• Title/Summary/Keyword: Cyber Intelligence Preparation of the Battlefield

Search Result 3, Processing Time 0.016 seconds

Research on Cyber IPB Visualization Method based on BGP Archive Data for Cyber Situation Awareness

  • Youn, Jaepil;Oh, Haengrok;Kang, Jiwon;Shin, Dongkyoo
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.2
    • /
    • pp.749-766
    • /
    • 2021
  • Cyber powers around the world are conducting cyber information-gathering activities in cyberspace, a global domain within the Internet-based information environment. Accordingly, it is imperative to obtain the latest information through the cyber intelligence preparation of the battlefield (IPB) process to prepare for future cyber operations. Research utilizing the cyber battlefield visualization method for effective cyber IPB and situation awareness aims to minimize uncertainty in the cyber battlefield and enable command control and determination by commanders. This paper designed architecture by classifying cyberspace into a physical, logical network layer and cyber persona layer to visualize the cyber battlefield using BGP archive data, which is comprised of BGP connection information data of routers around the world. To implement the architecture, BGP archive data was analyzed and pre-processed, and cyberspace was implemented in the form of a Di-Graph. Information products that can be obtained through visualization were classified for each layer of the cyberspace, and a visualization method was proposed for performing cyber IPB. Through this, we analyzed actual North Korea's BGP and OSINT data to implement North Korea's cyber battlefield centered on the Internet network in the form of a prototype. In the future, we will implement a prototype architecture based on Elastic Stack.

State-of-the-Art in Cyber Situational Awareness: A Comprehensive Review and Analysis

  • Kookjin Kim;Jaepil Youn;Hansung Kim;Dongil Shin;Dongkyoo Shin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.18 no.5
    • /
    • pp.1273-1300
    • /
    • 2024
  • In the complex virtual environment of cyberspace, comprised of digital and communication networks, ensuring the security of information is being recognized as an ongoing challenge. The importance of 'Cyber Situation Awareness (CSA)' is being emphasized in response to this. CSA is understood as a vital capability to identify, understand, and respond to various cyber threats and is positioned at the heart of cyber security strategies from a defensive perspective. Critical industries such as finance, healthcare, manufacturing, telecommunications, transportation, and energy can be subjected to not just economic and societal losses from cyber threats but, in severe cases, national losses. Consequently, the importance of CSA is being accentuated and research activities are being vigorously undertaken. A systematic five-step approach to CSA is introduced against this backdrop, and a deep analysis of recent research trends, techniques, challenges, and future directions since 2019 is provided. The approach encompasses current situation and identification awareness, the impact of attacks and vulnerability assessment, the evolution of situations and tracking of actor behaviors, root cause and forensic analysis, and future scenarios and threat predictions. Through this survey, readers will be deepened in their understanding of the fundamental importance and practical applications of CSA, and their insights into research and applications in this field will be enhanced. This survey is expected to serve as a useful guide and reference for researchers and experts particularly interested in CSA research and applications.

A Study on the Direction of Cyber Forces Development in the Korean military through Changes in Germany's Cyber Warfare Response Policy (독일의 사이버전 대응 정책변화를 통해 본 한국군 사이버전력 발전 방안에 관한 연구)

  • Sangjun Park;Taesan Kim;Jee-won Kim;Chan-gi Jung
    • Convergence Security Journal
    • /
    • v.21 no.4
    • /
    • pp.59-68
    • /
    • 2021
  • The Future Battlefield includes the main areas of modern warfare, including the ground, sea, and air, as well as cyberspace and space. Cyberspace consists of computers, wired and wireless networks, and spans the ground, sea, air, and space domains. Cyber warfare takes place in cyberspace, so it is not easy for people without expertise in cyber to recognize the cyber situation. Therefore, training personnel with professional knowledge and skills in cyber is paramount in preparation for cyber warfare. In particular, the results of cyber warfare will vary greatly depending on the ability of cyber combatants to carry it out, the performance of cyber systems, and the proficiency of cyber warfare procedures. The South Korean military has power to respond to cyber warfare at various levels, centering on the Cyber Operations Command, but there is a limit to defending all the rapidly expanding cyberspace. In this paper, to overcome these limitations, we looked at the changes in Germany's cyber warfare response policy. Based on them, the organization structure, weapon system, and education and training system of future Korean military cyber forces are presented separately.