Abstract | ||
---|---|---|
Security demands are increasing for all types of organisations, due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gaining hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security posture. Additionally, our approach facilitates the automated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1007/978-3-030-42051-2_12 | COMPUTER SECURITY: ESORICS 2019 INTERNATIONAL WORKSHOPS, IOSEC, MSTEC, AND FINSEC |
Keywords | DocType | Volume |
Cyber Range training, Model driven engineering, Security assurance | Conference | 11981 |
ISSN | Citations | PageRank |
0302-9743 | 0 | 0.34 |
References | Authors | |
0 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Iason Somarakis | 1 | 0 | 0.68 |
Michail Smyrlis | 2 | 2 | 1.52 |
Konstantinos Fysarakis | 3 | 83 | 15.84 |
George Spanoudakis | 4 | 1057 | 108.40 |