论文信息 - Scenario Design and Validation for Next Generation Cyber Ranges

Scenario Design and Validation for Next Generation Cyber Ranges

Cyber Ranges are (virtual) infrastructures for the execution of cyber exercises of the highest quality that simulate cyber scenarios of real-world complexity. Building the computing infrastructure is only the first step towards the successful execution of the cyber exercises. The design, validation, and deployment of scenarios are costly and error-prone activities that may require specialized personnel for weeks or even months. Furthermore, a misconfiguration in the resulting scenario can spoil the entire cyber exercise. In this paper, we propose a framework for automating the (i) design, (ii) model validation, (iii) generation and (iv) testing of cyber scenarios. We introduce a Scenario Definition Language (SDL) based on the OASIS Topology and Orchestration Specification for Cloud Applications (TOSCA). SDL allows for the high level, declarative specification of the components and their interplay. We show that SDL specifications can be encoded into Datalog and that this allows for the automatic checking of the resulting model against a set of validation goals. If the check fails, then a design modification process is triggered. Otherwise, the validated scenario can be automatically deployed on the cyber range. The validation proof is then automatically converted into test cases whose successful execution gives evidence that also the deployed scenario meets the validation goals.

[1] Suku Nair,et al. A Predictive Framework for Cyber Security Analytics using Attack Graphs , 2015, ArXiv.

[2] Bertram Ludäscher,et al. Declarative Datalog Debugging for Mere Mortals , 2012, Datalog.

[3] Letizia Tanca,et al. What you Always Wanted to Know About Datalog (And Never Dared to Ask) , 1989, IEEE Trans. Knowl. Data Eng..

[4] Andrew W. Appel,et al. MulVAL: A Logic-based Network Security Analyzer , 2005, USENIX Security Symposium.

[5] Jan Vykopal,et al. Lessons learned from complex hands-on defence exercises in a cyber range , 2017, 2017 IEEE Frontiers in Education Conference (FIE).

[6] Thomas Shaw,et al. Security Scenario Generator (SecGen): A Framework for Generating Randomly Vulnerable Rich-scenario VMs for Learning Computer Security and Hosting CTF Events , 2017, ASE @ USENIX Security Symposium.

[7] Kashif Kifayat,et al. Cyber Security Teaching and Learning Laboratories: A Survey , 2016 .

[8] Yasuo Tan,et al. Cybersecurity Education and Training Support System: CyRIS , 2018, IEICE Trans. Inf. Syst..

[9] Elisabetta Di Nitto,et al. DevOps: Introducing Infrastructure-as-Code , 2017, 2017 IEEE/ACM 39th International Conference on Software Engineering Companion (ICSE-C).

[10] Jens Mache,et al. Teaching Cybersecurity Analysis Skills in the Cloud , 2015, SIGCSE.

[11] Jan Vykopal,et al. KYPO Cyber Range: Design and Use Cases , 2017, ICSOFT.

[12] P. Mell,et al. SP 800-145. The NIST Definition of Cloud Computing , 2011 .