A Flexible Cyber Security Experimentation Platform Architecture Based on Docker

Yin, Yong; Shao, Yuyan; Wang, Xuefeng; Su, Qingran

doi:10.1109/qrs-c.2019.00082

Cited by 6 publications

(6 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2019, Yin, et al, [20] present a new architecture for a cyber security experimentation platform on the basis of Docker. This software has the scalability and flexibility necessary for large-scale cyber simulations.…”

Section: Literature Reviewmentioning

confidence: 99%

Hybrid H-DOC: A bait for analyzing cyber attacker behavior

Amal

Venkadesh

2023

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

Cyber security is a vital concern for companies with internet-based cloud networks. These networks are constantly vulnerable to attack, whether from inside or outside organization. Due to the ever-changing nature of the cyber world, security solutions must be updated regularly in order to keep infrastructure secure. With the use of attack detection approaches, security systems such as antivirus, firewalls, or intrusion detection systems have become more effective. However, conventional systems are unable to detect zero-day attacks or behavioral changes. These drawbacks can be overcome by setting up a honeypot. In this paper, a hybrid Honeynet model deployed in Docker (H-DOC) bait has been proposed that comprises both low interaction and high interaction honeypot to attract the malicious attacker and to analyze the behavioral patterns. This is a form of bait, designed to detect or block attacks, or to divert an attacker's attention away from the legitimate services. It focuses only on the SSH protocol, as it is widely used for remote system access and is a popular target of attacks. The proposed Hybrid H-DOC method identify ransomware activity, attack trends, and timely decision-making through the use of an effective rule and tunes the firewall. The attack detection accuracy of the proposed Hybrid H-DOC method when compared with IDH, Decepti-SCADA, AS-IDS and HDCM is 13.97%, 11.82%, 8.60% and 5.07% respectively.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Hybrid H-DOC: A bait for analyzing cyber attacker behavior

Amal

Venkadesh

2023

Int. j. electr. comput. eng. syst. (Online)

View full text Add to dashboard Cite

show abstract

“…Here, we present a subset of previous works that are the most relevant to the PocketCTF approach. The idea of using LXC containers or Dockers instead of virtual machines for CTF labs has been under research over the last few years [11,30]. More specifically, Irvine et al introduced a framework for parameterizing cybersecurity labs by using Docker containers instead of virtualization technologies [24].…”

Section: Related Workmentioning

confidence: 99%

“…Moreover, the benefits of virtualization and Dockers have also been considered by analyzing their capabilities for network virtualization [46,47]. The networking functionalities of containerization technology in the content of lightweight virtualization instances have been under research [30,48]. Finally, the capabilities of cyber ranges to use virtualization technologies to easily recover or to reproduce laboratory scenarios have been also studied [49].…”

Section: Related Workmentioning

confidence: 99%

“…Important software packages that relate to defensive tasks are included while the vulnerable services are deployed by using containerization technologies [25]. More specifically, first a performance evaluation of various virtualization technologies is conducted including Dockers, Linux Containers (LXC) [26,27], and the Kernel-based Virtual Machine (KVM) [28][29][30]. The main goal is to identify the most suitable virtualization technology that would allow instructors to deploy complex scenarios without introducing significant performance overheads [1,31,32].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

PocketCTF: A Fully Featured Approach for Hosting Portable Attack and Defense Cybersecurity Exercises

et al. 2021

View full text Add to dashboard Cite

Capture the flag (CTF) challenges are broadly used for engaging trainees in the technical aspects of cybersecurity, maintaining hands-on lab exercises, and integrating gamification elements. However, deploying the appropriate digital environment for conducting cybersecurity exercises can be challenging and typically requires a lot of effort and system resources by educators. In this paper, we present PocketCTF, an extensible and fully independent CTF platform, open to educators to run realistic virtual labs to host cybersecurity exercises in their classrooms. PocketCTF is based on containerization technologies to minimize the deployment effort and to utilize less system resources. A proof-of-concept implementation demonstrates the feasibility of deploying CTF challenges that allows the trainees to engage not only in offensive security but also in defensive tasks that have to be conducted during cybersecurity incidents. When using PocketCTF, educators can deploy hands-on labs, spending less time on the deployment and without necessarily having the advanced technical background to deploy complex labs and scenarios.

show abstract

“…In this method, various experimental environments and network topologies with flexible monitoring and faster test environment has been deployed for larger cyber simulation. Additional functions of cyber security have been further improved by using the proposed method [21].…”

Section: Literature Surveymentioning

confidence: 99%

Security Tools for Internet of Things: A Review

Singh¹,

Singh²

2020

IRJASH

View full text Add to dashboard Cite

In today's communications, the main challenging facet is Security of LTE systems in terms of various areas such as mutual authentication, key management, forward and backward secrecy, use of efficient security tools, etc. For proper key management, the generation and distribution of random keys is of main concern which can be done with the help of dynamic security tools. In this paper, main features of security tools like, Docker, Java Cryptography Architecture (JCA), Token-based authentication have been reviewed. Docker provides containerized environment based on application virtualization and also lighter than virtual machines. To define cryptographic concepts and algorithms, JCA cites design patterns and an extensible framework for Java platform. Token-based authentication method or system is used to provide secure user access to server using a token, like smart cards.

show abstract

A Flexible Cyber Security Experimentation Platform Architecture Based on Docker

Cited by 6 publications

References 12 publications

Hybrid H-DOC: A bait for analyzing cyber attacker behavior

Hybrid H-DOC: A bait for analyzing cyber attacker behavior

PocketCTF: A Fully Featured Approach for Hosting Portable Attack and Defense Cybersecurity Exercises

Security Tools for Internet of Things: A Review

Contact Info

Product

Resources

About