Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach

Benjamin M. Ampel; Tala Vahedi; Sagar Samtani; Hsinchun Chen

doi:10.1109/ISI58743.2023.10297272

Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach

Benjamin M. Ampel, Tala Vahedi, Sagar Samtani, Hsinchun Chen

Last updated on Jun 9, 2026

Altmetric Attention Score

This badge shows attention from news, blogs, social media, policy documents, and more. View details

📈 Dimensions Citation Metrics

Dimensions tracks citations across scholarly literature, patents, clinical trials, and policy documents. View full metrics →

In Plain Terms

This study automatically analyzes malicious code posted on public paste sites like Pastebin and maps it to MITRE ATT&CK, a standard catalog of attacker techniques, to produce early cyber threat intelligence. It introduces a hybrid deep-learning model (combining convolutional, Transformer, and BiLSTM components) that can assign multiple technique labels to each code snippet. The model set new best-in-class performance, and a case study revealed the tactics and tools attackers share on these sites.

Key Contributions

Key contributions will be added soon.

Artifacts

PDF

Related Papers

Citation

Benjamin M. Ampel, Tala Vahedi, Sagar Samtani, & Hsinchun Chen (2023). Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach. IEEE ISI https://doi.org/10.1109/ISI58743.2023.10297272

Cyber Threat Intelligence MITRE ATT&CK Deep Learning Paste Sites Exploit Analysis

Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach

Altmetric Attention Score

📈 Dimensions Citation Metrics

Key Contributions

Artifacts

Related Papers

Citation

Benjamin M. Ampel

Assistant Professor in Computer Information Systems and Director, CyberAI Research and Education Center (CARE)