The remarkable development of the Internet has made our lives very convenient, such as through the ability to instantaneously transmit individual pictures. As a result, cyber-attacks are also being developed and increasing, and the computer/mobile devices we use can become infected with viruses in an instant. Rapid cyber situational awareness is essential to prepare for such cyber-attacks. Accelerating cyber situational awareness requires Cyber Common Operational Pictures, which integrate and contextualize numerous data streams and data points. Therefore, we propose a Cyber Common Operational Pictures framework and criteria for rapid cyber situation awareness. First, the system reaction speed based on the user’s request and the standard for easily recognizing the object shown on the screen are presented. Second, standards and frameworks for five types of visualization screens that can directly recognize and respond to cyber-attacks are presented. Third, we show how a system was constructed based on the proposed framework, as well as the results of an experiment on the response time of each visualization screen. As a result of the experiment, the response speed of the 5 visualization screens was about 0.11 s on average for inquiry (simple) and 1.07 s on average for inquiry (complex). This is consistent with the typical response times of the studies investigated in this paper. If CyCOP is developed in compliance with the framework items (UI, object symbol, object size, response speed) presented in this paper, rapid situational awareness is possible. This research can be used in cyber-attack and defense training in the military field. In the private sector, it can be used in cyber and network control.
The best way to approach a target point in cyberspace has often been challenged solving complexity such as network weakness, accessibility, time efficiency, and concealment. Therefore, there is a need for techniques to classify, automate, and optimize various operational elements belonging to the three layers of cyberspace necessary for approach. If the policy-making technique used by the military is applied, optimization can be used for the quantification and determination of the best decision-making process to approach the objective. Thus, in this study, cyber operations elements will be classified according to the 5W1H method for cyber-attack and defense training. Then, we propose the way of establishing course of action (COA) through quantifying and evaluating each category of 5W1H and prioritizing it. The effectiveness was analyzed by applying the extracted COA to a famous cyber-attack case, and the factors that had the greatest influence could be extracted. This purpose of this study is to be helpful in establishing the best cyber operational COA when conducting cyber-attack and defense training. INDEX TERMSCyber warfare, Cyberspace, Cyber operation, Course of action, 5W1H method I. INTRODUCTION JCOPP(Joint Cyber Operational Planning Process) 2. Mission Analysis 3. COA Development 4. COA Analysis 5.
As operations previously undertaken only in physical space in the past have changed to operations that include cyberspace, it is crucial to define the concept of ''cyber missions'' clearly. In this study, ''cyber mission'' refers to any military operation or process that utilizes cyber systems to perform actions in accordance with orders delivered to them. Because a weapon system that utilizes a cyber system executes actions based on the commands transmitted to the cyber system, it is necessary to analyze how attacks from cyberspace affects such a weapon system. To this end, it would be meaningful to analyze the tools used to analyze the mission impact of physical weapon systems linked to cyber-attacks. The US military's Joint Munitions Effectiveness Manual (JMEM), which contains the results of analyzing the effects of weapon systems, does not include analysis results for the effects of weapon systems on cyber-attacks. In this study, based on the analysis of the effectiveness of physical warfare, the damage to cyber assets was quantified and associated to calculate the cyber index for the analysis of operational efficiency. In connection with JMEM, the results of combat in cyberspace and the effects of physical operations were compared and analyzed to propose a framework to judge the impact of missions, and the performance was tested. To verify the effectiveness of the proposed framework, domestic and foreign operational scenarios were analyzed and designed, assets were defined, and experiments were conducted. These experiments showed that a greater decrease in the cyber mission effect value was related to a greater effect on physical operations. This framework could be used in a variety of operations to predict the physical impact of a cyber-attack and will help determine the next step in an operation.INDEX TERMS Cyber warfare, cyberspace, cyber operation, cyber weapon system, mission impact analysis.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.