I had a similar requirement with some Juniper devices that were not present in the ISE RADIUS Dictionary. I was able to create these attributes because the 3rd party vendor was quite clear about the attribute values and their type (STRING/INTEGER etc)

If you have this, then it's easy. If you have to reverse engineer, then it's more effort. What information do you have?

As @Damien Miller pointed out, you can also use Device Profiles - but the purpose of Device Profiles is to provide an abstraction layer to the user, which leads to a normalization of the Policy Set configuration. What does this mean exactly?  It means that you can use a nice Policy Set Condition abstraction like, e.g. "Wireless 802.1X" (which already exists in ISE) and you don't need to care how Cisco, Aruba, HPE, Meraki do it - because the magic mappings/definitions are defined in Device Profiles. But these device profiles do not define the 3rd party RADIUS attributes themselves. Device Profiles define how we should interpret them for the purposes of Policy Set logic. Device Profiles are pure genius in the ISE product and if used wisely, can be very powerful.

One caveat with device profiles. You have to match the Device Profile type that is assigned to your Authorization Profile, with the Device Profile that is assigned to the NAS - UNLESS - you use a generic Device Profile in Authorization Profile.  EEEH? What??  e.g. Your NAS is an Aruba WLC. You Policy Set evaluates an AuthZ Result that you want to return to the Aruba WLC - and this Profile is of type "Cisco".  ISE will let you do this, but it will result in failure - the AuthZ profile won't be sent out. This means that you need to pay special attention. It also explains why some people still use Cisco Device Profiles everywhere, even in a multi-vendor NAS deployment.

If you have a 3rd party NAS which uses its own bizzare RADIUS attributes, then you need to add them to the ISE Dictionary as shown below: