Browse > Article
http://dx.doi.org/10.14400/JDC.2017.15.6.51

Sharing the Cyber Threat Intelligence on Cyber Crises: The Appropriate Role of the National Intelligence Agency  

Kim, Daegeon (Center for Information Security Technologies, Korea University)
Baek, Seungsoo (Center for Information Security Technologies, Korea University)
Yoo, Donghee (Dept. of Management Information Systems, Gyeongsang National University)
Publication Information
Journal of Digital Convergence / v.15, no.6, 2017 , pp. 51-59 More about this Journal
Abstract
The role of government is to defend its lands and people from enemies. The range of that defense has now extended into the cyber domain, regarded as the fourth domain of the conventional defense domains (i.e., land, sea, sky, and universe). Traditionally, a government's intelligence power overrides that of its civilians, and government is exclusively responsible for defense. However, it is difficult for government to take the initiative to defend in the cyber domain because civilians already have a greater means for collecting information, which is known as being "intelligence inverse" in the cyber domain. To this end, we first define the intelligence inverse phenomenon and then analyze its main features. Then we investigate foreign countries' efforts to overcome the phenomenon and look at the current domestic situation. Based on these results, we describe the appropriate role of the National Intelligence Agency to handle cyber threats and offer a cyber threat intelligence model to share with civilians to help protect against these threats. Using the proposed model, we propose that the National Intelligence Agency should establish a base system that will respond to cyber threats more effectively.
Keywords
Cyber threat intelligence; Cyber intelligence; Intelligence inverse; Cyber threat; National intelligence agency;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Congress.gov, H.R.234 - Cyber Intelligence Sharing and Protection Act, 114th Congress, 2015, https://www.congress.gov/bill/114th-congress/house-bill/234
2 Congress.gov, S.754 - Cybersecurity Information Sharing Act of 2015, 114th Congress, 2015. https://www.congress.gov/bill/114th-congress/senatebill/754
3 C. Johnson, L. Badger, D. Waltermire, J. Snyder, and C. Skorupka, "Guide to cyber threat information sharing," Technical report, NIST, 2016.
4 Information-Technology Promotion Agency, Initiative for cyber security information sharing partnership of Japan (J-CSIP), Annual Activity Report FY2012, https://www.ipa.go.jp/files/0000 32417.pdf
5 NATO Cooperative Cyber Defence Centre of Excellence, https://ccdcoe.org/
6 European Union Agency for Network and Information Security, https://www.enisa.europa.eu/
7 National Assembly, National Cyber Security Management Act, 2005.
8 Korea Communications Commission, Compre-hensive National Cyber Crisis Plan, 2009.
9 Ministry of Science, ICT and Future Planning, Comprehensive National Cyber Security Plan, 2013.
10 National Assembly, Legislative Bill for Cyber Threat Intelligence Sharing, 2015.
11 National Assembly, Korea Ministry of Government Legislation, Legislative Bill for National Cyber Terror Prevention, 2016.
12 National Assembly, Legislative Notice: AFundamental Law for the National Cyber Security, 2016.
13 J. Kim, "National information security agenda and policies," Journal of Digital Convergence, Vol. 10, No. 1, pp. 105-111, 2012.
14 K. Lee, "Analysis of Threats Factor in IT Convergence Security," Journal of the Korea Convergence Society, Vol. 1, No. 1, pp. 49-55, 2010.
15 O. S. Saydjari, "Cyber Defense: Art to Science," Communications of the ACM, Vol. 47, No. 3, pp. 53-57, 2004.
16 H. Lee, O. Na, S. Sung, and H. Chang, "A Design on Security Governance Framework for Industry Convergence Environment," Journal of the Korea Convergence Society, Vol. 6, No. 4, pp. 33-40, 2015.   DOI
17 H. Rha and H. Chung, "A Theoretical Comparative Study of Human Resource Security Based on Korean and Int'l Information Security Management Systems," Journal of Convergence for Information Technology, Vol. 6, No. 3, pp. 13-19, 2016.   DOI
18 M. Gu and Y. Li, "A Study of Countermeasures for Advanced Persistent Threats attacks by malicious code," Journal of Convergence for Information Technology, Vol. 5, No. 4, pp. 37-42, 2015.   DOI
19 D. T. Kuehl, "From cyberspace to cyberpower: Defining the problem," In F. Kramer, S. Starr, & L. K. Wentz (Eds.), Cyberpower and national security, pp. 24-42, Washington, DC: National Defense University Press, 2009.
20 K. Lee, "Cyber security strategies for world and security policy direction for Korea - focused on U.S.A.," ICT & Media Policy, Vol. 23, No. 16, pp. 1-27, 2011.
21 T. Ring, "Threat intelligence: why people don't share," Computer Fraud and Security, Vol. 2014, No. 3, pp. 5-9, 2014.   DOI
22 R. McMillan, "Definition: Threat intelligence," Gartner, 2013, https://www.gartner.com/doc/2487216/definition-threat-intelligence
23 Joint Chief of Staff, Joint Publication 2-0, Joint Intelligence, US DoD, 2013, http://www.dtic.mil/doctrine/new_pubs/jp2_0.pdf
24 P. Duvenage and S. Solms, "Putting Counterintelligence in Cyber Counterintelligence: Back to the Future," In proceedings of 13th European Conference on Cyber Warfare and Security, Piraeus, Greece, July, 2014.
25 J. Verble, "The NSA and Edward Snowden: surveillance in the 21st century," ACM SIGCAS Computers and Society, Vol. 44, No. 3, pp. 14-20, 2014.   DOI
26 National Security Agency, XKeyscore: NSA tool collects 'nearly everything a user does on the internet', 2008, https://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data
27 National Security Agency, Peeling back the layers of Tor with EgotisticalGiraffe, 2007, https://www.theguardian.com/world/interactive/2013/oct/04/egotistical-giraffe-nsa-tor-document