TY - GEN
T1 - A Model Driven Approach for Cyber Security Scenarios Deployment
AU - Braghin, Chiara
AU - Cimato, Stelvio
AU - Damiani, Ernesto
AU - Frati, Fulvio
AU - Mauri, Lara
AU - Riccobene, Elvinia
N1 - Funding Information:
Acknowledgment. This work has been partly funded by the European Union’s Horizon 2020 research and innovation programme under the project THREAT-ARREST (Grant Agreement No. 786890).
Funding Information:
However, most existing cyber challenge platforms are either restricted to use by government only or are too expensive to be purchased and maintained by high schools and universities. Born out of the idea of creating a cyber challenge platform usable at the educational level in schools, the University of Rhode Island Open Cyber Challenge Platform (OCCP) [6] is a project supported by the U.S. National Science Foundation which proposes to develop a cyber challenge platform with low cost hardware requirements. The OCCP is a configurable and virtual controlled teaching environment that is freely distributed to high schools and colleges. In order to bridge together government, industry and academia knowledge to advance the foundation of cyber science in the context of Army networks, in 2013 the U.S. Army Research Laboratory (ARL) established a Cyber Security Collaborative Research Alliance (CSCRA) [3] led by Pennsylvania State University. The CSCRA is expected to be applicable to a broad array of Army domains and applications, and its ultimate goal is to enhance cyber threat detection, autonomous planning and control of cyber maneuvers, and adaptive reasoning for deception in complex, adversarial, and uncertain environments. One of the most widely used training and simulation platform is Cyberbit Range [4], which provides a hyper-realistic training environment and advanced training tools including highly customizable dynamic range modeling and simulated attack scenarios, whilst the KYPO platform [5] is an innovative cyber range solution developed using a requirements-driven development process. Specifically, it was designated as a flexible and scalable system based on cloud platforms OpenNebula and OpenStack with the goal to guarantee cost-effective and time-efficient simulation, as well as provide transparent access to the environment itself. Indeed, the proposed platform is offered as a service with access through a web browser, so it inherits the benefits deriving from PaaS, such as efficiency, agility and productivity. Moreover, it supports multiple use cases and provides monitoring infrastructure for experiments.
Publisher Copyright:
© Springer Nature Switzerland AG 2020.
PY - 2020
Y1 - 2020
N2 - Cyber ranges for training in threat scenarios are nowadays highly demanded in order to improve people ability to detect vulnerabilities and to react to cyber-threats. Among the other components, scenarios deployment requires a modeling language to express the (software and hardware) architecture of the underlying system, and an emulation platform. In this paper, we exploit a model-driven engineering approach to develop a framework for cyber security scenarios deployment. We develop a domain specific language for scenarios construction, which allows the description of the architectural setting of the system under analysis, and a mechanism to deploy scenarios on the OpenStack cloud infrastructure by means of HEAT templates. On the scenario model, we also show how it is possible to detect network configuration problems and structural vulnerabilities. The presented results are part of our ongoing research work towards the definition of a training cyber range within the EU H2020 project THREAT-ARREST.
AB - Cyber ranges for training in threat scenarios are nowadays highly demanded in order to improve people ability to detect vulnerabilities and to react to cyber-threats. Among the other components, scenarios deployment requires a modeling language to express the (software and hardware) architecture of the underlying system, and an emulation platform. In this paper, we exploit a model-driven engineering approach to develop a framework for cyber security scenarios deployment. We develop a domain specific language for scenarios construction, which allows the description of the architectural setting of the system under analysis, and a mechanism to deploy scenarios on the OpenStack cloud infrastructure by means of HEAT templates. On the scenario model, we also show how it is possible to detect network configuration problems and structural vulnerabilities. The presented results are part of our ongoing research work towards the definition of a training cyber range within the EU H2020 project THREAT-ARREST.
UR - http://www.scopus.com/inward/record.url?scp=85081679647&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-42051-2_8
DO - 10.1007/978-3-030-42051-2_8
M3 - Conference contribution
AN - SCOPUS:85081679647
SN - 9783030420505
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 107
EP - 122
BT - Computer Security - ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC, Revised Selected Papers
A2 - Fournaris, Apostolos P.
A2 - Athanatos, Manos
A2 - Ioannidis, Sotiris
A2 - Hatzivasilis, George
A2 - Lampropoulos, Konstantinos
A2 - Damiani, Ernesto
A2 - Abie, Habtamu
A2 - Ranise, Silvio
A2 - Siena, Alberto
A2 - Verderame, Luca
A2 - Garcia-Alfaro, Joaquin
PB - Springer
T2 - 2nd International Workshop on Information and Operational Technology (IT and OT) security systems, IOSec 2019, the 1st International Workshop on Model-driven Simulation and Training Environments, MSTEC 2019, and the 1st International Workshop on Security for Financial Critical Infrastructures and Services, FINSEC 2019, held in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019
Y2 - 26 September 2019 through 27 September 2019
ER -