Comprehensive Cyber Arena; The Next Generation Cyber Range

Karjalainen, Mika; Kokkonen, Tero

doi:10.1109/eurospw51379.2020.00011

Cited by 31 publications

(23 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For instance, academic literature makes a distinction between CRs and testbeds (Davis and Magrath, 2013;Ukwandu et al, 2020), with the latter often referring to the testing of operational technologies (OT). Much work has sought to likewise create different categories of use to apply to different types of groups and their technical architecture (Karjalainen and Kokkonen, 2020;Urias et al, 2018), as well as their military use (Debatty and Mees, 2019). Päijänen et al (2021), for instance, identify both 'government' and 'military cyber defence capabilities' as target groups for CRs, and identify international exercises by states as one implementation.…”

Section: Cyber Range Architecture and Usementioning

confidence: 99%

On the Use and Strategic Implications of Cyber Ranges in Military Contexts: A Dual Typology

Hansel¹,

Dwyer²,

Moog³

et al. 2023

iccws

View full text Add to dashboard Cite

The use of simulated environments in cybersecurity – cyber ranges (CRs) – has become a popular method and tool to support training and education, assess system vulnerabilities, as well as to test and probe computer networks. Yet, CRs can be adopted to improve and enhance adversarial skill sets, tools, and operations that are attractive for military applications. This paper develops a strategic typology on how CRs have been used and adopted in military contexts (CRiMCs), where states have turned to CRs as one method to build cyber capacity, address proportionality and responsibility of cyber operations, as well as offer training and education. We identify CRiMCs that offer two strategic purposes: 1) reserved for sovereign use and capability development and 2) those intended to support cyber capacity building through domestic resilience and collaborative inter-state exercises. We thus ask, why do states establish sovereign cyber ranges ‘on top’ of being involved in collaborative ones? Why and how do they differ? To answer such questions, this paper delves into both the crucial technical components that support each CRiMC type and their implications by offering exemplars from five states (Lithuania, Norway, Slovenia, the Netherlands, and the USA). The paper concludes with some preliminary thoughts on future research avenues on CRiMCs and their implications for the use and governance of state cyber capabilities.

show abstract

Section: Cyber Range Architecture and Usementioning

confidence: 99%

On the Use and Strategic Implications of Cyber Ranges in Military Contexts: A Dual Typology

Hansel¹,

Dwyer²,

Moog³

et al. 2023

iccws

View full text Add to dashboard Cite

show abstract

“…Vi kan sjå ein cyberrange som ein infrastruktur for øving og trening på cybersikkerheit der virtualiseringsteknologi vert nytta til å byggje opp nettverk av emulerte system. I alle øvingane vart det lagt vekt på at det skulle vere ein realistisk og kompleks omgjevnad som liknar på reelle system (Brilingaitė et al 2020;Geers 2010;Karjalainen & Kokkonen 2020a;Vykopal 2017). Yamin et al (2020) gjer ein gjennomgang av litteratur om cyberranges.…”

Section: Cybersikkerheitsøvingarunclassified

Øving på cybersikkerheit: Ein casestudie av ei cybersikkerheitsøving

Lund

2022

Scandinavian Journal of Military Studies

View full text Add to dashboard Cite

Denne artikkelen presenterer ein casestudie av ei cybersikkerheitsøving i militaer utdanning, og nyttar denne casestudien til å drøfte nokre utfordringar med cybersikkerheitsøvingar til utdanningsføremål. Casestudien gjer greie for sentrale avgjerder i designet av øvinga, evaluering av øvinga og utfordringar i øvingskonseptet. Gjennom ein litteraturgjennomgang samanliknar vi øvinga med liknande øvingar, og ser på korleis desse øvingane har blitt evaluert. Avslutningsvis nyttar vi casestudien og litteraturgjennomgangen til å gjere betraktningar om vidare undersøkingar av cybersikkerheitsøvingar.

show abstract

“…According to NIST they can range from single stand-alone ranges in a single schoolhouse or an organization to internet replicating ranges that are accessible from all over the world. Karjalainen et al [18] introduce the concept of cyber arenas. They describe the need for next generation cyber ranges that are capable of providing a more complex infrastructure for cybersecurity trainings and exercises that is needed because of the accelerating digital transformation.…”

Section: Different Definitions Of Crsmentioning

confidence: 99%

Cybersecurity of Cyber Ranges: Threats and Mitigations

Noponen¹,

Pärssinen²,

Salonen³

2022

IJISR

View full text Add to dashboard Cite

Cyber ranges are often used to enhance the cybersecurity posture of a company by training relevant skills. These environments are traditionally used to host exercises that simulate cybersecurity scenarios, improve the cybersecurity skills of employees and enhance the security of networks and processes. By using digital twins, it is possible to organise more targeted cyber range trainings to companies operating in the critical infrastructure sector. Especially in this sector it is important to consider the cybersecurity of these environments themselves as they often may handle companyspecific confidential information. This study presents several cybersecurity related threats and challenges that cyber ranges may face during different phases of use. Cyber threats may be exposed to the actual systems that the ranges are meant to protect if these issues are not taken into consideration and mitigated. Malicious attackers may use the information in the cyber ranges to learn the weaknesses in the actual system. We approach the subject by reviewing the relevant literature, which is currently very limited especially when looking at the cybersecurity issues of cyber ranges. We divide the subject into the different phases of cyber range development and use, and also discuss relevant cloud security issues. Finally, we present actions to mitigate the identified cybersecurity threats and issues in cyber ranges when using them for training and awareness activities.

show abstract

Comprehensive Cyber Arena; The Next Generation Cyber Range

Cited by 31 publications

References 20 publications

On the Use and Strategic Implications of Cyber Ranges in Military Contexts: A Dual Typology

On the Use and Strategic Implications of Cyber Ranges in Military Contexts: A Dual Typology

Øving på cybersikkerheit: Ein casestudie av ei cybersikkerheitsøving

Cybersecurity of Cyber Ranges: Threats and Mitigations

Contact Info

Product

Resources

About