Skip to main content
SpringerLink
Log in

The THREAT-ARREST Cyber-Security Training Platform

  • Conference paper
  • First Online:
Computer Security (IOSEC 2019, MSTEC 2019, FINSEC 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11981))

Abstract

Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Intel: A guide to the Internet of Things. Intel (2015). https://www-ssl.intel.com/content/www/us/en/internet-of-things/infographics/guide-to-iot.html

  2. Storm, D.: Hackers allegedly attack polish LOT airline, 10 flights and over 1,400 people grounded. Computer World (2015). https://www.computerworld.com/article/2938485/hackers-allegedly-attack-polish-lot-airline-10-flights-and-over-1-400-people-grounded.html. article 2938485

  3. Khandelwal, S.: United airlines hacked by sophisticated hacking group. The Hacker News (2015). https://thehackernews.com/2015/07/united-airlines-hacked.html

  4. Hirschfeld, J.D.: Hacking of government computers exposed 21.5 million people. New York Times 9 (2015). https://www.nytimes.com/2015/07/10/us/office-of-personnel-management-hackers-got-data-of-millions.html

  5. Newcomb, A.: Anthem hack may have impacted millions of non-customers as well. ABC News (2015). https://abcnews.go.com/Technology/anthem-hack-impacted-millions-customers/story?id=29212840

  6. Al-Ghamdi, A.S.A.-M.: A survey on software security testing techniques. Int. J. Comput. Sci. Telecommun. 4(4), 14–18 (2013)

    Google Scholar 

  7. Salas, M.I.P., Martins, E.: Security testing methodologies for vulnerabilities detection of XSS in web services and WS-security. Electron. Notes Theor. Comput. Sci. 302, 133–154 (2014)

    Article  Google Scholar 

  8. Hatzivasilis, G., et al.: AmbISPDM. Appl. Intell. 48(6), 1623–1643 (2017)

    Article  Google Scholar 

  9. Santa, I.: A users’ guide: how to raise information security awareness. ENISA Rep. 1–140 (2010)

    Google Scholar 

  10. Manifavas, C., Fysarakis, K., Rantos, K., Hatzivasilis, G.: DSAPE – dynamic security awareness program evaluation. In: Tryfonas, T., Askoxylakis, I. (eds.) HAS 2014. LNCS, vol. 8533, pp. 258–269. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07620-1_23

    Chapter  Google Scholar 

  11. Bird, J., Kim, F.: Survey on application security programs and practices. SANS Anal. Surv. 1–24 (2014)

    Google Scholar 

  12. Trustwave: Security testing practices and priorities. An Osterman Res. Surv. Rep. 1–15 (2016)

    Google Scholar 

  13. Hatzivasilis, G., et al.: WARDOG: Awareness detection watchdog for Botnet infection on the host device. IEEE Trans. Sustain. Comput. Spec. Issue Sustain. Inf. Forensic Comput. 1–18 (2019)

    Google Scholar 

  14. Hatzivasilis, G., Fysarakis, K., Askoxylakis, I., Bilanakos, A.: CloudNet anti-malware engine: GPU-accelerated network monitoring for cloud services. In: Fournaris, A.P., Lampropoulos, K., Marín Tordera, E. (eds.) IOSec 2018. LNCS, vol. 11398, pp. 122–133. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12085-6_11

    Chapter  Google Scholar 

  15. Hatzivasilis, G.: Password-hashing status. Cryptography 1(2), 1–31 (2017). MDPI Open Access Journal, number 10

    Google Scholar 

  16. Shillair, R., et al.: Online safety begins with you and me: convincing Internet users to protect themselves. Comput. Hum. Behav. 48, 199–207 (2015)

    Article  Google Scholar 

  17. Safa, N.S., Rossouw, V.S.: An information security knowledge sharing model in organizations. Comput. Hum. Behav. 57, 442–451 (2016)

    Article  Google Scholar 

  18. Beckers, K., Pape, S., Fries, V.: HATCH: hack and trick capricious humans – a serious game on social engineering. In: HCI Conference Fusion, Bournemouth, UK, pp. 1–3 (2016)

    Google Scholar 

  19. Boopathi, K., Sreejith, S., Bithin, A.: Learning cyber security through gamification. Indian J. Sci. Technol. 8(7), 642–649 (2015)

    Article  Google Scholar 

  20. Schreuders, Z.C., Butterfield, E.: Gamification for teaching and learning computer security in higher education. In: ASE, USENIX, Austin, TX, USA, pp. 1–8 (2016)

    Google Scholar 

  21. SANS: Online cyber security training. https://www.sans.org/online-security-training/

  22. CYBERINTERNACADEMY: Complete cybersecurity course review on CYBERINERNACADEMY. https://www.cyberinternacademy.com/complete-cybersecurity-course-guide-review/

  23. StationX: Online cyber security & hacking courses. https://www.stationx.net/

  24. Cybrary: Develop security skills. https://www.cybrary.it/

  25. AwareGO: Security awareness training. https://www.awarego.com/

  26. BeOne Development: Security awareness training. https://www.beonedevelopment.com/en/security-awareness/

  27. ISACA: CyberSecurity Nexus (CSX) training platform. https://cybersecurity.isaca.org/csx-certifications/csx-training-platform

  28. Kaspersky: Kaspersky security awareness. https://www.kaspersky.com/enterprise-security/security-awareness

  29. CyberBit: Cyber security training platform. https://www.cyberbit.com/blog/security-training/cyber-security-training-platform/

  30. Bundesamt fĂĽr Sicherheit in der Informationstechnik (BSI)/Federal Office for Information Security, Germany. Protection Profile for the Security Module of a Smart Meter Gateway (Security Module PP) (2013)

    Google Scholar 

  31. Katopodis, S., Spanoudakis, G., Mahbub, K.: Towards hybrid cloud service certification models. In: International Conference on Services Computing, pp. 394–399 (June 2014)

    Google Scholar 

  32. Hatzivasilis, G., Papaefstathiou, I., Manifavas, C.: Software security, privacy and dependability: metrics and measurement. IEEE Softw. 33(4), 46–54 (2016)

    Article  Google Scholar 

  33. Cichonski, P., et al.: Computer security incident handling guide. NIST Spec. Publ. 800(61), 1–79 (2012)

    Google Scholar 

Download references

Acknowledgements

This work has received funding from the European Unions Horizon 2020 research and innovation programme under grant agreements No. 769066 (RESIST) and No. 786890 (THREAT-ARREST).

Author information

Authors and Affiliations

  1. Foundation for Research and Technology, Vassilika Vouton, 70013, Heraklion, Greece

    Othonas Soultatos

  2. Sphynx Technology Solutions AG, 6300, Zug, Switzerland

    Konstantinos Fysarakis

  3. ATOS Spain SA, 28037, Madrid, Spain

    Hristo Koshutanski

  4. University of Milan, 20122, Milan, Italy

    Ernesto Damiani

  5. Social Engineering Academy (SEA), 60322, Frankfurt, Germany

    Kristian Beckers

  6. SimPlan AG, 63452, Hanau, Germany

    Dirk Wortmann

  7. Information Technology for Market Leadership (ITML), 11525, Athens, Greece

    George Bravos

  8. Lightsource Labs Limited (LSE), Dublin, D06C8X4, Ireland

    Menelaos Ioannidis

  9. Department of Computer Science, City, University of London, London, UK

    Othonas Soultatos & George Spanoudakis

Authors
  1. Othonas Soultatos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos Fysarakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. George Spanoudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hristo Koshutanski
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ernesto Damiani
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Kristian Beckers
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Dirk Wortmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. George Bravos
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Menelaos Ioannidis
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Othonas Soultatos .

Editor information

Editors and Affiliations

  1. Industrial Systems Institute/Research Center ATHENA, Patras, Greece

    Apostolos P. Fournaris

  2. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    Manos Athanatos

  3. University of Patras, Patras, Greece

    Konstantinos Lampropoulos

  4. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    Sotiris Ioannidis

  5. Foundation for Research and Technology - Hellas (FORTH), Heraklion, Greece

    George Hatzivasilis

  6. University of Milan, Milan, Italy

    Ernesto Damiani

  7. Norwegian Computing Center, Oslo, Norway

    Habtamu Abie

  8. Fondazione Bruno Kessler, Trento, Italy

    Silvio Ranise

  9. University of Genoa, Genoa, Italy

    Luca Verderame

  10. Fondazione Bruno Kessler, Trento, Italy

    Alberto Siena

  11. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Soultatos, O. et al. (2020). The THREAT-ARREST Cyber-Security Training Platform. In: Fournaris, A., et al. Computer Security. IOSEC MSTEC FINSEC 2019 2019 2019. Lecture Notes in Computer Science(), vol 11981. Springer, Cham. https://doi.org/10.1007/978-3-030-42051-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42051-2_14

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42050-5

  • Online ISBN: 978-3-030-42051-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation