Journal of the Korea Institute of Military Science and Technology (한국군사과학기술학회지)

The Korea Institute of Military Science and Technology (한국군사과학기술학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Command and Control Through Cyber Protection Function Analysis

사이버 방호기능 분석을 통한 지휘통제에 관한 연구

  • Choi, Seho (Department of Computer and Information Security, Sejong University) ;
  • Oh, Haengrok (The 2nd Research and Development Institute, Agency for Defense Development) ;
  • Yun, Joobeom (Department of Computer and Information Security, Sejong University)
  • 최세호 (세종대학교 정보보호학과) ;
  • 오행록 (국방과학연구소 제2기술연구본부) ;
  • 윤주범 (세종대학교 정보보호학과)
  • Received : 2021.04.16
  • Accepted : 2021.08.20
  • Published : 2021.10.05
Download PDF
⟨ Previous Next ⟩

Abstract

Cyber threats can bypass existing cyber-protection systems and are rapidly developing by exploiting new technologies such as artificial intelligence. In order to respond to such cyber threats, it is important to improve the ability to detect unknown cyber threats by correlating heterogeneous cyber protection systems. In this paper, to enhance cyber-attack response capabilities, we proposed command and control that enables rapid decision-making and response before the attack objectives are achieved, using Lockheed Martin's cyber kill chain and MITRE ATT&CK to analyze the purpose and intention of the attacker.

Keywords

References

  1. Government of the Republic of Korea, National Cyber Security Master Plan, p. 2, September, 2019.
  2. Seho Choi et al, "A study on Defense Indicators for Evaluation of Defense Cyber Response System," 2019 KIMST an Academic Conference for Estimating, pp. 646-647, November, 2019.
  3. Kevin Daimi, "Computer and Network Security Essentials," Springer International Publishing, pp. 585-602, 2018.
  4. Eric M. Hutchins et al, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains," Proc. 6th ICIW 11 Academic Conferences, Ltd., pp. 113-125, 2010.
  5. U.S. Joint Chief of Staff. Information Operation Doctrine(JP3-13), November, 2012.
  6. The MITRE Corporation, "MITRE ATT&CK," Accessed Match 21, 2021. https://attack.mitre.org.
  7. Blake E. Storm, Andy Appleaum, Doug P. Miler, Kathryn C. Nickels, Adam G. Pennington, Cody B. Thomas, "MITRE ATT&CKTM : Design and Philosophy," MITRE Corporation, June, 2018.
  8. The MITRE Corporation, "MITRE ATT&CK," Accessed Match 30, 2021. https://attack.mitre.org/resources/updates/.
  9. Jea-woo Yoo, Dae-woo Park, "Cyber Kill Chain Strategy for Hitting Attacker Origin," Jornal of the Korea Institute of Information and Communication Engineering, Vol. 21, No 11, November, 2019.
  10. Lee, Sun-Jae et al, "A Study on the Analysis and Enhancement for Cyber Security," The Korea Association For Industrial Security, Vol. 9, No. 1, pp. 69-91, June, 2019.
  11. Korea Information Security Industry Association, 2019, "Survey for Information Security Industry in Korea," Korea Information Security Industry Association, 9th Floor, 135, Jungdae-ro, Songpa-gu, Seoul, Republic of Korea, pp. 14, 149-158.
  12. Republic of Korea Ministry of National Defense, 2019, "2019 - 2033 Defense Informatization Basic Plan," Republic of Korea Ministry of National Defense, 22, Itaewon-ro, Yongsan-gu, Seoul, Republic of Korea, pp. 84-88.