Abstract
Cybercognitive attacks, as witnessed in large and small wars and events along with the recent Russia-Ukraine war, are no longer traditional cyber operations, but are increasingly attacking the psychological weaknesses of targeted members of society and target organizations. Therefore, it is timely to systematically analyse and model cybercognitive attacks. Various definitions and case analyses of cybercognitive attacks are currently being actively conducted, but studies on clear classification and processing models of cybercognitive attacks are almost absent. Accordingly, this paper analyzed cases of cybercognitive attacks. The types derived through case analysis were divided into four categories, and cybercognitive attacks were classified and defined. On such basis, a processing model for cybercognitive attacks was designed, and furthermore, cybercognitive attack layers were classified and presented from the attacker and defender's perspective. The corresponding model and layer presented in this paper model both the countermeasures that can be used to perform cyber operations and the psychological mechanisms hidden in each response process. Specifically, a psychology-based cybercognitive attack processing model was designed to achieve goals by inducing behaviour from collecting information for system managers to inducing response/cognitive processing/decision making/compensation. As such, this paper focused on clarifying the definition of cybercognitive attacks and establishing performance procedures, which are only used as actions using deception by presenting cybercognitive attacks scientifically and logically using psychology descriptions. With that, this paper is expected to serve as the ground for cybercognitive kill chain research that can defend against further cyberattacks using cognitive vulnerabilities.
Original language | English |
---|---|
Title of host publication | Proceedings of the 22nd European Conference on Cyber Warfare and Security, ECCWS 2023 |
Editors | Antonios Andreatos, Christos Douligeris |
Publisher | Curran Associates Inc. |
Pages | 248-256 |
Number of pages | 9 |
ISBN (Electronic) | 9781914587702 |
DOIs | |
Publication status | Published - 2023 |
Event | 22nd European Conference on Cyber Warfare and Security, ECCWS 2023 - Athens, Greece Duration: 2023 Jun 22 → 2023 Jun 23 |
Publication series
Name | European Conference on Information Warfare and Security, ECCWS |
---|---|
Volume | 2023-June |
ISSN (Print) | 2048-8602 |
ISSN (Electronic) | 2048-8610 |
Conference
Conference | 22nd European Conference on Cyber Warfare and Security, ECCWS 2023 |
---|---|
Country/Territory | Greece |
City | Athens |
Period | 23/6/22 → 23/6/23 |
Bibliographical note
Publisher Copyright:© 2023 Curran Associates Inc.. All rights reserved.
Keywords
- Cybercognitive attacks
- Cybercognitive hierarchical classification
- Cybercognitive processing model
- Human vulnerabilities
- Psychology
ASJC Scopus subject areas
- Information Systems
- Information Systems and Management
- Safety, Risk, Reliability and Quality