Browse > Article
http://dx.doi.org/10.33778/kcsa.2020.20.1.049

A Study on Priority Analysis of Evaluation Factors for Cyber Threats using Open Source Intelligence (OSINT)  

Kang, Sungrok (육군사관학교 심리경영학과)
Moon, Minam (육군사관학교 수학과)
Shin, Kyuyong (육군사관학교 컴퓨터학과)
Lee, Jongkwan (육군사관학교 컴퓨터학과)
Publication Information
Convergence Security Journal / v.20, no.1, 2020 , pp. 49-57 More about this Journal
Abstract
It is no exaggeration to say that we live with cyber threats every day. Nevertheless, it is difficult for us to obtain objective information about cyber threats and attacks because it is difficult to clearly identify the attacker, the purpose of attack, and the range of damage, and rely on information from a single source. In the preceding research of this study, we proposed the new approach for establishing Database (DB) for cyber attacks using Open Source Intelligence(OSINT). In this research, we present the evaluation factors for cyber threats among cyber attack DB and analyze the priority of those factors in oder to quantify cyber threats. We select the purpose of attack, attack category, target, ease of attack, attack persistence, frequency of OSINT DB, and factors of the lower layer for each factor as the evaluation factors for cyber threats. After selection, the priority of each factor is analyzed using the Analytic Hierarchy Process(AHP).
Keywords
Open Source Intelligence; OSINT; Cyber Threats; AHP;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Kuyoung Shin, Jinchel Yoo, Changhee Han, et al., "A study on building a cyber attack database using Open Source Intelligence(OSINT)", Convergence Security Journal 19(2), pp. 113-133, 2019.
2 N. Polatidis, E. Pimenidis, M. Pavlidis, S. Papastergiou, and H. Mouratidis,"From product recommendation to cyber-attack prediction: generating attack graphs and predicting future attacks," Evolving Systems, 2018.
3 K. Huang, C. Zhou, Y. C. Tian, S. Yang, and Y. Qin, "Assessing the physical impact of cyberattacks on industrial cyber-physical systems", IEEE Transactions on Industrial Electronics, 2018.
4 Torres, J.M.; Comesaña, C.I.; García-Nieto, P.J. "Machine learning techniques applied to cyber security", Int. J. Mach. Learn. Cybern. 2019
5 M. Husak and J. Kaspar, "owards Predicting Cyber Attacks Using Information Exchange and Data Mining," in 2018 14th International Wireless Communications Mobile Computing Conference (IWCMC), 2018.
6 A. A. Ahmed and N. A. K. Zaman, "Attack intention recognition: A review," IJ Network Security, 2017.
7 M. Abdlhamed, K. Kifayat, Q. Shi, and W. Hurst, "Intrusion Prediction Systems". Cham: Springer International Publishing, 2017.
8 Y.-B. Leau and S. Manickam, "Network Security Situation Prediction: A Review and Discussion". Springer Berlin Heidelberg, 2015.
9 Eyungchul Cho, "A System for National Intelligence Activity Based on All Kinds of OSINT(Open Source INTelligence) on the Internet", Journal of Information and Security, Vol. 3, No. 2, pp. 41-55, June 2003.
10 Nasrin Badie and Habibi Lashkari, "A new evaluation criteria for effective security awareness in computer risk management based on AHP", Journal of Basic and Applied Scientific research, Vol. 2, No. 9, pp. 9931-9947, 2012.
11 Lawrence D. Bodin, Lawrence A. Gordon and Martin P. Loeb, "Information Security and Risk Management", Communications of the ACM, Vol. 51, No. 4, pp. 64-68, 2008.   DOI
12 木下栄蔵and 大屋隆生. "전략적 의사결정기법 AHP(역자 권재현), 도서출판 청람, 2012.
13 Saaty T. L., "The Analytic Hierarchy Process", New York, USA : McGraw-Hill, 1980.
14 권박현, 고길곤, 송지영, 신경식. "예비타당성조사 수행을 위한 다기준분석 방안 연구", 한국개발연구원, 2000.