Malware Behavior Catalog

The Malware Behavior Catalog (MBC) is a publicly available framework defining behaviors and code characteristics to support malware analysis-oriented use cases, such as tagging, provenance and similarity analysis, and standardized reporting. As a malware-centric extension of the MITRE ATT&CKTM knowledge base, MBC draws upon ATT&CK’s success by applying its philosophy and methodology to malware. Namely, MBC maintains a malware, code-oriented perspective and focuses on real-world use of behaviors through empirical malware examples (note there is no formal relationship between ATT&CK and MBC). The presentation discusses real-world applications of MBC and will show how behavior indicators identified through static and dynamic analysis can be mapped to MBC, illustrating the depth and precision MBC provides. Desiree Beck (Principal Cybersecurity Engineer at MITRE) Dr. Desiree Beck joined the MITRE Corporation in 2001 and is a principal cybersecurity engineer in the Cyber Operations and Effects Technical Center. Her work focuses on the research and development of malware analysis tools and techniques.