search

d3fend / d3fend-ontology

This repository holds the necessary content to produce the D3FEND ontology distribution.
https://d3fend.mitre.org
MIT License
59 stars 26 forks source link

Tactics and Techniques from MITRE ATLAS #245

Open aamedina opened 6 months ago

aamedina commented 6 months ago

Overview

This proposal seeks to integrate MITRE ATLAS tactics and techniques into the existing D3FEND ontology to enhance the representational fidelity of AI threats within the model. The ATLAS framework, which extends the MITRE ATT&CK Enterprise Matrix to AI-specific contexts, models adversarial goals and methods in compromising AI systems. By keeping D3FEND up to date with ATLAS, we could provide the public with a more comprehensive ontology that can better guide the development of defenses against evolving AI-centric cyber threats.

Discussion

References

netfl0 commented 6 months ago

This would hang right under External Threat Model Thing. It would not be considered an Attack Thing.

aamedina commented 6 months ago

This would hang right under External Threat Model Thing. It would not be considered an Attack Thing.

Is this right?

:ATLASThing a owl:Class ;
    rdfs:label "ATLAS Thing" ;
    rdfs:subClassOf :ExternalThreatModelThing .

and then define subclasses for ATLAS(Tactic/Technique/Mitigation) from that?

netfl0 commented 6 months ago

Yes, it should mirror the attack tree structure

aamedina commented 6 months ago

assuming the following added to the ontology:

:ATLASThing a owl:Class ;
    rdfs:label "ATLAS Thing" ;
    rdfs:subClassOf :ExternalThreatModelThing .

:ATLASTactic a owl:Class ;
    rdfs:label "ATLAS Tactic" ;
    rdfs:subClassOf :ATLASThing,
        :Goal,
        [ a owl:Restriction ;
            owl:onProperty :enabled-by ;
            owl:someValuesFrom :ATLASTechnique ] ;
    rdfs:seeAlso <https://atlas.mitre.org/tactics> ;    
    :definition "An ATLAS Tactic is a categorical classification of techniques within the MITRE ATLAS™ framework, representing adversarial goals particular to artificial intelligence systems. It also adapts MITRE ATT&CK® Enterprise Matrix tactics by integrating machine learning concepts, thus capturing the unique motives behind actions in AI-specific operations." .

:ATLASTechnique a owl:Class ;
    rdfs:label "ATLAS Technique" ;
    rdfs:subClassOf :ATLASThing,
      :Action,
      :Technique,
      [ a owl:Restriction ;
          owl:onProperty :enables ;
          owl:someValuesFrom :ATLASTactic ] ;
    rdfs:seeAlso <https://atlas.mitre.org/techniques> ;
    :definition "An ATLAS Technique is an action conducted by adversaries to accomplish tactical goals within the context of artificial intelligence systems. These techniques articulate both 'how' adversaries execute these actions to reach their objectives and 'what' outcomes are achieved from these maneuvers." .

:ATLASMitigation a owl:Class ;
    rdfs:label "ATLAS Mitigation" ;
    rdfs:subClassOf :ATLASThing,
        [ a owl:Restriction ;
            owl:onProperty :semantic-relation ;
            owl:someValuesFrom :DefensiveTechnique ] .

:atlas-id a owl:DatatypeProperty,
        owl:FunctionalProperty ;
    rdfs:label "atlas-id" ;
    rdfs:subPropertyOf :d3fend-kb-data-property ;
    rdfs:domain :ATLASThing ;
    rdfs:range xsd:string ;
    :definition "x atlas-id y: The ATLAS thing x is identified by string y." .

@netfl0 I will port this to Python, but does this Turtle output look sensible for the tactics mapping? https://gist.github.com/aamedina/7580cb202173e2a34a3d9e69e7316dc8

netfl0 commented 6 months ago

That looks pretty much perfect to me :)

I am thinking we ought to just duplicate the python update attack code. (Some of it is ugly, a bash script comes to mind :)

make update-atlas

As a new target then we'll know if something breaks with the atlas data.