Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
144 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Scalable and automated Evaluation of Blue Team cyber posture in Cyber Ranges (2312.17221v1)

Published 28 Dec 2023 in cs.CR

Abstract: Cyber ranges are virtual training ranges that have emerged as indispensable environments for conducting secure exercises and simulating real or hypothetical scenarios. These complex computational infrastructures enable the simulation of attacks, facilitating the evaluation of defense tools and methodologies and developing novel countermeasures against threats. One of the main challenges of cyber range scalability is the exercise evaluation that often requires the manual intervention of human operators, the White team. This paper proposes a novel approach that uses Blue and Red team reports and well-known databases to automate the evaluation and assessment of the exercise outcomes, overcoming the limitations of existing assessment models. Our proposal encompasses evaluating various aspects and metrics, explicitly emphasizing Blue Teams' actions and strategies and allowing the automated generation of their cyber posture.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (16)
  1. A framework for the evaluation of trainee performance in cyber range exercises. Mobile Networks and Applications, 25:236–247, 2020.
  2. Attribute decoration of attack–defense trees. International Journal of Secure Software Engineering (IJSSE), 3:1–35, 01 2012.
  3. S. Barnum. Standardizing cyber threat intelligence information with the structured threat information expression (STIX). Mitre Corporation, 11:1–22, 2012.
  4. Kypo–a platform for cyber defence exercises. M&S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence. NATO Science and Technology Organization, 2015.
  5. Attack–defense trees. Journal of Logic and Computation, 24(1):55–87, 2014.
  6. H. T. B. Ltd. Hack the box (HTB), 2023. Last Accessed: 5 Jul 2023.
  7. D. Massa. Cyber range: Virtual hacking warfare, 2019. Last Accessed: 5 Jul 2023.
  8. MITRE. CAPEC, 2007. Last Accessed: 5 Jul 2023.
  9. MITRE. CAPEC related projects, 2007. Last Accessed: 5 Jul 2023.
  10. N. C. C. D. C. of Excellence. Locked shields, 2010. Last Accessed: 5 Jul 2023.
  11. B. Schneier. Attack trees. Dr Dobb’s Journal-Software Tools for the Professional Programmer, 24(12):21–31, 1999.
  12. MITRE ATT&CK: Design and philosophy. In Technical report. The MITRE Corporation, 2018.
  13. Shell we play a game? CTF-as-a-service for security education. In 2017 USENIX Workshop on Advances in Security Education (ASE 17), Vancouver, BC, Aug. 2017. USENIX Association.
  14. C. Willems and C. Meinel. Online assessment for hands-on cyber security training in a virtual lab. In Proceedings of the 2012 IEEE Global Engineering Education Conference (EDUCON), pages 1–10. IEEE, 2012.
  15. M. M. Yamin and B. Katt. Modeling and executing cyber security exercise scenarios in cyber ranges. Comput. Secur., 116(C), may 2022.
  16. Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security, 88:101636, 2020.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now