Design and Implementation of Cyber Attack Simulator based on Attack Techniques Modeling |
Kang, Yong Goo
(Graduate School of Information Security, Korea University)
Yoo, Jeong Do (Graduate School of Information Security, Korea University) Park, Eunji (Graduate School of Information Security, Korea University) Kim, Dong Hwa (The 2nd R&D Institute, Agency for Defense Development) Kim, Huy Kang (Graduate School of Information Security, Korea University) |
1 | Vulnerability Quick View Report, Available at https://pages.riskbasedsecurity.com/2018-midyear-vulnerability-quickview-report. |
2 | Locked Shields, Available at https://ccdcoe.org/exercises/locked-shields. |
3 | CYBERGYM, Available at https://www.cybergym.com. |
4 | CALDERA, Available at https://www.mitre.org/research/technology-transfer/open-source-software/caldera. |
5 | MITRE ATT&CK, Available at https://attack.mitre.org. |
6 | European Network and Information Security Agency, Available at https://www.enisa.europa.eu. |
7 | Asia Pacific Computer Emergency Response Team, Available at https://www.apcert.org. |
8 | Z. C. Schreuders, T. Shaw, M. Shan-A-Khuda, G. Ravichandran, J. Keighley, and M. Ordean, "Security Scenario Generator (SecGen): A Framework for Generating Randomly Vulnerable Rich-scenario VMs for Learning Computer Security and Hosting CTF Events," In 2017 USENIX Workshop on Advances in Security Education (ASE 17). |
9 | P. Passeri, A year of cyber attacks, Available at https://www.hackmageddon.com/2019/01/15/2018-a-year-of-cyber-attacks. |
10 | J. Mirkovic, G. Bartlett, and J. Blythe, "DEW: Distributed Experiment Workflows," In 11th USENIX Workshop on Cyber Security Experimentation and Test (CSET 18). |
11 | S. Wi, J. Choi, and S. K. Cha, "Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition," In 2018 USENIX Workshop on Advances in Security Education (ASE 18). |
12 | E. Trickel, F. Disperati, E. Gustafson, F. Kalantari, M. Mabey, N. Tiwari, Y. Safaei, A. Doupe, and G. Vigna, "Shell We Play A Game? CTF-as-a-service for Security Education," In 2017 USENIX Workshop on Advances in Security Education (ASE 17). |