Cyber ranges for training in threat scenarios are nowadays highly demanded in order to improve people ability to detect vulnerabilities and to react to cyber-threats. Among the other components, scenarios deployment requires a modeling language to express the (software and hardware) architecture of the underlying system, and an emulation platform. In this paper, we exploit a model-driven engineering approach to develop a framework for cyber security scenarios deployment. We develop a domain specific language for scenarios construction, which allows the description of the architectural setting of the system under analysis, and a mechanism to deploy scenarios on the OpenStack cloud infrastructure by means of HEAT templates. On the scenario model, we also show how it is possible to detect network configuration problems and structural vulnerabilities. The presented results are part of our ongoing research work towards the definition of a training cyber range within the EU H2020 project THREAT-ARREST.
A Model Driven Approach for Cyber Security Scenarios Deployment / C. Braghin, S. Cimato, E. Damiani, F. Frati, L. Mauri, E. Riccobene (LECTURE NOTES IN ARTIFICIAL INTELLIGENCE). - In: Computer Security / [a cura di] A.P. Fournaris, M. Athanatos, K. Lampropoulos, S. Ioannidis, G. Hatzivasilis, E. Damiani, H. Abie, S. Ranise, L. Verderame, A. Siena, J.Garcia-Alfaro. - [s.l] : Springer, 2020. - ISBN 9783030420505. - pp. 107-122 (( convegno ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC tenutosi a Luxembourg City nel 2019.
Titolo: | A Model Driven Approach for Cyber Security Scenarios Deployment |
Autori: | |
Settore Scientifico Disciplinare: | Settore INF/01 - Informatica |
Data di pubblicazione: | 2020 |
Digital Object Identifier (DOI): | http://dx.doi.org/10.1007/978-3-030-42051-2_8 |
Tipologia: | Book Part (author) |
Appare nelle tipologie: | 03 - Contributo in volume |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
paper1_main.pdf | Pre-print (manoscritto inviato all'editore) | Administrator Richiedi una copia | ||
Braghin2020_Chapter_AModelDrivenApproachForCyberSe.pdf | Publisher's version/PDF | Administrator Richiedi una copia |