Paper Info
Title
Model-Driven Cyber Range Training: A Cyber Security Assurance Perspective
Abstract
Security demands are increasing for all types of organisations, due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gaining hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security posture. Additionally, our approach facilitates the automated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty.
Year
DOI
Venue
2019
10.1007/978-3-030-42051-2_12
COMPUTER SECURITY: ESORICS 2019 INTERNATIONAL WORKSHOPS, IOSEC, MSTEC, AND FINSEC
Keywords
DocType
Volume
Cyber Range training, Model driven engineering, Security assurance
Conference
11981
ISSN
Citations 
PageRank 
0302-9743
0
0.34
References 
Authors
0
4
Name
Order
Citations
PageRank
Iason Somarakis100.68
Michail Smyrlis221.52
Konstantinos Fysarakis38315.84
George Spanoudakis41057108.40