A Study on the Concept of Social Engineering Cyber Kill Chain for Social Engineering based Cyber Operations

사회공학 사이버작전을 고려한 사회공학 사이버킬체인 개념정립 연구

  • Shin, Kyuyong (Cyber Warfare Research Center at Korea Military Academy) ;
  • Kim, Kyoung Min (Cyber Warfare Research Center at Korea Military Academy) ;
  • Lee, Jongkwan (Cyber Warfare Research Center at Korea Military Academy)
  • 신규용 (육군사관학교 사이버전 연구센터) ;
  • 김경민 (육군사관학교 사이버전 연구센터) ;
  • 이종관 (육군사관학교 사이버전 연구센터)
  • Received : 2018.05.17
  • Accepted : 2018.08.10
  • Published : 2018.10.31


The Cyber Kill Chain originally proposed by Lockheed Martin defines the standard procedure of general cyber attacks and suggests tailored defensive actions per each step, eventually neutralizing the intent of the attackers. Defenders can effectively deal with Advanced Persistent Threat(APT)s which are difficult to be handled by other defensive mechanisms under the Cyber Kill Chain. Recently, however, social engineering techniques that exploits the vulnerabilities of humans who manage the target systems are prevail rather than the technical attacks directly attacking the target systems themselves. Under the circumstance, the Cyber Kill Chain model should evolve to encompass social engineering attacks for the improved effectiveness. Therefore, this paper aims to establish a definite concept of Cyber Kill Chain for social engineering based cyber attacks, called Social Engineering Cyber Kill Chain, helping future researchers in this literature.

JBBHCB_2018_v28n5_1247_f0001.png 이미지

Fig. 1. The Course of Defensive Actions in Different Stages of Cyber Kill Chain(Lockheed Martin[2]).

JBBHCB_2018_v28n5_1247_f0002.png 이미지

Fig. 2. The Procedure of Technical and Social Engineering Cyber Operations[8].

JBBHCB_2018_v28n5_1247_f0003.png 이미지

Fig. 3. The Concept and Procedure of the Social Engineering Cyber Kill Chain Model

Table 1. The Difference between Lockheed Martin and Proposed Cyber Kill Chain for the Scenario

JBBHCB_2018_v28n5_1247_t0001.png 이미지


Supported by : 화랑대연구소


  1. Kang-nyeong Kim, "The Direction and Tasks of Moon Jae-in's Administration's Defense-Military Policy toward North Korea," Korean Association Of Unification Strategy, 2017.
  2. Eric M. Hutchins, Michael J. Cloppert, Rohan M. Amin, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Lockheed Martin, 2011.
  3. Ireneusz Tarnowski, "How to use cyber kill chain model to build cybersecurity?," Case Study, Wroclaw University of Science and Technology, Poland, 2017.
  4. Younghwan Kim and Soojin Lee, "Cyber Kill Chain Strategy for Offensive and Integrated Cyber Operations," Journal of Security Engineering, 2016.
  5. Kwang-Je Kim, Taek-Shin Kang, Jae-Hong Kim, Seunghoon Jung, Jong-Bae Kim, "Cyber Defense Developement Plan based on Cyber Kill Chain," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, 2017.
  6. Taejong Son and Youngbong Kim, "Cyber kill chain concept and defense application directions," KIDA Weekly, no.1653, 2017.
  7. Wenjun Fan, Kevin Lwakatare and Rong Rong, "Social Engineering: I-E based Model of Human Weakness for Attack and Defense Investigations," Computer Network and Information Security, pp. 1-11, Jan. 2017.
  8. Kyuyong Shin et. al., "A Study on the Concept of Social Engineering based Cyber Operations," Journal of The Korea Institute of Information Security & Cryptology, vol. 28, no. 3, pp. 707-716, Jun. 2018.
  9. Dong Cheon Shin and Young Hoo Park, "Development of Risk Assessment Indices for Social Engineering Attacks," Journal of Security Engineering, 2017.
  10. Virocom, "18 Cyber Security Trends We Are Watching in 2018," 2018.
  11. Roger A. Grimes, "5 computer security facts that surprise most people," 2017.
  12. Republic of Korea Joint Chiefs of Staff, "Joint Cyberspace Operations," Joint Field Manual 3-24, 2016.
  13. Joint Publication 3-12, "Cyberspace Operations," 2013.
  14. Young-Tack Park, "The Possibility of N.K.'s Hybrid Warfare and the Development of the Phases," Journal of Defense Policy Studies, 2011.
  15. Jungho Kang et. al., "A study on the relationship between social engineering and cyberspace operations," ROK Cyber Command Technical Report, 2017.
  16. Yu-seung Sohn, Kil-hyun Nam, Sung-cheol Goh, "On the administrative security approaches against spear phishing attacks," Journal of the Korea Institute of Information and Communication Engineering, 2013.
  17. Michael Alexander, "Methods for Understanding and Reducing Social Engineering Attacks," SANS Institute, Apr. 2016.
  18. David Airehrour, Nisha Vasudevan Nair, and Samaneh Madanian, "Social Engineering Attacks and Countermeasures in the New Zealand Banking System: Advancing a User-Reflective Mitigation Model," Information, May. 2018.