Research Article
GroupTracer: Automatic Attacker TTP Profile Extraction and Group Cluster in Internet of Things
Table 7
Techniques corresponding to each tactic and commands mapped to these techniques in our datasets.
| Tactic | Technique | Command |
| Defense evasion | Disabling security tools Clearing command history File deletion File and directory permissions modification | service iptables stop history -c rm chmod |
| Discovery | Process discovery File and directory discovery | ps cd; ls; dir |
| Lateral movement | Remote File copy | tftp; wget; curl; ftpget |
| Execution | Exploitation for client Execution | sh;./mips;./zuki;./nig |
| Impact | Network denial of service | ultimate |
| Collection | Data from local system | echo; more; cat |
|
|