Cyber Threat Intelligence (CTI) information has always been an indispensable and primary reference for malicious behavior analysis and cyber security defense. CTI information could help enterprises understand the Tactics, Techniques and Procedures used by the cyber attacks and intrusions, and further formulate policies and mechanisms to defend against them. A well-known cyber security framework – MITRE ATT CK – has collected and integrated a large amount of CTI related information from real cases of cyber attacks. MITRE ATT CK provides a framework-based overview of cyber attacks by presenting their Tactics, Techniques and Procedure Examples. In order for CTI information to be effectively shared and used, they need to have structural and formal representations. This thesis proposes to construct an ontology of MITRE ATT CK in order to achieve the purpose of knowledge sharing. In our work, data are collected from the MITRE ATT CK website. We use Web Ontology Language (OWL) to define a set of concepts and relations, which are composed of known CTI knowledge terms, based on the resource requirement of three important query modes. Finally, we will build up ontological resources for all data instances and further construct a complete MITRE ATT CK ontology. At the end of the thesis, the thesis implements a web-based knowledge query system based on the constructed MITRE ATT CK ontology, enabling users an easy-to-use user interface (UI) to obtain the desired CTI information.