Abstract
Cyber ranges for training in threat scenarios are nowadays highly demanded in order to improve people ability to detect vulnerabilities and to react to cyber-threats. Among the other components, scenarios deployment requires a modeling language to express the (software and hardware) architecture of the underlying system, and an emulation platform.
In this paper, we exploit a model-driven engineering approach to develop a framework for cyber security scenarios deployment. We develop a domain specific language for scenarios construction, which allows the description of the architectural setting of the system under analysis, and a mechanism to deploy scenarios on the OpenStack cloud infrastructure by means of HEAT templates. On the scenario model, we also show how it is possible to detect network configuration problems and structural vulnerabilities. The presented results are part of our ongoing research work towards the definition of a training cyber range within the EU H2020 project THREAT-ARREST.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cisco Cyber Range. https://www.cisco.com/c/dam/en_us/about/doing_business/legal/service_descriptions/docs/asf-cyber-range-large.pdf?dtid=osscdc000283
Civil Cyber Range Platform for a novel approach to cybersecurity threats simulation and professional training. https://cyberwiser.eu/
Cyber Security Research Alliance. https://www.arl.army.mil/www/default.cfm?page=1417
Cyberbit Range. https://www.cyberbit.com/solutions/cyber-range/platform/
KYPO Cyber Range. https://www.kypo.cz/en
Open Cyber Challenge Platform. https://opencyberchallenge.net/
Ponemon Institute: 2016 cost of cyber crime study & the risk of business innovation (2016). https://www.ponemon.org/local/upload/file/2016%20HPE%20CCC%20GLOBAL%20REPORT%20FINAL%203.pdf
Bettini, L.: Implementing Domain Specific Languages with Xtext and Xtend, 2nd edn. Packt Publishing, Birmingham (2016)
Damodaran, S.K., Tidmarsh, D.: Model based verification of cyber range event environments. In: Proceedings of the Modeling and Simulation of Complexity in Intelligent, Adaptive and Autonomous Systems 2016 (MSCIAAS 2016) and Space Simulation for Planetary Space Exploration (SPACE 2016), MSCIAAS 2016, Society for Computer Simulation International, San Diego, CA, USA, pp. 5:1–5:8 (2016). http://dl.acm.org/citation.cfm?id=2962664.2962669
Ferguson, B., Tall, A., Olsen, D.: National cyber range overview. In: 2014 IEEE Military Communications Conference, pp. 123–128, October 2014. https://doi.org/10.1109/MILCOM.2014.27
Gargantini, A., Riccobene, E., Scandurra, P.: A semantic framework for metamodel-based languages (2009). https://doi.org/10.1007/s10515-009-0053-0
Kleppe, A.: A language description is more than a metamodel. In: Fourth International Workshop on Software Language Engineering, vol. 1. megaplanet. org (2007)
OpenStack: Openstack docs: openstack resource types (2018), https://docs.openstack.org/heat/stein/template_guide/openstack.html
OpenStack: Heat orchestration template (HOT) guide (2019). https://docs.openstack.org/heat/latest/template_guide/hot_guide.html
OpenStack: Open source software for creating private and public clouds (2019). https://www.openstack.org/
Pham, C., Tang, D., Chinen, K., Beuran, R.: CyRIS: a cyber range instantiation system for facilitating security training. In: SoICT (2016)
Pridmore, L., Lardieri, P., Hollister, R.: National Cyber Range (NCR) automated test tools: implications and application to network-centric support tools. In: 2010 IEEE AUTOTESTCON, pp. 1–4, September 2010. https://doi.org/10.1109/AUTEST.2010.5613581
Schreuders, Z.C., Shaw, T., Shan-A-Khuda, M., Ravichandran, G., Keighley, J., Ordean, M.: Security scenario generator (SecGen): a framework for generating randomly vulnerable rich-scenario VMs for learning computer security and hosting CTF events. In: 2017 USENIX Workshop on Advances in Security Education ASE 17. USENIX Association, Vancouver (2017). https://www.usenix.org/conference/ase17/workshop-program/presentation/schreuders
Steinberg, D., Budinsky, F., Paternostro, M., Merks, E.: EMF: Eclipse Modeling Framework, 2nd edn. Addison-Wesley Professional, Boston (2008)
Acknowledgment
This work has been partly funded by the European Union’s Horizon 2020 research and innovation programme under the project THREAT-ARREST (Grant Agreement No. 786890).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Braghin, C., Cimato, S., Damiani, E., Frati, F., Mauri, L., Riccobene, E. (2020). A Model Driven Approach for Cyber Security Scenarios Deployment. In: Fournaris, A., et al. Computer Security. IOSEC MSTEC FINSEC 2019 2019 2019. Lecture Notes in Computer Science(), vol 11981. Springer, Cham. https://doi.org/10.1007/978-3-030-42051-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-42051-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-42050-5
Online ISBN: 978-3-030-42051-2
eBook Packages: Computer ScienceComputer Science (R0)