CST-SDL: A Scenario Description Language for Collaborative Security Training in Cyber Ranges

Shirmohammadi, Navid; Tork Ladani, Behrouz

doi:10.22042/isecure.2024.462008.1132

CST-SDL: A Scenario Description Language for Collaborative Security Training in Cyber Ranges

Document Type : Research Article

Authors

Navid Shirmohammadi

Behrouz Tork Ladani

Department of Software Engineering, Faculty of Computer Engineering, University of Isfahan, Isfahan, Iran

https://doi.org/10.22042/isecure.2024.462008.1132

Abstract

As cyber threats grow increasingly sophisticated, the importance of security training as an effective means of prevention will become even more critical. Cyber Range (CR) is a platform for creating cyber training programs using virtualization and simulation technologies to create a realistic training environment. The main challenge for utilizing a CR is the specialized human resources required to design and maintain training sessions. To tackle this challenge, several high-level languages, known as Scenario Description Languages (SDLs), have been developed to enable the specification of training environments as models. These models can then be automatically transformed into deployment artifacts. Our studies showed that the existing SDLs could not address requirements when designing complex scenarios where multiple trainees should collaborate to reach a desired goal through various acceptable solutions. We present the Collaborative Security Training SDL (CST-SDL) for creating multi-trainee and multi-solution scenarios. CST-SDL uses an acyclic directional graph for specifying the scenario's solution routes and allows defining trainees with unique tasks, goals, and solution routes during the training session. To evaluate the CST-SDL's capabilities, we have implemented and integrated it into the KYPO cyber range.

Keywords

Cyber Range

Cybersecurity

Training

Model-Driven Engineering

Scenario Description Language

[1] Cuong Pham, Dat Tang, Ken-ichi Chinen, and Razvan Beuran. Cyris: A cyber range instantiation system for facilitating security training. In Proceedings of the 7th Symposium on Information and Communication Technology, pages 251–258, 2016.
[2] Mika Karjalainen and Tero Kokkonen. Comprehensive cyber arena; the next generation cyber range. In 2020 IEEE European Symposium on 15 https://seedsecuritylabs.org/Labs 20.04/Web/Security and Privacy Workshops (EuroS&PW),
pages 11–16. IEEE, 2020.
[3] Bernard Chng, Bennet Ng, Muhammad M Roomi, Daisuke Mashima, and Xin Lou. Craas: Cloud-based smart grid cyber range for scalable cybersecurity experiments and training. 2024.
[4] Elochukwu Ukwandu, Mohamed Amine Ben Farah, Hanan Hindy, David Brosset, Dimitris Kavallieros, Robert Atkinson, Christos Tachtatzis, Miroslav Bures, Ivan Andonovic, and Xavier Bellekens. A review of cyber-ranges and test-beds: Current and future trends. Sensors, 20(24):7148, 2020.
[5] Michail Smyrlis, Konstantinos Fysarakis, George Spanoudakis, and George Hatzivasilis. Cyber range training programme specification through cyber threat and training preparation models. In Model-driven Simulation and Training Environments for Cybersecurity: Second International Workshop, MSTEC 2020, Guildford, UK, September 14–18, 2020, Revised Selected Papers, pages 22–37. Springer, 2020.
[6] Magdalena Glas, Manfred Vielberth, and Guenther Pernul. Train as you fight: evaluating authentic cybersecurity training in cyber ranges. In Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, pages 1–19, 2023.
[7] Magdalena Glas, Gerhard Messmann, and G¨unther Pernul. Complex yet attainable? an interdisciplinary approach to designing better cyber range exercises. Computers & Security, 144:103965, 2024.
[8] Muhammad Mudassar Yamin and Basel Katt. Modeling and executing cyber security exercise scenarios in cyber ranges. Computers & Security, 116:102635, 2022.
[9] Enrico Russo, Gabriele Costa, and Alessandro Armando. Scenario design and validation for next generation cyber ranges. In 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), pages 1–4. IEEE, 2018.
[10] Enrico Russo, Gabriele Costa, and Alessandro Armando. Building next generation cyber ranges with crack. Computers & Security, 95:101837, 2020.
[11] Gabriele Costa, Enrico Russo, and Alessandro Armando. Automating the generation of cyber range virtual scenarios with vsdl. arXiv preprint arXiv:2001.06681, 2020.
[12] Hussain Aldawood and Geoffrey Skinner. Challenges of implementing training and awareness programs targeting cyber security social engineering. In 2019 cybersecurity and cyberforensics conference (ccc), pages 111–117. IEEE, 2019.
[13] Chiara Braghin, Stelvio Cimato, Ernesto Damiani, Fulvio Frati, Lara Mauri, and Elvinia Riccobene. A model driven approach for cyber security scenarios deployment. In Computer Security: ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC, Luxembourg City, Luxembourg, September 26–27, 2019, Revised Selected Papers 2, pages 107–122. Springer, 2020.
[14] Iason Somarakis, Michail Smyrlis, Konstantinos Fysarakis, and George Spanoudakis. Modeldriven cyber range training: a cyber security assurance perspective. In Computer Security: ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC, Luxembourg City, Luxembourg, September 26–27, 2019, Revised Selected Papers 2, pages 172–184. Springer, 2020.
[15] Stuart Kent. Model driven engineering. In Integrated Formal Methods: Third International Conference, IFM 2002 Turku, Finland, May 15–18, 2002 Proceedings, pages 286–298. Springer, 2002.
[16] Douglas C Schmidt et al. Model-driven engineering. Computer-IEEE Computer Society-, 39(2):25, 2006.
[17] Muhammad Mudassar Yamin, Basel Katt, and Mariusz Nowostawski. Serious games as a tool to model attack and defense scenarios for cyber-security exercises. Computers & Security, 110:102450, 2021.
[18] Steven Cheung, Ulf Lindqvist, and Martin W Fong. Modeling multistep cyber attacks for scenario recognition. In Proceedings DARPA Information Survivability Conference And Exposition, volume 1, pages 284–292. IEEE, 2003.
[19] Jan Vykopal, Radek Oˇslejˇsek, Pavel ˇCeleda, Martin Vizvary, and Daniel Tovarˇn´ak. Kypo cyber range: Design and use cases. 2017.