[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.9717/kmms.2017.20.2.279

Business Process Reengineering of an Information Exchange Management System for a Nationwide Cyber Threat Intelligence

Pramadi, Yogha Restu (School of Electrical Engineering and Informatics, Institute of Technology Bandung)
Rosmansyah, Yousep (School of Electrical Engineering and Informatics, Institute of Technology Bandung)
Kim, Myonghee (Dept. of IT Convergence and Application Engineering, PuKyong Nat. Univ.)
Park, Man-Gon (Dept. of IT Convergence and Application Engineering, PuKyong Nat. Univ.)

Publication Information

Journal of Korea Multimedia Society / v.20, no.2, 2017 , pp. 279-288 More about this Journal

Abstract

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidence-based knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

Keywords

Cyber Threat Intelligence; Information Exchange Management; Business Process Modeling; IDEF0;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	A.K. Sood and R.J. Enbody, "Targeted Cyberattacks: A Superset of Advanced Persistent Threats," IEEE Security and Privacy, Vol. 11, No. 1, pp. 54-61, 2013.
2	Advanced Persistent Threats: A Decade in Review, Technical Report of Command Five Pty Ltd, 2011.
3	K. Geers, D. Kindlund, N. Moran, and R. Rachwald, World War C: Understanding Nation-State Motives behind Today's Advanced Cyber Attacks, Technical Report of FireEye, 2014.
4	D. Kushner, "The Real Story of Stuxnet," IEEE Spectrum, Vol. 50, No. 3, pp. 48-53, 2013. DOI
5	B. Schneier, Phishing Has Gotten Very Good, https://www.schneier.com/blog/archives/2013/03/phishing_has_go.html (accessed Nov., 15, 2016).
6	R.L. Trope and S.J. Humes, "By Executive Order: Delivery of Cyber Intelligence Imparts Cyber Responsibilities," IEEE Security and Privacy, Vol. 11, No. 2, pp. 63-67, 2013. DOI
7	Y.R. Pramadi, Y. Rosmansyah, and M.G. Park, "A Study on Cyber Threat Intelligence Information Exchange System," Proceedings of the 5th Japan-Korea Joint Workshop on Complex Communication Sciences, pp. 156-159, 2016.
8	B.E. Grooms, Joint Intelligence Preparation of the Operational Environment, Joint Intelligence Organizations, USA, pp. 1-285, 2009.
9	IEEE Standard for Functional Modeling Language-Syntax and Semantics for IDEF0, IEEE Standard 13201-1998, 1998.
10	Information Systems Audit and Control Association, COBIT 5: A Business Framework for the Governance and Management of Enterprise IT, Rolling Meadows, IL 60008, USA, 2012.
11	C. Johnson, L. Badger, and D.C. Waltermire, NIST Special Publication 800-150, Guide to Cyber Threat Information Sharing (Draft) , National Institute of Standards and Technology, 2014.
12	C.S. Johnson, M.L. Badger, D.A. Waltermire, J. Snyder, and C. Skorupka, Guide to Cyber Threat Information Sharing, National Institute of Standards and Technology, NIST-SP 800-150, 2016.
13	A. Liska, Building an Intelligence-led Security Program, Elsevier, Waltham, 2014.
14	H. Dalziel, E. Olson, and J. Carnall, How to Define and Build an Effective Cyber Threat Intelligence Capability, Syngress, Waltham, 2015.
15	A. Kornmaier and F. Jaouen, "Beyond Technical Data-A More Comprehensive Situational Awareness Fed by Available Intelligence Information," Proceedings of 2014 6th International Conference on Cyber Conflict, pp. 139-154, 2014.
16	K. Giles and W. Hagestad II, "Divided by a Common Language: Cyber Definitions in Chinese, Russian, and English," Proceedings of 2013 5th International Conference on Cyber Conflict, pp.1-17, 2013.
17	S.Y. Kim, M.H. Kim, and M.G. Park, "A Study on the Information Security Control and Management Process in Mobile Banking Systems," Journal of Korea Multimedia Society, Vol. 18, No. 2, pp. 218-232, 2015. DOI