Designing a Cyber Range Exercise for Educational Purposes

Larrucea, Xabier; Santamaría, Izaskun

doi:10.1007/978-3-030-56441-4_22

Cited by 6 publications

(3 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Depending on the purpose of the system, there are defined multiple types of Cyber Ranges. Main purposes highlighted also by another research (Larrucea & Santamaría, 2020) Cyber Ranges are part of an organization's cyber capabilities, and they may be used to train security personnel, conduct research and development on cyber tools and other assets, and conduct continuous cyber exercises to test such capabilities Cyber resilience refers to an organization's capacity to respond to and withstand a security event or cyber-attack while continuing to provide its core service services. Understanding Cyber Ranges is defined by NIST as "the capacity to predict, endure, recover from, and adapt to cyber threats" Recruitment identify, test their capabilities and hire professionals Competitions -cyber security and not only find cybersecurity talents and fill the security skills gaps deploy IT infrastructures for competitions outside de cybernetic realm…”

Section: Cyber Range Systems Overviewmentioning

confidence: 99%

Cyber Ranges Implementation Methodology

Lateș

2022

Proceedings of the International Conference on Business Excellence

View full text Add to dashboard Cite

Cyber Ranges represent complex, multi-component informatic systems, mainly used in the cyber security field. This domain is not the only operational scope of the Cyber Range concept. The applicability of this kind of system presents great benefits in domains like education, research, military etc. The entire scope of Cyber Range systems may be classified into three main categories: training and simulation, research and e-learning. The complexity of a Cyber Range system involves a time and financial consuming implementation. Depending on the area of operation, implementation may vary because each domain involves specific components. As a result, there must be steps prior to implementation in which the whole set of required pieces must be determined precisely. The existence of an implementation methodology may increase the performance and decrease the implementation costs - in the manner of time and financial resources. This paper aims to lay the foundations of a methodology for implementing cyber range systems in the main fields (training and simulation, research and e-learning). Starting from this methodology, detailed configuration and implementation procedures can be developed in each branch of each field.

show abstract

Section: Cyber Range Systems Overviewmentioning

confidence: 99%

Cyber Ranges Implementation Methodology

Lateș

2022

Proceedings of the International Conference on Business Excellence

View full text Add to dashboard Cite

show abstract

“…A research work conducted in [9] deals with three main ideas: first, knowing how exercises are defined, and the current trend in this area; second, the different use of CR testbeds to simulate and test network attack scenarios such as Sonarqube [9], DETERlab [10], ARENA [11], Emulab [12], RINSE [13], LARIAT [14], and some universities [15] that use the Moodle e-Learning system for cyber education; and third, using separate environments such as CR and SonarQube as a key tool for analysis and supervising the exercises. The proposed scenario in [9] trains people on source code analysis and a vulnerability detection approach, representing a first step in defining a CR infrastructure and a cost-effective exercise using SonarQube. The difference between the proposed system presented in [9] and our approach is that the former used SonarQube, a static source code analysis tool and the later uses the Q8CR approach.…”

Section: Literature Reviewmentioning

confidence: 99%

“…The proposed scenario in [9] trains people on source code analysis and a vulnerability detection approach, representing a first step in defining a CR infrastructure and a cost-effective exercise using SonarQube. The difference between the proposed system presented in [9] and our approach is that the former used SonarQube, a static source code analysis tool and the later uses the Q8CR approach. At the same time, our proposed approach is a cyber-security incident model that deals with different scenarios, including source code analysis.…”

Section: Literature Reviewmentioning

confidence: 99%

Developing a Cyber Incident Exercises Model to Educate Security Teams

et al. 2022

View full text Add to dashboard Cite

Since cyber attacks are increasing and evolving rapidly, the need to enhance cyber-security defense is crucial. A cyber incident exercise model is a learning technique to provide knowledge about cyber security to enhance a security team’s incident response. In this research work, we proposed a cyber incident model to handle real-time security attacks in various scenarios. The proposed model consisted of three teams: (1) the black team, (2) the red team, and (3) the blue team. The black team was a group of instructors responsible for setting up the environment. They had to educate the red and blue teams about cyber security and train them on facing cyber attacks. Once the training period was completed, the members were divided into two teams to conduct a cyber-security competition in a cyber game scenario. Each of the two teams performed a different task. The red team was the offensive team that was responsible for launching cyber-security attacks. The blue team was the defensive team that was responsible for countering attacks and minimizing the damage caused by attackers; they had to conduct both cyber-security configuration and incident handling. During the scenario, the black team was responsible for guiding and monitoring both the red and the blue teams, ensuring the rules were applied throughout the competition. At the end of the competition, the members of each team changed with each other to make sure every team member was using the knowledge they gained from the training period and every participant was evaluated impartially. Finally, we showed the security team’s offensive and defensive skills via the red team and the blue team, respectively.

show abstract