Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Cyber kill chain strategy for hitting attacker origin

공격 원점 타격을 위한 사이버 킬체인 전략

  • Yoo, Jae-won (Department of Convergence Technology, Hoseo Graduate School of Venture) ;
  • Park, Dea-woo (Department of Convergence Technology, Hoseo Graduate School of Venture)
  • Received : 2017.10.27
  • Accepted : 2017.11.04
  • Published : 2017.11.30
Download PDF
⟨ Previous Next ⟩

Abstract

The development of modern ICT technology constitutes cyber world by using infrastructure in country and society. There is no border in cyber world. Countries around the world are carrying out cyber attacks for their own benefit. A cyber killer strategy is needed to defend cyber attacks. In order to defend the cyber attack or to determine the responsibility of attack, it is important to grasp the attacker origin point. Strategic cyber kill chains are needed to strike against the attacker origin. In this paper, we study the analysis of attacker origin. And analyze the cyber kill chain for attacker origin point strike. Study the efficient and customized cyber kill chain strategy for attacking the origin point. The cyber kill chain strategy will be a practical strategy to replace the power of nuclear and missiles with asymmetric power.

현대 ICT 기술의 발달은, 국가와 사회에 인프라를 이용하여 사이버 세계를 구성하고 있다. 사이버 세계에서는 국경이 없다. 세계 각국들은 자국의 이익을 목적으로, 사이버 공격을 수행하고 있다. 사이버 공격을 방어하기 위해서는 사이버 킬체인 전략이 필요하다. 사이버 공격을 방어하거나, 공격책임을 판단하기 위해서는, 공격 원점지의 파악이 중요하다. 공격 원점지에 대한 타격을 하기 위해서는, 전략적인 사이버 킬체인이 필요하다. 본 논문에서는 공격 원점지를 분석하는 연구를 한다. 그리고 공격 원점지 타격을 위한 사이버 킬체인을 분석한다. 공격 원점지 타격을 위한 효율적이고 맞춤형 사이버 킬체인 전략을 연구한다. 사이버 킬체인 전략은 비대칭 전력으로, 핵과 미사일의 위력을 대치할 수 있는 실용적인 전략이 될 것이다.

Keywords

References

  1. J. W. Kim, "Interpretation of the ROK-U.S. Alliance and PSI," Journal of the Korea Institute of Information and Communication Engineering, vol. 16, no. 5, pp. 1102-1112, May 2012. https://doi.org/10.6109/jkiice.2012.16.5.1102
  2. Edward H. S. Lo and T. Andrew Au, "Improving the Kill Chain for Prosecution of TimeSensitive Targets." in Computer and Information Science, ch. 5, p. 95, Jan. 2010.
  3. U. K. Yang, Kill-Chain [Internet]. Available: http://terms.naver.com/entry.nhn?docId=3576761&cid=59087&categoryId=59087.
  4. F2T2EA Process Diagram, Available : http://rtf-ebooks.com/_/_/538584/the-evolution-of-time-sensitive-targetingoperation-iraqi-freedom-results-and-lessons-desert-storm-enduring-freedom-centcom-definitions-future-trends-adversary-focus-on-asymmetric-operations.
  5. Y. S. Kim, "Kilchen((Kill-Chain) and Korean missile defense system(KAMD) : Feasibility Assessment," New Asia, vol.20, no.4, pp. 112-136, Dec. 2013.
  6. S. Korean military speeds up development of Kill Chain and other response capabilities [Internet]. Available: http://english.hani.co.kr/arti/english_edition/e_northkorea/790847.html.
  7. E. M. Hutchins, M. J. Cloppert, R. M. Amin, "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains", Lockheed Martin, Technical Report, 2014.
  8. Verdasys Kill Chain [Internet]. Available: https://www.vivit-germany.org/pdf/2013/vortraege/Application-Security-von-SAP-bis-DLP-die-Sicherung-von-Applikationen-mittels-HP-ArcSight_tcm_144_1428973.pdf.
  9. "The NTT Group 2016 GlobalThreat Intelligence Report," NTT Security, Technical Report, 2016
  10. Defense Strategies for Advanced Threats- White Paper: Mapping the SANS 20 Critical Security Controls to the Cyber Kill Chain, NTT Security [Internet]. Available: https://www.solutionary.com/resource-center/white-papers/advanced-threat-protection/.
  11. "Critical Security Controls for Effective Cyber Defense Version 6.1," The Center for Internet Security, Technical Report, 2016.
  12. K. J. Kim, "Cyber Defense Development Plan Based on Cyber Kill Chain," Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, vol. 7, no.1. pp.277-285, Jan. 2017.
  13. Y. H. Kim, "Cyber Kill Chain Strategy for Offensive and Integrated Cyber Operations," Journal of Security Engineering , vol. 13, no. 5. pp.325-340, Oct. 2016. https://doi.org/10.14257/jse.2016.10.01
  14. J. W. Yoo, D. W. Park, "A Study of TCP LINK based Real-Time Secure Communication Research in the Ocean," Conference of The Korea Institute of Information and Communication Engineering, vol. 18, no. 1, pp.250-253, May 2015.
  15. J. W. Yoo, D. W. Park, "Cyber kill chain strategy for hitting attacker origin," Conference of The Korea Institute of Information and Communication Engineering, vol.21, no.2. pp.158, Oct. 2017.