Abstract
In response to the increasing number and complexity of cyber threats, universities, industry, and government agencies are widely employing network emulation environments for cybersecurity training and experimentation. These environments, known as “cyber ranges”, can model enterprise networks and sophisticated attacks, providing a realistic experience for the users. Building and deploying such environments is currently very time consuming, especially for complex scenarios and a high number of participants to the training exercises. This paper presents how virtualization and automation tools can be used to address this issue, starting from the formal specification of the emulated network environment to the automated deployment and replication of virtual machines. Our approach is based on widely used technologies and allows building tailored environments that fulfill organization needs for specific training, exercise, research, and development.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
European Cyber Security Organisation, Understanding Cyber Ranges: From Hype to Reality. https://ecs-org.eu/press-releases/understanding-cyber-ranges-from-hype-to-reality. Accessed 09 Jan 2020
Vykopal, J., Vizváry, M., Oslejsek, R., Celeda, P., Tovarnak, D.: Lessons learned from complex hands-on defence exercises in a cyber range. In: 2017 IEEE Frontiers in Education Conference (FIE) (2017)
Russo, E., Costa, G., Armando, A.: Building next generation cyber ranges with CRACK. Comput. Secur. 95, 101837 (2020)
Pham, C., Tang, D., Chinen, K. I., Beuran, R.: CyRIS: a cyber range instantiation system for facilitating security training. In: Proceedings of the Seventh Symposium on Information and Communication Technology (2016)
Vykopal, J., Oslejsek, R., Celeda, P., Vizvary, M., Tovarnak, D.: KYPO cyber range: design and use cases. In: Proceedings of the 12th International Conference on Software Technologies (2017)
Weiss, R., Turbak, F., Mache, J., Locasto, M.E.: Cybersecurity education and assessment in EDURange. IEEE Secur. Priv. 15(3), 90–95 (2017)
Conte de Leon, D., Goes, C.E., Haney, M.A., Krings, A.W.: ADLES: specifying, deploying, and sharing hands-on cyber-exercises. Comput. Secur. 74, 12–40 (2018)
Hildebrand, E., Flinterman, R., Mulder, J., Smit, A.: Clusus: a cyber range for network attack simulations, TU Delft Repositories (2019)
Leitner, M., et al.: AIT cyber range: flexible cyber security environment for exercises, training and research. In: European Interdisciplinary Cybersecurity Conference (EICC) (2020)
National Institute of Standards and Technology, The Cyber Range: A Guide. https://www.nist.gov/document/cyber-range-guide. Accessed 09 Oct 2020
Acknowledgements
This work was supported by a grant of the Romanian Ministry of Research and Innovation, CCCDI – UEFISCDI, project number PN-III-P1-1.2-PCCDI-2017-0272/ Avant-garde Technology Hub for Advanced Security (ATLAS), within PNCDI III.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Bica, I., Unc, R.L., Țurcanu, Ș. (2021). Virtualization and Automation for Cybersecurity Training and Experimentation. In: Maimut, D., Oprina, AG., Sauveron, D. (eds) Innovative Security Solutions for Information Technology and Communications. SecITC 2020. Lecture Notes in Computer Science(), vol 12596. Springer, Cham. https://doi.org/10.1007/978-3-030-69255-1_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-69255-1_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-69254-4
Online ISBN: 978-3-030-69255-1
eBook Packages: Computer ScienceComputer Science (R0)