Adversary Tactic Driven Scenario and Terrain Generation with Partial Infrastructure Specification
Autoři | |
---|---|
Rok publikování | 2024 |
Druh | Článek ve sborníku |
Konference | ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security |
Fakulta / Pracoviště MU | |
Citace | |
Doi | http://dx.doi.org/10.1145/3664476.3664523 |
Klíčová slova | cybersecurity model; adversary framework; attack scenario generation; cyber terrain generation |
Přiložené soubory | |
Popis | Diverse, accurate, and up-to-date training environments are essential for training cybersecurity experts and autonomous systems. However, preparation of their content is time-consuming and requires experts to provide detailed specifications. In this paper, we explore the challenges of automated generation of the content (composed of scenarios and terrains) for these environments. We propose new models to represent the cybersecurity domain and associated action spaces. These models are used to create sound and complex training content based on partial specifications provided by users. We compare the results with a real-world complex malware campaign to assess the realism of the synthesized content. To further evaluate the correctness and variability of the results, we utilize the kill-chain attack graph generation for the generated training content to asses the internal correspondence of its key components. Our results demonstrate that the proposed approach can create complex training content similar to advanced attack campaigns, which passes evaluation for soundness and practicality. Our proposed approach and its implementation significantly contribute to the state of the art, enabling novel approaches to cybersecurity training and autonomous system development. |
Související projekty: |