Skip to main content
SpringerLink
Log in

Cyber Range Training Programme Specification Through Cyber Threat and Training Preparation Models

  • Conference paper
  • First Online:
Model-driven Simulation and Training Environments for Cybersecurity (MSTEC 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12512))

Abstract

In light of the ever-increasing complexity and criticality of applications supported by ICT infrastructures, Cyber Ranges emerge as a promising solution to effectively train people within organisations on cyber-security aspects, thus providing an efficient mechanism to manage the associated risks. Motivated by this, the work presented herein introduces the model-driven approach of the THREAT-ARREST project for Cyber Range training, presenting in detail the Cyber Threat Training and Preparation (CTTP) models. These models, comprising sub-models catering for different aspects of the training, are used for specifying and generating the Training Programmes. As such, the paper also provides details on implementation aspects regarding the use of these models in the context of a usable cyber range training platform and two specific training scenarios.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Alarming Cyber Security Facts and Stats (2019). https://www.cybintsolutions.com/cyber-security-facts-stats/

  2. Braghin, C., Cimato, S., Damiani, E., Frati, F., Mauri, L., Riccobene, E.: A model driven approach for cyber security scenarios deployment. In: Fournaris, A.P., et al. (eds.) IOSEC/MSTEC/FINSEC -2019. LNCS, vol. 11981, pp. 107–122. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_8

    Chapter  Google Scholar 

  3. Common Platform Enumeration (CPE) (2020). https://csrc.nist.gov/projects/security-content-automation-protocol/specifications/cpe/

  4. D1.3: THREAT-ARREST platform’s initial reference architecture (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D1.3

  5. D3.1: CTTP Models and Programmes Specification Language (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D3.1

  6. D3.3: Reference CTTP Models and Programmes Specifications (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D3.3

  7. D4.2: THREAT-ARREST serious games v1 (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D4.2

  8. D4.3: Training and Visualisation tools IO mechanisms v1 (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D4.3

  9. D5.1: Real event logs statistical profiling module and synthetic event log generator v1 (2020). https://www.threat-arrest.eu/html/PublicDeliverables/D5.1

  10. Erdogan, G., et al.: An Approach to Train and Evaluate the Cybersecurity Skills of Participants in Cyber Ranges based on Cyber-Risk Models, June 2020

    Google Scholar 

  11. Gartner Forecasts Worldwide Information Security Spending to Exceed \$124 Billion in 2019 (2020). https://www.gartner.com/en/newsroom/press-releases/2018-08-15-gartner-forecasts-worldwide-information-security-spending-to-exceed-124-billion-in-2019

  12. Goeke, L., Quintanar, A., Beckers, K., Pape, S.: PROTECT – an easy configurable serious game to train employees against social engineering attacks. In: Fournaris, A.P., et al. (eds.) IOSEC/MSTEC/FINSEC -2019. LNCS, vol. 11981, pp. 156–171. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_11

    Chapter  Google Scholar 

  13. Kubernetes (2020). https://kubernetes.io/

  14. NS-3 Network Simulator (2020). https://www.nsnam.org/

  15. OpenStack (2020). https://www.openstack.org/

  16. PwC’s global economic crime and fraud survey 2018(2020). https://www.pwc.com/gx/en/forensics/gecs-2020/pdf/global-economic-crime-and-fraud-survey-2020.pdf

  17. Rantos, K., Fysarakis, K., Mani-favas, C.: How effective is your security awareness program? An evaluation methodology. Inf. Secur. J. Glob. Perspect. 21(6), 328–345 (2012)

    Article  Google Scholar 

  18. Russo, E., Costa, G., Armando, A.: Scenario design and validation for next generation cyber ranges. In: 2018 IEEE 17th International Symposium on Network Computing and Applications (NCA), pp. 1–4. IEEE (2018)

    Google Scholar 

  19. Schaab, P., Beckers, K., Pape, S.: Social engineering defence mechanisms and counteracting training strategies. Inf. Comput. Secur. 25, 206–222 (2017)

    Article  Google Scholar 

  20. Somarakis, I., Smyrlis, M., Fysarakis, K., Spanoudakis, G.: Model-driven cyber range training: a cyber security assurance perspective. In: Fournaris, A.P., et al. (eds.) IOSEC/MSTEC/FINSEC -2019. LNCS, vol. 11981, pp. 172–184. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_12

    Chapter  Google Scholar 

  21. Soultatos, O., et al.: The THREAT-ARREST cyber-security training platform. IOSEC/MSTEC/FINSEC -2019. LNCS, vol. 11981, pp. 199–214. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42051-2_14

    Chapter  Google Scholar 

  22. THREAT-ARREST (2019). https://www.threat-arrest.eu/

  23. Yamin, M.M., Katt, B., Gkioulos, V.: Cyber ranges and security testbeds: scenarios, functions, tools and architecture. Comput. Secur. 88, 101636 (2020)

    Article  Google Scholar 

Download references

Acknowledgements

This work has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 786890 (THREAT-ARREST).

Author information

Authors and Affiliations

  1. Sphynx Technology Solutions AG, Zug, Switzerland

    Michail Smyrlis, Konstantinos Fysarakis & George Spanoudakis

  2. Department of Computer Science, City, University of London, London, UK

    Michail Smyrlis & George Spanoudakis

  3. Institute of Computer Science Foundation for Research and Technology–Hellas (FORTH) Heraklion, Crete, Greece

    George Hatzivasilis

Authors
  1. Michail Smyrlis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Fysarakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Spanoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. George Hatzivasilis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michail Smyrlis .

Editor information

Editors and Affiliations

  1. Foundation for Research and Technology - Hellas, Heraklion, Greece

    George Hatzivasilis

  2. Technical University of Crete, Chania, Greece

    Sotiris Ioannidis

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Smyrlis, M., Fysarakis, K., Spanoudakis, G., Hatzivasilis, G. (2020). Cyber Range Training Programme Specification Through Cyber Threat and Training Preparation Models. In: Hatzivasilis, G., Ioannidis, S. (eds) Model-driven Simulation and Training Environments for Cybersecurity. MSTEC 2020. Lecture Notes in Computer Science(), vol 12512. Springer, Cham. https://doi.org/10.1007/978-3-030-62433-0_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-62433-0_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-62432-3

  • Online ISBN: 978-3-030-62433-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation