Adversary Tactic Driven Scenario and Terrain Generation with Partial Infrastructure Specification

Warning

This publication doesn't include Faculty of Sports Studies. It includes Faculty of Informatics. Official publication website can be found on muni.cz.
Authors

RUMAN Ádám DRAŠAR Martin SADLEK Lukáš YANG Shanchieh Jay ČELEDA Pavel

Year of publication 2024
Type Article in Proceedings
Conference ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security
MU Faculty or unit

Faculty of Informatics

Citation
Doi http://dx.doi.org/10.1145/3664476.3664523
Keywords cybersecurity model; adversary framework; attack scenario generation; cyber terrain generation
Attached files
Description Diverse, accurate, and up-to-date training environments are essential for training cybersecurity experts and autonomous systems. However, preparation of their content is time-consuming and requires experts to provide detailed specifications. In this paper, we explore the challenges of automated generation of the content (composed of scenarios and terrains) for these environments. We propose new models to represent the cybersecurity domain and associated action spaces. These models are used to create sound and complex training content based on partial specifications provided by users. We compare the results with a real-world complex malware campaign to assess the realism of the synthesized content. To further evaluate the correctness and variability of the results, we utilize the kill-chain attack graph generation for the generated training content to asses the internal correspondence of its key components. Our results demonstrate that the proposed approach can create complex training content similar to advanced attack campaigns, which passes evaluation for soundness and practicality. Our proposed approach and its implementation significantly contribute to the state of the art, enabling novel approaches to cybersecurity training and autonomous system development.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info