Creating and Managing Realism in the Next-Generation Cyber Range
There are numerous potential digital range arrangements and situations that a very much outlined range can achieve. We have experienced several use cases, and we acknowledged that every last mechanism requires distinctive human components, scale, and assault and safeguard standards. What you will likewise discover is that these things devour a lot of HR and set-up, readiness, and examination time, which compare to time and cash. These standards may make you oblige your activities to the point that they get to be distinctly lumbering and do not yield the outcomes that you need. You can without much of a stretch get overpowered with these essential variables to the disservice of your activities, consequently lessening your adequacy and precluding your benefits from having the capacity to prepare as they battle genuinely. This paper presents real-world attack-defence scenarios for cybersecurity training.
KeywordsAttack-defence Cybersecurity training Cyber range Architecture Technology development assessment
The research presented in this paper is supported by the projects: ROBIN (PNIII-P1-1.2-PCCDI-2017-0734), NETIO TEL-MONAER, ForestMon, SANTO (53/05.09.2016, SMIS2014+ 105976), and SPERO (PN-III-P2-2.1-SOL-2016-030046, 3Sol/2017). We would like to thank the reviewers for their time and expertise, constructive comments and valuable insight.
- 1.Branlat, M., Morison, A., Woods, D.: Challenges in Managing Uncertainty During Cyber Events: Lessons from the Staged-World Study Of A Large-Scale Adversarial Cyber Security Exercise. The Ohio State University (2011)Google Scholar
- 2.Brangetto, P., Caliskan, E., Roigas, H.: Cyber Red Teaming. NATO Cooperative Cyber Defence Centre of Excellence CCDCOE (2015)Google Scholar
- 3.ENISA - European Network and Information Security Agency. Good Practice Guide on National Exercises (2009)Google Scholar
- 4.Chen, J., Zhang, W., Urvoy-Keller, G.: Traffic profiling for modern enterprise networks: a case study. In: 2014 IEEE 20th International Workshop (2014)Google Scholar
- 5.Conklin, A., White, B.: E-government and cyber security: the role of cyber security exercises. In: 39th Hawaii International Conference on Systems Sciences (2006)Google Scholar
- 6.He, W., et al.: A game theoretical attack-defense model oriented to network security risk assessment. In: Computer Science and Software Engineering (2008)Google Scholar
- 7.Abrams, M., Weiss, J.: Malicious Control System Cyber Security Attack Case Study–Maroochy Water Services, Australia. The MITRE Corporation, McLean, VA (2008)Google Scholar
- 8.Andersson, G., et al.: Cyber-security of SCADA systems. In: Innovative Smart Grid Technologies (ISGT), 2012 IEEE PES. IEEE (2012)Google Scholar
- 9.Department of Homeland Security. (n.d.). Cyber Storm: securing cyber space. (DHS). http://www.dhs.gov/cyber-storm-securing-cyberspace. Accessed 6 June 2014
- 10.Eller, R.: Black Hat Japan 2004 - capture the flag games/ measuring skill with hacking contests, 15 October 2004. http://www.blackhat.com/presentations/bh-asia-04/bh-jp-04-pdfs/bh-jp-04-eller/bh-jp-04-eller.pdf
- 11.Ferrara, E.: Determine the business value of an effective security program - information security economics 101. Forrester Research (2002)Google Scholar
- 12.Catalin, N., Pop, F., Cristea, V., Bessis, N., Li, J.: Energy efficient cloud storage service: key issues and challenges. In: 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies (EIDWT), pp. 763–766. IEEE (2013)Google Scholar