University of Twente Student Theses
As of Friday, 8 August 2025, the current Student Theses repository is no longer available for thesis uploads. A new Student Theses repository will be available starting Friday, 15 August 2025.
ThreatCompass : A Tool For Identifying and Mapping Vulnerabilities to TTPs
Krijnen, Yannick (2025) ThreatCompass : A Tool For Identifying and Mapping Vulnerabilities to TTPs.
|
PDF
432kB |
| Abstract: | This research addresses the importance of Common Vulnerabilities and Exposures (CVE) identification and the corresponding Tactics, Techniques and Procedures (TTPs). Currently, the National Vulnerability Database already provides developers with a publicly available database containing known vulnerabilities, but CVEs are identified manually, and many of their associated TTPs are missing. This means that despite developers being aware of vulnerabilities, it is difficult to address them. To address this problem, a tool was developed in this research that identifies vulnerabilities in a GitHub repository. Subsequently, identified vulnerabilities are mapped to TTPs following the path outlined by the MITRE framework, using both ground truth data as well as machine learning predictions. This allows developers to identify issues that are relevant in their project and see the associated TTPs, bridging the gap of the unmapped by applying machine learning models. To further improve the accuracy of the predictions, users can opt to select multiple models to utilize ensemble learning. This project's main contributions are the implementation of this tool based on a literature research. The tool's results are validated by comparing them to a ground-truth dataset, utilizing GitHub repositories with intentionally vulnerable clusters. |
| Item Type: | Essay (Bachelor) |
| Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
| Subject: | 54 computer science |
| Programme: | Computer Science BSc (56964) |
| Link to this item: | https://purl.utwente.nl/essays/107566 |
| Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Show download statistics for this publication
Show download statistics for this publicationRepository Staff Only: item control page