Comparing Attack Models for IT Systems: Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework and Diamond Model

Nitin Naik, Paul Jenkins, Paul Grace, Jingping Song

Research output: Chapter in Book/Published conference outputConference publication

Abstract

Cyberattacks are a serious challenge for any IT system, which motivates cybersecurity professionals and developers to constantly explore various attack models to analyse the cyberattack lifecycle used by attackers to mount their attacks. Several attack models have been proposed and successfully utilised to analyse the various types of cyberattacks and their mitigations. All the models offer different characteristics, advantages and disadvantages. Therefore, it is important to examine the most popular attack models to understand their characteristics and suitability for modelling specific types of attacks. This paper will examine characteristics, advantages and disadvantages of the three most popular attack models: the Lockheed Martin’s Cyber Kill Chain, the MITRE ATT&CK Framework and the Diamond Model. Finally, it will provide a comparative study of these three attack models to present a relative summary for selecting the most suitable attack model for a specific application.
Original languageEnglish
Title of host publicationISSE 2022 - 2022 8th IEEE International Symposium on Systems Engineering, Conference Proceedings
PublisherIEEE
ISBN (Electronic)9781665481823
ISBN (Print)9781665481830
DOIs
Publication statusPublished - 2022
Event8th IEEE International Symposium on Systems Engineering - Vienna, Austria
Duration: 24 Oct 202226 Oct 2022
https://2022.ieeeisse.org/

Conference

Conference8th IEEE International Symposium on Systems Engineering
Abbreviated titleISSE 2022
Country/TerritoryAustria
CityVienna
Period24/10/2226/10/22
Internet address

Bibliographical note

Publisher Copyright:
© 2022 IEEE.

Keywords

  • Attack Models
  • Cyberattack
  • Cyber Kill Chain
  • Lockheed Martin’s Cyber Kill Chain
  • MITRE ATT&CK Framework
  • Diamond model of intrusion analysis

Fingerprint

Dive into the research topics of 'Comparing Attack Models for IT Systems: Lockheed Martin’s Cyber Kill Chain, MITRE ATT&CK Framework and Diamond Model'. Together they form a unique fingerprint.

Cite this