IEEE Access (Jan 2022)

Study on Prioritization of Actions by Classifying and Quantifying Cyber Operational Elements Using 5W1H Method

  • Kookjin Kim,
  • Sukjoon Yoon,
  • Donghwan Lee,
  • Jisoo Jang,
  • Haengrok Oh,
  • Dongkyoo Shin

DOI
https://doi.org/10.1109/ACCESS.2022.3190530
Journal volume & issue
Vol. 10
pp. 74765 – 74778

Abstract

Read online

When approaching a target point in cyberspace, it is difficult to address complexities such as network vulnerability, accessibility, time efficiency, and concealment. Therefore, there is a need for techniques to classify, automate, and optimize various operational elements belonging to the three layers of cyberspace necessary for approach. If the policy-making technique used by the military is applied, optimization can be used for the quantification and determination of the best decision-making process to approach the objective. Thus, in this study, cyber operations elements will be classified according to the 5W1H method for cyber-attack and defense training. Then, we propose the way of establishing course of action (COA) through quantifying and evaluating each category of 5W1H and prioritizing it. The effectiveness was analyzed by applying the extracted COA to a famous cyber-attack case, and the factors that had the greatest influence could be extracted. This study helps cyberattack teams build the best cyber operations COAs when conducting cyber-attack and defense training.

Keywords