Cyber-Resilience Evaluation Methods Focusing on Response Time to Cyber Infringement-Reference-Cited by-同舟云学术

Cyber-Resilience Evaluation Methods Focusing on Response Time to Cyber Infringement

Published:2023-09-07 Issue:18 Volume:15 Page:13404
ISSN:2071-1050
Container-title:Sustainability
language:en
Short-container-title:Sustainability

Author:

Choi Se-Ho¹,Youn Jaepil¹^ORCID,Kim Kookjin¹²^ORCID,Lee Seongkee³,Kwon Oh-Jin⁴^ORCID,Shin Dongkyoo¹²^ORCID

Affiliation:

1. Department of Computer Engineering, Sejong University, Seoul 05006, Republic of Korea

2. Department of Convergence Engineering for Intelligent Drones, Sejong University, Seoul 05006, Republic of Korea

3. R.O.K Agency for Defense Development, Seoul 05771, Republic of Korea

4. Department of Electronics Engineering, Sejong University, Seoul 05006, Republic of Korea

Abstract

Though multilevel, in-depth information protection systems are employed to defend against unknown cyber threats, vulnerabilities in these systems are frequently exploited by cyberattacks. As a result, it becomes challenging to comprehensively counter these attacks within a constrained time frame. When a cyberattack is detected, immediate measures are necessary to prevent widespread damage and maintain the system’s regular functioning. Possessing sustainable cyber-resilience capabilities, which can promptly restore the system to its pre-attack state, is crucial. In this paper, a cyber-defense activity optimization procedure is introduced, drawing on the failure recovery time of the information system, aiming to enhance both the response and recovery phases of cyber resilience. Through training, the response time for various types of cyberattack was determined. Notably, a decrease in response time by 17.8% compared to the baseline was observed. By optimizing response times and integrating them with sustainable cyber-resilience assessment activities, a robust framework is presented for evaluating an organization’s overall cyber-defense stance. Research on the cyber combat capability index, dissecting the response time for each distinct cyber-defense activity, is planned for future endeavors.

Funder

National Research Foundation of Korea

Publisher

MDPI AG

Subject

Management, Monitoring, Policy and Law,Renewable Energy, Sustainability and the Environment,Geography, Planning and Development,Building and Construction

Link

https://www.mdpi.com/2071-1050/15/18/13404/pdf

Reference28 articles.

1. Government of the Republic of Korea (2019). National Cyber Security Master Plan, Government of the Republic of Korea.

2. Kim, K.H. (2017). Overview of Information Security Management System Certification System and Development Direction, Korea Internet & Security Agency. Available online: https://m.blog.naver.com/ntower/221003396724.

3. Ryu, J.G. (2018). Respond to Cyber Security Incidents That You Don’t Know When Not If, IDG Summary, International Data Group KOREA. Available online: https://www.itworld.co.kr/techlibrary/111004.

4. Frank, D., and Phil, G. (2020). IDC White Paper, IDC.

5. Segovia, M., Rubio-Hernan, J., Cavalli, A.R., and Garcia-Alfaro, J. (2023). Cyber-Resilience Approaches for Cyber-Physical Systems. arXiv.