Threat Intelligence Quality Assessment Model Based on Contribution Calculation with ATT CK Framework

With the increasing severity of cyber threats, cyber threat intelligence CTI has become a crucial tool for enhancing cyber security protection. Maximizing the potential value of threat intelligence requires properly and efficiently sharing. However, the sharing process often faces challenges such as quality assessment. To tackle the problem of quantification in quality assessment, this paper proposes a threat intelligence quality assessment model based on contribution calculation with the ATT CK framework. We introduce assessment metrics from event perspective, take TTPs Tactics, Techniques, and Procedures and other elements into account, and incorporate specific application scenarios to evaluate threat intelligence so as to provide practical guidance for security practitioners. Finally, we demonstrate the effectiveness, practicality, and high coverage in terms of event-relevant metrics of the model through experimental assessment.