Detecttechnique

D3-CAAConnection Attempt Analysis

Connection Attempt Analysis

Definition

Analyzing failed connections in a network to detect unauthorized activity.

Defends against15

TypeTargetConfidenceTier
TechniqueBITS Jobst1197100%live
SubTechniquePassword Sprayingt1110.003100%live
SubTechniqueWindows Management Instrumentation Event Subscriptiont1546.003100%live
SubTechniqueAdditional Cloud Credentialst1098.001100%live
SubTechniqueCredential Stuffingt1110.004100%live
TechniqueRemote Servicest1021100%live
TechniqueLateral Tool Transfert1570100%live
TechniqueExploitation of Remote Servicest1210100%live
TechniqueWindows Management Instrumentationt1047100%live
SubTechniqueDCSynct1003.006100%live
TechniqueTrusted Relationshipt1199100%live
SubTechniqueInternal Proxyt1090.001100%live
SubTechniqueLLMNR/NBT-NS Poisoning and SMB Relayt1557.001100%live
SubTechniqueAccessibility Featurest1546.008100%live
TechniqueRogue Domain Controllert1207100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Administrative Network Activity Analysis
Defence
Application Protocol Command Analysis
Defence
Network Traffic Analysis
Defence
Certificate Analysis
Defence
Active Certificate Analysis
Defence
Session Duration Analysis
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.