Browse > Article
http://dx.doi.org/10.9708/jksci.2020.25.08.031

Research on System Architecture and Methodology based on MITRE ATT&CK for Experiment Analysis on Cyber Warfare Simulation  

Ahn, Myung Kil (School of Electrical and Electronics Engineering, Chung-Ang University)
Lee, Jung-Ryun (School of Electrical and Electronics Engineering, Chung-Ang University)
Abstract
In this paper, we propose a system architecture and methodology based on cyber kill chain and MITRE ATT&CK for experiment analysis on cyber warfare simulation. Threat analysis is possible by applying various attacks that have actually occurred with continuous updates to reflect newly emerging attacks. In terms of cyber attack and defense, the current system(AS-IS) and the new system(TO-BE) are analyzed for effectiveness and quantitative results are presented. It can be used to establish proactive cyber COA(Course of Action) strategy, and also for strategic decision making. Through a case study, we presented the usability of the system architecture and methodology proposed in this paper. The proposed method will contribute to strengthening cyber warfare capabilities by increasing the level of technology for cyber warfare experiments.
Keywords
Cyber Warfare Simulation; Cyber Modeling&Simulation; Cyber Course of Action; System Risk Analysis; Cyber Attack Modeling;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 I. Kotenko, A. Chechulin, "A Cyber Attack Modeling and Impact Assessment Framework", Proceedings of the 5th International Conference on Cyber Conflict 2013 (CyCon 2013), pp.119-142, Tallinn, Estonia, July 2013.
2 Jajodia, S., Noel, S., Kalapa, P., Albanese, M., Williams, J., "Cauldron: Mission-Centric Cyber Situational Awareness with Defense in Depth", MILCOM 2011 Military Communications Conference, Baltimore, USA, Nov. 2011, DOI:10.1109/MILCOM.2011.6127490.
3 H. Al-Mohannadi, Q. Mirza, A. Namanya, I. Awan, A. Cullen, J. Disso, "Cyber-attack modeling analysis techniques: An overview", 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp.69-76, Vienna, Austria, Aug. 2016, DOI:10.1109/W-FiCloud.2016.29
4 AttackIQ, Available at https://attackiq.com/
5 SafeBreach, Available at https://safebreach.com/
6 Gartner Research, "Gartner's Top 10 Strategic Technology Trends for 2017", October 2016.
7 Ryu Young ki, "Systematic Analysis technique for Determining ROCs", Kongju University Doctoral Thesis, 2011.
8 Symantec, "2019 Internet Security Threat Report", Volume 24, February 2019.
9 AhnLab, "ASEC REPORT", Vol.98, 2020.
10 S. Hassell, P. Beraud, A. Cruz, G. Ganga, S. Martin, J. Toennies, P. Vazquez, G. Wright, D. Gomez, F. Pietryka, N. Srivastava, T. Hester, D. Hyde, and B. Mastropietro, "Evaluating network cyber resiliency methods using cyber threat, vulnerability and defense modeling and simulation,", 2012 IEEE Military Communications Conference, pp.1-6, Orlando, FL, USA, Oct. 2012, DOI: 10.1109/MILCOM.2012.6415565.
11 MITRE, ATT&CK, Available at https://attack.mitre.org.
12 Myung Kil Ahn, and Yong Hyun Kim, "Research on System Architecture and Simulation Environment for Cyber Warrior Training", Journal of The Korea Institute of Information Security & Cryptology, VOL.26, NO.2, pp. 533-540, Apr. 2016, DOI:10.13089/JKIISC.2016.26.2.533.   DOI
13 United States. Joint Chiefs of Staff, "Joint Tactics, Techniques, and Procedures for Joint Intelligence Preparation of the Battlespace", JP 2-01.3, 2000.
14 E. M. Hutchins, M. J. Cloppert, and R. M. Amin, "Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains", Leading Issues in Information Warfare & Security Research, vol. 1, p. 80, 2011.
15 Jungyun Kwon, Soomin Han, Sangyun Choe, Hanil Jeong, "A Study on Developing Performance Evaluation System Using Delphi Technique and Analytic Hierarchy Process", Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology, Vol.6, No.9, pp. 99-110, September 2016, DOI:10.14257/AJMAHS.2016.09.40
16 MITRE, CVE, Available at http://cve.mitre.org/
17 ECSIRT, IODEF/IDMEF Solutions, Available at http://www.ecsirt.net/service/products.html