Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.5.951

Priority Assessment of Cyber Threat Indicators  

Lee, Ro-woon (School of Cybersecurity, Korea University)
Kwon, Hun-yeong (School of Cybersecurity, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.5, 2021 , pp. 951-958 More about this Journal
Abstract
With the growing cyber threat to information assets, it has become important to share threat information quickly. This paper examines the sharing of cyber threat information and presents a method to determine the importance of threat indicators in the information sharing market by calculating weights. The analysis was conducted using AHP techniques, with a pairwise comparison of the four factors(attacker & infected system indicators, role indicators, malicious file indicators, technique & spread indicators) and the details of each factor. Analysis shows that malicious file indicators are the most important among the higher evaluation factors and infected system IP, C&C and Smishing are the most important factors in comparison between detailed items. These findings could be used to measure the preference of consumers and the contribution of information provider for facilitating information sharing.
Keywords
Cybersecurity Information; Information Sharing; Priority Analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Korea Internet & Security Agency, "Threat information and security trend collector survey results," KISA cyber security issue report Q4 2020, Korea Internet & Security Agency, pp. 38-44, Dec. 2020.
2 A. Rutkowski, "Public international law of the international telecommunication instruments: cyber security treaty provisions since 1850," info, vol. 13 no. 1, pp. 13-31, Jan 2011.   DOI
3 L.A. Gordon, M.P. Loeb, and W. Lucyshyn. "Sharing information on computer systems security: An economic analysis," Journal of Accounting and Public Policy, vol. 22, no. 6, pp. 461-485, Dec. 2003.   DOI
4 M.D. Cavelty, Cyber-security and threat politics: US efforts to secure the information age, Routledge, Nov. 2009.
5 Ha-young Kim and Tae-sung Kim, "Factors to affect sharing cyber threat information in South Korea," Review of KIISC, 27(5), pp. 1167-1188, Oct. 2017.
6 T.L. Saaty, "Transport planning with multiple criteria: The analytic hierarchy process applications and progress review," Journal of Advanced Transportaion, vol. 29, no. 1, pp. 81-126, Apr. 1995.   DOI
7 Jin-kyu Kang and Byung-chan Min, Theory and practice of AHP, Inter-Vision, Oct. 2008.
8 Yong-sung Park, Decision Making by AHP, Kyowoo, Aug. 2009.
9 T.L. Saaty and K.P. Keams, Analytical Planning: The Organization of Systems. Pergamon Press, Inc., New York, p.32, Oct. 1985.
10 Sung-rok Kang, Mi-nam Moon, Kyu-yong Shin and Jong-kwan Lee, "A study on priority analysis of evaluation factors for cyber threats using open source intelligence (OSINT)," Convergence security journal, 20(1), pp. 49-57, Mar. 2020.
11 Byung-gil Min, Woo-geun Ahn, and Jung-taek Seo. "Vulnerability assessment by cybersecurity threat changes," Review of KIISC, 24(1), pp. 7-12, Feb. 2014.
12 W. Yoram, and T.L. Saaty. "Marketing applications of the analytic hierarchy process." Management Science, vol. 26, no. 7, pp. 641-658. Jul. 1980.   DOI
13 Hee-jung Cho, "3.4 DDoS attacks and network security," 31-9735032-0006 28-14, National Assembly Research Service, Mar. 2011.
14 Bodnara, "Cyber Threat Alliance (CTA), establishing official non-profit corporation, adding new members, and appointing the first new representative," https://www.bodnara.co.kr/bbs/article.html?num=138671, 2017. 02. 23.
15 Young-moon Kim and Su-won Chae, "The application of the analytical Hierarchy Process (AHP) to the travel destination choice," Journal of Tourism Sciences, 20(1), pp. 63-81, Jan. 1996.
16 Ae-chan Kim and Dong-Hoon Lee, "A study on the priorities of requirements for establishing effective cyber threat information sharing system," Review of KIISC, 26(1), pp. 61-67, Feb. 2016.
17 C. Johnson, L. Badger , D. Waltermire, J. Snyder and C. Skorupka, "Guide to cyber threat information sharing," NIST SP 800-150, National Institute of Standards and Technology, Oct. 2016.
18 Yu-mi Ko, Jae-won Choi and Beom-soo Kim, "Protecting individuals from secondary privacy loss using breached personal data information center," Review of KIISC, 22(2), pp. 391-400, Apr. 2012.
19 K. Hausken. "Information sharing among firms and cyber attacks," Journal of Accounting and Public Policy, vol 26, no. 6, pp. 639-688, Oct. 2007.   DOI
20 Ji-baek Park, Byung-hwan Choi and Hak-su Cho, "Measures to enable sharing of cyber threat information," The Journal of Korean Institute of Communication Sciences, 35(7), pp. 41-48, Jun. 2018.
21 KISA Internet Bohonara & KrCERT, "Cyber Threat Information Analysis Sharing (C-TAS) System," https://www.boho.or.kr/webprotect/ctas.do, 2021. 06. 13.
22 Korea Financial Telecommunications & Clearings Institute, "Korea Financial Information Sharing and Analysis Center," http://www.kftc.or.kr/kftc/business/EgovIsacInfo.do, 2021. 06. 13.
23 Jung-mihn Ahn, "Issues presented by cybersecurity information sharing act 2015," Yonsei Law Review, 28(4), pp. 259-282, Dec. 2018.   DOI
24 ITworld, "Spreading ransomware, serviceability is the main reason," http://www.itworld.co.kr/news/102463, 2016. 12. 07.
25 Joint Task Force Transformation Initiative Interagency Working Group, "Guide for conducting risk assessments," NIST SP 800-30 Rev. 1, National Institute of Standards and Technology, Sep. 2012.