Browse > Article
http://dx.doi.org/10.9708/jksci.2020.25.03.065

Design and Implementation of Cyber Attack Simulator based on Attack Techniques Modeling  

Kang, Yong Goo (Graduate School of Information Security, Korea University)
Yoo, Jeong Do (Graduate School of Information Security, Korea University)
Park, Eunji (Graduate School of Information Security, Korea University)
Kim, Dong Hwa (The 2nd R&D Institute, Agency for Defense Development)
Kim, Huy Kang (Graduate School of Information Security, Korea University)
Abstract
With the development of information technology and the growth of the scale of system and network, cyber threats and crimes continue to increase. To cope with these threats, cybersecurity training based on actual attacks and defenses is required. However, cybersecurity training requires expert analysis and attack performance, which is inefficient in terms of cost and time. In this paper, we propose a cyber attack simulator that automatically executes attack techniques. This simulator generates attack scenarios by combining attack techniques modeled to be implemented and executes the attack by sequentially executing the derived scenarios. In order to verify the effectiveness of the proposed attack simulator, we experimented by setting an example attack goal and scenarios in a real environment. The attack simulator successfully performed five attack techniques to gain administrator privileges.
Keywords
Cybersecurity; Security Training; Modeling; Automation; Simulation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Vulnerability Quick View Report, Available at https://pages.riskbasedsecurity.com/2018-midyear-vulnerability-quickview-report.
2 Locked Shields, Available at https://ccdcoe.org/exercises/locked-shields.
3 CYBERGYM, Available at https://www.cybergym.com.
4 CALDERA, Available at https://www.mitre.org/research/technology-transfer/open-source-software/caldera.
5 MITRE ATT&CK, Available at https://attack.mitre.org.
6 European Network and Information Security Agency, Available at https://www.enisa.europa.eu.
7 Asia Pacific Computer Emergency Response Team, Available at https://www.apcert.org.
8 Z. C. Schreuders, T. Shaw, M. Shan-A-Khuda, G. Ravichandran, J. Keighley, and M. Ordean, "Security Scenario Generator (SecGen): A Framework for Generating Randomly Vulnerable Rich-scenario VMs for Learning Computer Security and Hosting CTF Events," In 2017 USENIX Workshop on Advances in Security Education (ASE 17).
9 P. Passeri, A year of cyber attacks, Available at https://www.hackmageddon.com/2019/01/15/2018-a-year-of-cyber-attacks.
10 J. Mirkovic, G. Bartlett, and J. Blythe, "DEW: Distributed Experiment Workflows," In 11th USENIX Workshop on Cyber Security Experimentation and Test (CSET 18).
11 S. Wi, J. Choi, and S. K. Cha, "Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition," In 2018 USENIX Workshop on Advances in Security Education (ASE 18).
12 E. Trickel, F. Disperati, E. Gustafson, F. Kalantari, M. Mabey, N. Tiwari, Y. Safaei, A. Doupe, and G. Vigna, "Shell We Play A Game? CTF-as-a-service for Security Education," In 2017 USENIX Workshop on Advances in Security Education (ASE 17).