the CVE is found in the extracted IOCs, and if so, check the CVSS | CVE with critical CVSS | 5 | | CVE with high CVSS | 4 | | CVE with medium CVSS | 3 | | CVE with low CVSS | 2 | | No CVE or CVE with no CVSS | 1 |
|
|
