Description
Analyzing intercepted or summarized computer network traffic to detect unauthorized activity.
Technical Details
| Framework | MITRE D3FEND |
| Ontology URI | d3f:NetworkTrafficAnalysis |
| Local Identifier | NetworkTrafficAnalysis |
| Publication Status | Published on D3FEND website |
Relationships
Parent Tactics
- Detect Detect
Child Concepts
- D3-CSPP Client-server Payload Profiling
- D3-PMAD Protocol Metadata Anomaly Detection
- D3-IPCTA IPC Traffic Analysis
- D3-RTA RPC Traffic Analysis
- D3-RPA Relay Pattern Analysis
- D3-CA Certificate Analysis
- D3-RTSD Remote Terminal Session Detection
- D3-PHDURA Per Host Download-Upload Ratio Analysis
- D3-BSE Byte Sequence Emulation
- D3-DNSTA DNS Traffic Analysis
- D3-CAA Connection Attempt Analysis
- D3-FC File Carving
- D3-NTCD Network Traffic Community Deviation
- D3-ISVA Inbound Session Volume Analysis
- D3-ANAA Administrative Network Activity Analysis
- D3-NTSA Network Traffic Signature Analysis
References
For the official documentation and additional resources, visit the MITRE D3FEND website.
View on MITRE D3FEND