Skip to main content

Table 2 12 TTPs element types

From: TIM: threat context-enhanced TTP intelligence mining on unstructured threat data

TTPs Element Example Extract Method
IPv4 192.168.1.1 Regex
Domain Example.com Regex
Email mail@example.com Regex
Filename example.vba Regex
URL http://example.com/project/example.php Regex
File Hash 66efff4c945d3c3b87fc271b47d456db Regex
File Path /home/example/example.o Regex
CVE cve-2017-11882 Regex
Encode&Encryption Algorithm Base64, XOR, etc. Gazetteer
Communication Protocols HTTP, SMTP, etc. Gazetteer
Data Object clipboard, screen, password, etc. Gazetteer
Regkey HKCU/Software/Microsoft/Windows/CurrentVersion/Run Regex