DOI QR코드

DOI QR Code

A Study on Priority Analysis of Evaluation Factors for Cyber Threats using Open Source Intelligence (OSINT)

공개출처정보를 활용한 사이버위협 평가요소의 중요도 분석 연구

  • 강성록 (육군사관학교 심리경영학과) ;
  • 문미남 (육군사관학교 수학과) ;
  • 신규용 (육군사관학교 컴퓨터학과) ;
  • 이종관 (육군사관학교 컴퓨터학과)
  • Received : 2020.03.02
  • Accepted : 2020.03.28
  • Published : 2020.03.31

Abstract

It is no exaggeration to say that we live with cyber threats every day. Nevertheless, it is difficult for us to obtain objective information about cyber threats and attacks because it is difficult to clearly identify the attacker, the purpose of attack, and the range of damage, and rely on information from a single source. In the preceding research of this study, we proposed the new approach for establishing Database (DB) for cyber attacks using Open Source Intelligence(OSINT). In this research, we present the evaluation factors for cyber threats among cyber attack DB and analyze the priority of those factors in oder to quantify cyber threats. We select the purpose of attack, attack category, target, ease of attack, attack persistence, frequency of OSINT DB, and factors of the lower layer for each factor as the evaluation factors for cyber threats. After selection, the priority of each factor is analyzed using the Analytic Hierarchy Process(AHP).

우리는 일상생활 가운데 사이버위협에 노출된 채 살아가고 있다. 그럼에도 불구하고 많은 사이버위협 및 공격은 공격자, 공격목적, 피해규모 등을 명확히 식별하기 어렵고, 단일출처의 정보에 의존하게 되어 객관성 있는 정보를 획득하는 것이 제한된다. 이에 본 연구의 선행연구에서는 공개출처정보(Open Source Intelligence, OSINT)를 활용한 사이버공격 데이터베이스(Database, DB)를 구축하기 위한 새로운 방법론을 제시하였다. 본 연구는 사이버 위협을 정량화할 수 있도록 사이버공격 DB 중 사이버 위협 평가요소를 선정하고 그 평가요소에 대한 중요도를 분석하고자 한다. 사이버공격 DB 중 사이버위협의 상대적 중요도에 영향을 미치는 평가요소로 공격목적, 공격범주, 공격대상, 공격 용이성, 공격 지속성, 공개출처정보의 빈도를 선별하고, 각 평가요소들에 대한 하위 계층의 요소들을 선정한 후 각 요소들의 중요도를 계층분석적 의사결정방법(Analytic Hierarchy Process, AHP)을 활용하여 분석하였다.

Keywords

References

  1. Kuyoung Shin, Jinchel Yoo, Changhee Han, et al., "A study on building a cyber attack database using Open Source Intelligence(OSINT)", Convergence Security Journal 19(2), pp. 113-133, 2019.
  2. N. Polatidis, E. Pimenidis, M. Pavlidis, S. Papastergiou, and H. Mouratidis,"From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks," Evolving Systems, 2018.
  3. K. Huang, C. Zhou, Y. C. Tian, S. Yang, and Y. Qin, "Assessing the physical impact of cyberattacks on industrial cyber-physical systems", IEEE Transactions on Industrial Electronics, 2018.
  4. Torres, J.M.; Comesaña, C.I.; García-Nieto, P.J. "Machine learning techniques applied to cyber security", Int. J. Mach. Learn. Cybern. 2019
  5. M. Husak and J. Kaspar, "owards Predicting Cyber Attacks Using Information Exchange and Data Mining," in 2018 14th International Wireless Communications Mobile Computing Conference (IWCMC), 2018.
  6. A. A. Ahmed and N. A. K. Zaman, "Attack intention recognition: A review," IJ Network Security, 2017.
  7. M. Abdlhamed, K. Kifayat, Q. Shi, and W. Hurst, "Intrusion Prediction Systems". Cham: Springer International Publishing, 2017.
  8. Y.-B. Leau and S. Manickam, "Network Security Situation Prediction: A Review and Discussion". Springer Berlin Heidelberg, 2015.
  9. Eyungchul Cho, "A System for National Intelligence Activity Based on All Kinds of OSINT(Open Source INTelligence) on the Internet", Journal of Information and Security, Vol. 3, No. 2, pp. 41-55, June 2003.
  10. Nasrin Badie and Habibi Lashkari, "A new evaluation criteria for effective security awareness in computer risk management based on AHP", Journal of Basic and Applied Scientific research, Vol. 2, No. 9, pp. 9931-9947, 2012.
  11. Lawrence D. Bodin, Lawrence A. Gordon and Martin P. Loeb, "Information Security and Risk Management", Communications of the ACM, Vol. 51, No. 4, pp. 64-68, 2008. https://doi.org/10.1145/1330311.1330325
  12. Saaty T. L., "The Analytic Hierarchy Process", New York, USA : McGraw-Hill, 1980.
  13. 권박현, 고길곤, 송지영, 신경식. "예비타당성조사 수행을 위한 다기준분석 방안 연구", 한국개발연구원, 2000.
  14. 木下栄蔵and 大屋隆生. "전략적 의사결정기법 AHP(역자 권재현), 도서출판 청람, 2012.