KIISE Transactions on Computing Practices (정보과학회 컴퓨팅의 실제 논문지)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지
DOI QR코드

DOI QR Code

An Asset-Mission Dependency Model Adaptation and Optimized Implementation for Efficient Cyber Mission Impact Assessment

효율적인 임무 피해 평가를 위한 자산-임무 의존성 모델 적용 및 최적화된 구현

  • 전영배 (고려대학교 정보보호학과) ;
  • 정현숙 (국방과학연구소) ;
  • 한인성 (고려대학교 정보보호학과) ;
  • 윤지원 (고려대학교 정보보호학과)
  • Received : 2017.03.17
  • Accepted : 2017.07.18
  • Published : 2017.10.15
⟨ Previous Next ⟩

Abstract

Cyber Mission Impact Assessment is one of the essential tasks which many militaries and industrial major companies should perform to effectively achieve their mission. The unexpected damage to an organization's assets results in damage to the whole system's performance of the organizations. In order to minimize the damage, it is necessary to quantify the available capacity of the mission, which can be achieved only with the remaining assets, and to immediately prepare a new second best plan in a moment. We therefore need to estimate the exact cyber attack's impact to the mission when the unwanted damage occurs by modeling the relationship between the assets and the missions. In this paper, we propose a new model which deals with the dependencies between assets and missions for obtaining the exact impact of a cyber attack. The proposed model distinguishes task management from asset management for an efficient process, and it is implemented to be optimized using a vectorized operation for parallel processing and using a buffer to reduce the computation time.

사이버 임무 피해 정량화는 정해져있는 임무에 따라 움직여 집단의 목표를 이룩하거나 이윤을 창출하는 군(軍)이나 기업들에게 빠질 수 없는 필수적인 작업이다. 조직이 지닌 자산에 대한 피해가 발생하였을 때, 수행 목표에 대한 피해를 최소화하기 위해 남은 자산만으로 달성할 수 있는 임무의 최대 수용력(capacity)을 정량화하고 빠른 시간 안에 새로운 차선책을 마련하여야 한다. 이를 위해서자산과 임무에 대한 관계를 모델링하여 정형화하면 사이버 공격이 임무에 미친 피해 영향도를 계산할 수 있다. 본 논문에서는 자산과 과업의 관리 업무를 분리하여 효율적인 관리가 가능하도록 자산과 임무 사이의 의존성에 대한 모델을 적용하였고, 적용한 모델을 바탕으로 벡터 단위의 오퍼레이션을 이용하여 계산의 병렬화나 버퍼를 이용해 연산속도를 향상시키는 등 빠른 시간 안에 계산을 완료할 수 있는 최적화된 시스템을 구현하였다.

Keywords

Acknowledgement

Supported by : 국방과학연구소

References

  1. FIRST.org, Inc., Common Vulnerability Scoring System (CVSS-SIG) [Online]. Available: https://www.first.org/cvss/cvss-v30-specification-v1.7.pdf (downloaded 2017, May. 25)
  2. A. D'Amico, L. Buchanan, J. Goodall, and P. Walczak, "Mission impact of cyber events: scenarios and ontology to express the relationships between cyber assets, missions and users," International Conference on Information Warfare and Security, p. 388, Academic Conferences International Limited, 2010.
  3. G. Jakobson, "Mission cyber security situation assessment using impact dependency graphs," Information Fusion (FUSION), 2011 Proceedings of the 14th International Conference on, pp. 1-8, IEEE, 2011.
  4. J. Holsopple and S. J. Yang, "Handling temporal and functional changes for mission impact assessment," Cognitive Methods in Situation Awareness and Decision Support (CogSIMA), 2013 IEEE International Multi-Disciplinary Conference on, pp. 212-219, IEEE, 2013.
  5. A. Kott, C. Wang, and R. F. Erbacher, Cyber defense and situational awareness. Springer, 2014.
  6. S. Musman, A. Temin, M. Tanner, D. Fox, and B. Pridemore, "Evaluating the impact of cyber attacks on missions," International Conference on Cyber Warfare and Security, p. 446, Academic Conferences International Limited, 2010.
  7. D. W. Franzen, "A bayesian decision model for battle damage assessment," tech. rep., DTIC Document, 1999.
  8. J. G. Diehl and C. E. Sloan, "Battle damage assessment: The ground truth," tech. rep., DTIC Document, 2005.
  9. L. Fortson and M. Grimaila, "Development of a defensive cyber damage assessment framework," ICIW, p. 69, 2007.
  10. Yong-Bok Lee, Yong-Heup Kim and Jae-Yeong Lee, "A proposal of new MOE to assess the combat power synergistic effect of warfare information system," Korean Operations Research and Management Science Society 2008 Fall Conference, pp. 104-112, Oct. 2008.