융합보안논문지 (Convergence Security Journal)

  • 제23권4호
  • /
  • Pages.71-80
  • /
  • 2023
  • /
  • 1598-7329(pISSN)
  • /
  • 2508-7460(eISSN)
한국융합보안학회 (Korea convergence Security Association)
권호 표지
DOI QR코드

DOI QR Code

공세적 사이버 작전을 위한 사이버 킬체인 모델 연구

Research on Cyber Kill Chain Models for Offensive Cyber Operations

  • 조성배 (아주대학교/국방디지털융합학과) ;
  • 김완주 (아주대학교/국방디지털융합학과) ;
  • 임재성 (아주대학교/국방디지털융합학과)
  • 투고 : 2023.09.15
  • 심사 : 2023.10.15
  • 발행 : 2023.10.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

사이버공간은 지상, 해상, 공중, 우주에 이어 다섯 번째 새로운 전쟁 공간으로 자리매김하였고, 군사작전 측면에서도 사이버공간이 핵심적인 공격과 방어 목표가 되고 있다. 세계 각국은 이러한 사이버공간에 대한 공세적 사이버 작전 수행의지를 보인다. 본 논문에서는 기존의 방어적 전략인 사이버 킬체인 모델에 합동 항공임무명령서(ATO)의 임무수행주기와 합동표적처리 절차를 융합한 공세적 개념의 사이버 킬체인 모델을 제안한다. 제안한 모델은 사이버 작전의 합동성 측면에서 물리 작전과 사이버 작전의 통합을 통해 전략적 차원의 국가 사이버 작전 역량 개선에 기여할 것으로 기대한다.

Cyberspace has emerged as the fifth domain of warfare, alongside land, sea, air, and space. It has become a crucial focus for offensive and defensive military operations. Governments worldwide have demonstrated their intent to engage in offensive cyber operations within this domain. This paper proposes an innovative offensive cyber kill chain model that integrates the existing defensive strategy, the cyber kill chain model, with the joint air tasking order (ATO) mission execution cycle and joint target processing procedure. By combining physical and cyber operations within a joint framework, this model aims to enhance national cyber operations capabilities at a strategic level. The integration of these elements seeks to address the evolving challenges in cyberspace and contribute to more effective jointness in conducting cyber operations.

키워드

참고문헌

  1. International Institute for Strategic Studies, "Cyber capabilities and national power - A net assessment," IISS, 2021. [Online]. Available: https://www.iiss.org/globalassets/media-library---content--migration/files/research-papers/cyber-power-report/cyber-capabilities-and-nationalpower---a-net-assessment-___pdf. (accessed Aug. 4, 2021).
  2. JP 3-12, Cyberspace Operations, 8 June 2018.
  3. Martin L. Cyber kill chain. URL: http://cyber.lockheedmartin.com/hubfs/Gaining the AdvantageCyberKillChain.pdf. 2014.
  4. Y. H. Kim and S. Lee, "Cyber Kill Chain Strategy for Offensive and Integrated Cyber Operations," vol. 13, no. 5, pp. 325-340, 2016.
  5. J. Yoo and D. Park, "Cyber kill chain strategy for hitting attacker origin," vol. 21, no. 11, pp. 2199-2205, 2017. https://doi.org/10.6109/JKIICE.2017.21.11.2199
  6. U.S. Joint Chiefs of Staff, DOD Dictionaty of Military and Associated Terms, November 2021.
  7. JP 3-30, Joint Air Operations, 25 July 2019, VR 17 Sept 2021.
  8. 김대건, 차장현, 이종덕, and 백승수, "우크라이나-러시아 전쟁에 나타난 사이버전 양상 분석을 통한 사이버전 용병술 체계 정립 필요성 고찰," vol. 78, no. 2, pp. 1-21, 2022. https://doi.org/10.31066/KJMAS.2022.78.2.001
  9. 이형동, 윤준희, 이덕규, and 신용태, "러시아-우크라이나 전쟁에서의 사이버공격 사례 분석을 통한한국의 대응 방안에 관한 연구," vol. 11, no. 10, p. 10, 2022.
  10. T. H. TeamSymantec, T. H. Team, Symantec, About the AuthorThreat Hunter TeamSymantecThe Threat Hunter Team is a group of security experts within Symantec whose mission is to investigate targeted attacks, and A. the Author, "Ukraine: Disk-wiping attacks precede Russian invasion," Symantec Enterprise Blogs, https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ukraine-wiper-malware-russia (accessed Jul. 7, 2023).
  11. "A year of wiper attacks in Ukraine," Awardwinning news, views, and insight from the ESET security community, https://www.welivesecurity.com/2023/02/24/year-wiper-attacks-ukraine/ (accessed Oct. 12, 2023).
  12. S. Ikeda, "'Anonymous' hacker collective declares Cyber War against Russian government over Ukraine invasion," CPO Magazine, https://www.cpomagazine.com/cyber-security/anonymous-hacker-collective-declares-cyber-war-against-russian-government-over-ukraine-invasion/ (accessed Sep. 4, 2023).
  13. "Mitre ATT&CK®," MITRE ATT& CK®, https://attack.mitre.org/ (accessed Oct. 1, 2022).