Asset Details
Do you wish to reserve the book?
Research on Cyber ISR Visualization Method Based on BGP Archive Data through Hacking Case Analysis of North Korean Cyber-Attack Groups
Hey, we have placed the reservation for you!
By the way, why not check out events that you can attend while you pick your title.
Oops! Something went wrong.
Looks like we were not able to place the reservation. Kindly try again later.
Are you sure you want to remove the book from the shelf?
Research on Cyber ISR Visualization Method Based on BGP Archive Data through Hacking Case Analysis of North Korean Cyber-Attack Groups
Do you wish to request the book?
Research on Cyber ISR Visualization Method Based on BGP Archive Data through Hacking Case Analysis of North Korean Cyber-Attack Groups
Please be aware that the book you have requested cannot be checked out. If you would like to checkout this book, you can reserve another copy
We have requested the book for you!
Your request is successful and it will be processed during the Library working hours. Please check the status of your request in My Requests.
Oops! Something went wrong.
Looks like we were not able to place your request. Kindly try again later.
Journal Article
Research on Cyber ISR Visualization Method Based on BGP Archive Data through Hacking Case Analysis of North Korean Cyber-Attack Groups
2022
Overview
North Korean cyber-attack groups such as Kimsuky, Lazarus, Andariel, and Venus 121 continue to attempt spear-phishing APT attacks that exploit social issues, including COVID-19. Thus, along with the worldwide pandemic of COVID-19, related threats also persist in cyberspace. In January 2022, a hacking attack, presumed to be Kimsuky, a North Korean cyber-attack group, intending to steal research data related to COVID-19. The problem is that the activities of cyber-attack groups are continuously increasing, and it is difficult to accurately identify cyber-attack groups and attack origins only with limited analysis information. To solve this problem, it is necessary to expand the scope of data analysis by using BGP archive data. It is necessary to combine infrastructure and network information to draw correlations and to be able to classify infrastructure by attack group very accurately. Network-based infrastructure analysis is required in the fragmentary host area, such as malware or system logs. This paper studied cyber ISR and BGP and a case study of cyber ISR visualization for situational awareness, hacking trends of North Korean cyber-attack groups, and cyber-attack tracking. Through related research, we estimated the origin of the attack by analyzing hacking cases through cyber intelligence-based profiling techniques and correlation analysis using BGP archive data. Based on the analysis results, we propose an implementation of the cyber ISR visualization method based on BGP archive data. Future research will include a connection with research on a cyber command-and-control system, a study on the cyber battlefield area, cyber ISR, and a traceback visualization model for the origin of the attack. The final R&D goal is to develop an AI-based cyber-attack group automatic identification and attack-origin tracking platform by analyzing cyber-attack behavior and infrastructure lifecycle.
