Browse > Article
http://dx.doi.org/10.13089/JKIISC.2018.28.4.905

A Study on the Cyber Weapons Classification System  

Lee, Yongseok (KOREA University)
Kwon, Hunyeong (KOREA University)
Choi, Jeongmin (SOGANG University)
Lim, Jongin (KOREA University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.28, no.4, 2018 , pp. 905-917 More about this Journal
Abstract
The sovereign state has the right to engage in self-defense or war with the approval of the Security Council when it receives an invasion of territory from a foreign country. War is conducted under the principle of the necessity and proportionality of self-defense. In case of cyber attack, proportional countermeasure must be made through attack means and effect analysis, and cyber weapons need to be classified for this purpose. Therefore, this study aims to provide a rational and legitimate response according to the necessity and proportionality of the self - defense right by suggesting definition and classification criteria of cyber weapons. In this study, cyber weapons were defined as "means of collecting, attacking, and protecting information using cyber technology in the cyber space according to military objectives. Based on existing weapon systems and public cyber weapons cases, cyber weapons were classified as (1) cyber weapons for information gathering, (2) cyber weapons for attack, and (3) cyber weapons for protection. We suggest the considerations for applying the proportional response according to this functional classification. In order to guarantee the principle of proportionality to cyber attacks in the future, the classification study based on the cyber weapon effect should be conducted. This study has conducted an exploratory study on the classification of cyber clusters which constitutes one axis of the proportionality principle.
Keywords
Cyber weapons; Cyber weapons classification; Kind of Cyber weapons;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Lee, Ho-Gyun, Jong-In Lim, and Kyung-Ho Lee (2016), "A Study on the Comparison of Core Technologies and Characteristics of Defense Cyber Weapons System and Conventional Weapon System,", Journal of Korea Institute of Information Security and Cryptology, 26(4), pp. 985-994   DOI
2 Seo, Dong-il et al., "Current status and prospect of security technologies for interim version,", Journal of Korea Institute of Information Security 21(6), pp. 42-45, Oct. 2011.
3 DAMO-AV, "US Army calls for units to discontinue use of DJI equipment", Aug. 2017.
4 Chosun Ilbo, "North Korea's hacking technology, the world's highest level ... Get rid of computer data that is not connected to the Internet,", Feb.12.2018. http://biz.chosun.com/site/data/html_dir/2018/02/22/2018022200344.html, Feb.22.2014.
5 KISA, "Internet & Security weekly," Korea Internet & Security Agency, p. 6, Dec. 2013.
6 Joint FM 3-24, "Joint Cyber Operation," the characteristics of cyber weapons system are classified into non-formation, ease of development, speed and destructiveness, broadness, and non-killing. pp. 4-5 to 4-6
7 MND, Seoul, 2016, Article 14 (Classification of Weapon System) Refer to MND Ord No. 1975, Nov. 2016.
8 Law No. 14182 ('16. 5.29.) See Article 3 (Definitions) of the Defense Business Act
9 Ahn Seung-bum et al., "The Korean Armed Forces Yearbook 2016-2017,", The Diffusion Times, Seoul, 2016
10 Presidential Decree No. 27618 ('16.11.29.) See Article 2 of the Enforcement Decree of the Defense Business Act
11 Article 1059 Charter of the UN (entered into force on Sep 18,1991), see Article 51
12 Michael N. Schmidt, Tallinn Manual, Institute of Electronics and Telecom Research Institute, Translated, Written and Thought, Seoul, pp. 99-101, 2014.
13 Nick Ebner, "Cyber Space, Cyber Attack and Cyber Weapons,", IFSH, p. 2, Oct. 2015.
14 Some argue that cyber space should not be militarized. Dorothy E. Denning, Bradley J. Strawser, & quot; Moral Cyber Weapons & quot ;, Part-II-CH-6, Oct. 24, Reference
15 Kenneth Anderson, "Why the Hurry to Regulate the Auto Weapon System? But Not Cyber - Weapons?," Temple Int. l & Comp. L.J. 2016.
16 Cyber attack procedure: Information gathering (Vulnerability identification) - System / network intrusion (ID, PW acquisition) - Obtain administrator authority (Check system internal vulnerability) - Delete attack trail and install backdoor Version Introduction, Hongleung Science Publishing Co. Seoul, pp. 34-35, 2012.
17 Thomas Rid & Peter McBurney, Cyber weapon, The RUSI journal, vol 157, pp. 6-13, Feb. 2012.
18 DoD, "Cyberspace Policy Report", p. 2, Nov. 2011
19 Refer to the MND Ord No. 1862 (Dec 30,2015), "Defense Cyber Security Directive," MND, Seoul, 2015, Attached Table 1
20 Joint FM 3-24, "Joint Cyber Operation", JCS, Seoul, 2016, Appendix 1 (Definitions of Terms)
21 The characteristics of the interim version are (1) low investment cost (2) propaganda (3) difficult to identify the subject (4) unilateral attack is possible (5) defense is always post-war (6) 24-hour exhibition system ⑦ damage assessment is difficult. Son Yeongdong, "Endless War of 0 and 1", Informer Books, Seoul, pp. 154-156, 2013.
22 Michael N. Schmidt, "Tallinn Manual", Institute of Electronics and Telecom Research Institute, Translated, Written and Thought, Seoul, pp. 89-98, 2014.
23 Lee, Yong-seok, "Application of Cyber Army to Rep. of Korea Armed Forces based on German Federal Cyber Forces establishment and implementation", The Quarterly Journal of Defense Policy studies. 33(1), Apr. 2017
24 On Jan 16, 1991, after the desert storm command, the EC-130H electronic electricity neutralized the Iraqi network and the war began, and the war ended at a time when Iraq could not carry out the proper defense operations. http://ko.wikipedia.org/wiki/%EA%B1%B8%ED%94%84_%EC%AO%84%EC%9F%81, Wikipedia, Gulf War, Nov. 2017.
25 Cyber Kill Chain Step 7: (1) Reconnaissance (find out the name of the company's employees, identify key business contacts, and send malicious code to email/attached) (Establishing a database of pdf files that are thought to be infected) (3) Forwarding (sending malware via email or an infected USB drive) (4) Taking (finding zeroday vulnerability) (5) Installing (6) Command and control (7) Execution. Sein Harris, Translated by Jin Seon Mi, "Invisible War @ War", Yangmun, Seoul, 2015.
26 Kim, In-Soo, "Evaluation and Prospect of NK's Interoperability,", Unification Policy Research 24(1), Seoul, pp. 117-119, Jun. 2015.
27 Refer to the Ministry of National Defense Ordinance No. 2114 (Dec. 2017), the Defense Power Generation Directive, Article 14 (Weapon System Classification), and Refer to Attachment 2 (Detailed classification of weapon systems)
28 Um Jung Ho et al., "Introduction to Sai Version,", Hongleung Science Publishers, Seoul,
29 Park, Sangseo et al., "Perspectives of Major Countries on Cyber Warfare,", Journal of Korea Institute of Information Security 14(6), pp. 70-74, Dec. 2004.
30 Lee, Ho-Gyun, "Development Trends and Development Trends between National Defense Version", Defense and Technology(422), Apr. 2014.