Document Type
Article
Keywords
MITRE ATT&CK Framework, Threat Intelligence Cybersecurity, Bibliometric Analysis, Network Analysis, Industrial Control Systems (ICS)
Abstract
The MITRE ATT&CK framework has become a foundational tool for organizing adversarial behaviors and techniques in cybersecurity. While its adoption in practice and academia has grown significantly, no prior bibliometric review has comprehensively mapped the global research landscape surrounding this framework. This study addresses that gap by conducting a systematic bibliometric and network analysis of publications related to ATT&CK indexed in Scopus from 2017 to 2025. Using VOSviewer and quantitative bibliometric methods, we analyzed 391 publications to identify trends in research output, influential works, key contributors, thematic areas, and patterns of collaboration. Results show exponential growth in studies related to ATT&CK, with North America, Europe, and Asia as major contributors. Network analysis revealed highly interconnected author clusters, while keyword mapping identified five dominant research themes, including threat intelligence, adversary emulation, and machine learning-based detection. Citation analysis further identified inspiring publications that have significantly influenced the field. This review clarifies the intellectual structure and collaborative dynamics of ATT&CK research, offering insights into its development and pointing to future opportunities in interdisciplinary cybersecurity research.
How to Cite This Article
Maqsood, Asad; Hisham, Syifak Izhar; and Firdaus, Ahmad
(2025)
"Global Research Trends and Collaboration in MITRE ATT&CK Framework: A Bibliometric and Network Analysis in Cybersecurity,"
Mesopotamian Journal of CyberSecurity: Vol. 5:
Iss.
3, Article 11.
DOI: https://doi.org/10.58496/MJCS/2025/062
Available at:
https://map.researchcommons.org/mjcs/vol5/iss3/11