Browse > Article
http://dx.doi.org/10.7472/jksii.2021.22.6.99

A Study on Cyber Operational Elements Classification and COA Evaluation Method for Cyber Command & Control Decision Making Support  

Lee, Dong-hwan (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Yoon, Suk-joon (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Kim, Kook-jin (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Oh, Haeng-rok (Agency for Defense Development)
Han, In-sung (Agency for Defense Development)
Shin, Dong-kyoo (Dept. of Computer Engineering and Convergence Engineering for Intelligent Drone, Sejong Univ)
Publication Information
Journal of Internet Computing and Services / v.22, no.6, 2021 , pp. 99-113 More about this Journal
Abstract
In these days, as cyberspace has been recognized as the fifth battlefield area following the land, sea, air, and space, attention has been focused on activities that view cyberspace as an operational and mission domain in earnest. Also, in the 21st century, cyber operations based on cyberspace are being developed as a 4th generation warfare method. In such an environment, the success of the operation is determined by the commander's decision. Therefore, in order to increase the rationality and objectivity of such decision-making, it is necessary to systematically establish and select a course of action (COA). In this study, COA is established by using the method of classifying operational elements necessary for cyber operation, and it is intended to suggest a direction for quantitative evaluation of COA. To this end, we propose a method of composing the COES (Cyber Operational Elements Set), which becomes the COA of operation, and classifying the cyber operational elements identified in the target development process based on the 5W1H Method. In addition, by applying the proposed classification method to the cyber operation elements used in the STUXNET attack case, the COES is formed to establish the attack COAs. Finally, after prioritizing the established COA, quantitative evaluation of the policy was performed to select the optimal COA.
Keywords
Cyberspace; Cyber Operation; Course Of Action; Operational elements; 5W1H Method;
Citations & Related Records
연도 인용수 순위
  • Reference
1 K. Muhammer, et al. Cyber operation planning and operational design. Cyber-Security and Digital Forensics, 2016, pp. 21-29.
2 Joint Chiefs of Staff, Joint Publication 3-0 Joint Operation, pp. II-5, October 2018,. https://www.jcs.mil/Portals/36/Documents/Doctrine/pubs/jp3_0ch1.pdf
3 Joint Chiefs of Staff, Joint Publication 5-0 Joint Planning, December, 2020. https://www.jcs.mil/Portals/36/Documents/Doctrine/pubs/jp5_0.pdf
4 G. Mark A., M. Horta. "Cyber joint munitions effectiveness manual (JMEM)," American Intelligence Journal, 31.1: 73-81, 2013. https://www.researchgate.net/publication/281543466_Cyber_joint_munitions_effectiveness_manual_JMEM
5 D. Morris R. "Weaponeering: conventional weapon system effectiveness. Reston, VA: American Institute of Aeronautics and Astronautics", American, 2004.
6 Symantec, "W32.Stuxnet Dossier version 1.3 시만텍 스턱스넷 상세 분석 보고서", Nov, 2010.
7 IBM Security, "스턱스넷(Stuxnet) 상세 분석 보고서," 6 Dec, 2010.
8 Joint Chiefs of Staff, "Joint Publication 3-12 Cyberspace Operation", pp. II-3, June, 2018.
9 E. Byres, A. Jinter, J. Langill. How Stuxnet spreads-A study of infection paths in best practice systems. Tofino Security, white paper, 2011.
10 U.S Army, Field Manual 3-12 Cyberspace and Electronic Warfare Operations, April 2017. https://irp.fas.org/doddir/army/fm3-12.pdf
11 Joint Chiefs of Staff, "Joint Publication 3-60 Joint Targeting," June, 2020.
12 M. S. Barik, A. Sengupta, and C. Mazumdar, ''Attack graph generation and analysis techniques,'' Defence Sci. J., vol. 66, p. 559, Nov. 2016. https://core.ac.uk/download/pdf/333722844.pdf   DOI
13 M. Geoff, et al. Stuxnet 0.5: The missing link. Symantec Report 26, 2013.