Processing Model and Classification of Cybercognitive Attacks: Based on Cognitive Psychology

Abstract

Cybercognitive attacks, as witnessed in large and small wars and events along with the recent Russia-Ukraine war, are no longer traditional cyber operations, but are increasingly attacking the psychological weaknesses of targeted members of society and target organizations. Therefore, it is timely to systematically analyse and model cybercognitive attacks. Various definitions and case analyses of cybercognitive attacks are currently being actively conducted, but studies on clear classification and processing models of cybercognitive attacks are almost absent. Accordingly, this paper analyzed cases of cybercognitive attacks. The types derived through case analysis were divided into four categories, and cybercognitive attacks were classified and defined. On such basis, a processing model for cybercognitive attacks was designed, and furthermore, cybercognitive attack layers were classified and presented from the attacker and defender's perspective. The corresponding model and layer presented in this paper model both the countermeasures that can be used to perform cyber operations and the psychological mechanisms hidden in each response process. Specifically, a psychology-based cybercognitive attack processing model was designed to achieve goals by inducing behaviour from collecting information for system managers to inducing response/cognitive processing/decision making/compensation. As such, this paper focused on clarifying the definition of cybercognitive attacks and establishing performance procedures, which are only used as actions using deception by presenting cybercognitive attacks scientifically and logically using psychology descriptions. With that, this paper is expected to serve as the ground for cybercognitive kill chain research that can defend against further cyberattacks using cognitive vulnerabilities.