Browse > Article
http://dx.doi.org/10.7472/jksii.2021.22.6.115

A research on cyber target importance ranking using PageRank algorithm  

Kim, Kook-jin (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Oh, Seung-hwan (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Lee, Dong-hwan (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Oh, Haeng-rok (Agency for Defense Development)
Lee, Jung-sik (Agency for Defense Development)
Shin, Dong-kyoo (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Publication Information
Journal of Internet Computing and Services / v.22, no.6, 2021 , pp. 115-127 More about this Journal
Abstract
With the development of science and technology around the world, the realm of cyberspace, following land, sea, air, and space, is also recognized as a battlefield area. Accordingly, it is necessary to design and establish various elements such as definitions, systems, procedures, and plans for not only physical operations in land, sea, air, and space but also cyber operations in cyberspace. In this research, the importance of cyber targets that can be considered when prioritizing the list of cyber targets selected through intermediate target development in the target development and prioritization stage of targeting processing of cyber operations was selected as a factor to be considered. We propose a method to calculate the score for the cyber target and use it as a part of the cyber target prioritization score. Accordingly, in the cyber target prioritization process, the cyber target importance category is set, and the cyber target importance concept and reference item are derived. We propose a TIR (Target Importance Rank) algorithm that synthesizes parameters such as Event Prioritization Framework based on PageRank algorithm for score calculation and synthesis for each derived standard item. And, by constructing the Stuxnet case-based network topology and scenario data, a cyber target importance score is derived with the proposed algorithm, and the cyber target is prioritized to verify the proposed algorithm.
Keywords
Cyber Operation; Cyber Target; Cyber Security; PageRank Algorithm;
Citations & Related Records
연도 인용수 순위
  • Reference
1 합동참모본부, "합동교범 2-0 합동정보", 2010.
2 K. Scarfone and P. Mell, "An analysis of CVSS version 2 vulnerability scoring", Proc. 3rd Int. Symp. Empirical Softw. Eng. Meas., 2009.
3 A. Kim, M. H. Kang, J. Z. Luo and A. Velasquez, "A Framework for Event Prioritization in Cyber Network Defense", Tech. Rep., Jul. 2014.
4 K. Yoon and C. Hwang, Multiple Attribute Decision Making: An Introduction, CA, Newbury Park:Sage, 1995.
5 N. Falliere, L. O. Murchu and E. Chien, "W32. stuxnet dossier", White Paper Symantec Corp. Secur. Response, vol. 5, no. 6, pp. 29, 2011.
6 Nguyen, Hoang Hai, Kartik Palani, and David M. Nicol, "An approach to incorporating uncertainty in network security analysis", Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp, 2017.
7 G. Franz, "Effective Synchronization and Integration of Effects Through Cyberspace for the Joint Warfighter", United States Cyber Command, pp. 14-16, 14 AUG 2012.
8 The Joint Staff, "Joint Publication (JP) 3-12, Cyberspace Operation", Washington, DC, June 2018.
9 문재인 대통령, "국가 사이버안보 전략", 청와대 국가안보실, pp.2, 2019.
10 합동참모본부, "합동교범 3-24 합동사이버작전", 2016.
11 Department of the army, "FM 3-12 Cyberspace and Electromagnetic Warfare", Washington, DC, August 2021.
12 합동참모본부, "합동교범 3-8 합동화력운용", 2016.
13 엄정호, "사이버공간에서 효율적인 정보활용을 위한 사이버 정보순환 및 융합체계 제안", 보안 공학연구논문지 제 11권 제 4호, pp.320, 2014.
14 이수진, "미래 지상군의 사이버작전 개념발전방안", 한국전략문제연구소 전투발전, 2014.
15 S. Brin and L. Page, "The Anatomy of a Large-Scale Hypertextual Web Search Engine", Proc. Seventh World Wide Web Conf., pp. 107-117, 1998.
16 Ki Hoon Kim, Jung ho Eom, "Modeling of Cyber Target Selection for Effective Acquisition of Cyber Weapon Systems", International Journal of Security and Its Applications, vol.10, no.11, pp.293-302, 2016.   DOI
17 Joint Chiefs of Staff, "CJCSI 3370.01B, Target Development Standards", May, 2016.
18 Joint Chiefs of Staff, "Joint Publication 3-60 Joint Targeting", June, 2020.
19 L. Page, S. Brin, R. Motwani and T. Winograd, "The pagerank citation ranking: Bringing order to the web", Tech. Rep., 1998.
20 R. E. Sawilla and X. Ou, "Identifying critical attack assets in dependency attack graphs", 13th European Symposium on Research in Computer Security (ESORICS), vol. 5283, pp. 18-34, 2008.
21 IBM Security, "스턱스넷(Stuxnet) 상세 분석 보고서", 6 Dec, 2010.