• Title/Summary/Keyword: Cyber Course of Action

Search Result 2, Processing Time 0.016 seconds

Research on System Architecture and Methodology based on MITRE ATT&CK for Experiment Analysis on Cyber Warfare Simulation

  • Ahn, Myung Kil;Lee, Jung-Ryun
    • Journal of the Korea Society of Computer and Information
    • /
    • v.25 no.8
    • /
    • pp.31-37
    • /
    • 2020
  • In this paper, we propose a system architecture and methodology based on cyber kill chain and MITRE ATT&CK for experiment analysis on cyber warfare simulation. Threat analysis is possible by applying various attacks that have actually occurred with continuous updates to reflect newly emerging attacks. In terms of cyber attack and defense, the current system(AS-IS) and the new system(TO-BE) are analyzed for effectiveness and quantitative results are presented. It can be used to establish proactive cyber COA(Course of Action) strategy, and also for strategic decision making. Through a case study, we presented the usability of the system architecture and methodology proposed in this paper. The proposed method will contribute to strengthening cyber warfare capabilities by increasing the level of technology for cyber warfare experiments.

A Study on Cyber Operational Elements Classification and COA Evaluation Method for Cyber Command & Control Decision Making Support (사이버 지휘통제 의사결정 지원을 위한 사이버 작전요소 분류 및 방책 평가 방안 연구)

  • Lee, Dong-hwan;Yoon, Suk-joon;Kim, Kook-jin;Oh, Haeng-rok;Han, In-sung;Shin, Dong-kyoo
    • Journal of Internet Computing and Services
    • /
    • v.22 no.6
    • /
    • pp.99-113
    • /
    • 2021
  • In these days, as cyberspace has been recognized as the fifth battlefield area following the land, sea, air, and space, attention has been focused on activities that view cyberspace as an operational and mission domain in earnest. Also, in the 21st century, cyber operations based on cyberspace are being developed as a 4th generation warfare method. In such an environment, the success of the operation is determined by the commander's decision. Therefore, in order to increase the rationality and objectivity of such decision-making, it is necessary to systematically establish and select a course of action (COA). In this study, COA is established by using the method of classifying operational elements necessary for cyber operation, and it is intended to suggest a direction for quantitative evaluation of COA. To this end, we propose a method of composing the COES (Cyber Operational Elements Set), which becomes the COA of operation, and classifying the cyber operational elements identified in the target development process based on the 5W1H Method. In addition, by applying the proposed classification method to the cyber operation elements used in the STUXNET attack case, the COES is formed to establish the attack COAs. Finally, after prioritizing the established COA, quantitative evaluation of the policy was performed to select the optimal COA.