Design and Evaluation of Advanced Persistent Threat Scenarios for Cyber Ranges

Both criminals and state actors are using the cyberspace to pursue their interests, including obtaining information, sabotaging networks, and disseminating disinformation. Advanced Persistent Threats (APTs) are state and non-state threat actors with high levels of expertise, target knowledge, and av...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE access 2024, Vol.12, p.72458-72472
Hauptverfasser: Bierwirth, Tore, Pfutzner, Stefan, Schopp, Matthias, Steininger, Christoph
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Both criminals and state actors are using the cyberspace to pursue their interests, including obtaining information, sabotaging networks, and disseminating disinformation. Advanced Persistent Threats (APTs) are state and non-state threat actors with high levels of expertise, target knowledge, and available financial and material resources. To effectively counter APT campaigns, it is necessary to have a deep understanding of the methods used by threat actors. Cyber Ranges provide a realistic training environment to develop and train the skills needed to respond to future attacks. However, this requires the ability to simulate APT attacks in a Cyber Range in an automated manner. This article presents an approach to implementing APT scenarios in fully virtualized Cyber Ranges. To achieve this, we extended a theoretical model to enable the formalized representation of APT attacks. Based on this model, we developed a concept for the technical implementation resulting in a framework for an automated simulation of APT attacks in Cyber Ranges. We evaluated both by formalizing two different real-world APT scenarios and implementing an abstract one.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2024.3402744