[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.9708/jksci.2020.25.09.071

Automated Cyber Threat Emulation Based on ATT&CK for Cyber Security Training

Kim, Donghwa (Dept. of Computer and Radio Communications Engineering, Korea University)
Kim, Yonghyun (The 2nd R&D Institute, Agency for Defense Development)
Ahn, Myung-Kil (School of Electrical and Electronics Engineering, Chung-Ang University)
Lee, Heejo (Dept. of Computer Science and Engineering, Korea University)

Publication Information

Journal of the Korea Society of Computer and Information / v.25, no.9, 2020 , pp. 71-80 More about this Journal

Abstract

As societies become hyperconnected, we need more cyber security experts. To this end, in this paper, based on the analysis results of the real world cyber attacks and the MITRE ATT&CK framework, we developed CyTEA that can model cyber threats and generate simulated cyber threats in a cyber security training system. In order to confirm whether the simulated cyber threat has the effectiveness of the actual cyber threat level, the simulation level was examined based on procedural, environmental, and consequential similarities. in addition, it was confirmed that the actual defense training using cyber simulation threats is the same as the expected defense training when using real cyber threats in the cyber security training system.

Keywords

Red team emulation; cyber range; ATT&CK; Operation Dust Storm; threat emulation;

Citations & Related Records

Times Cited By KSCI : 4 (Citation Analysis)

Reference
Cited By KSCI

1	Hong, Suyoun, Kwangsoo Kim, and Taekyu Kim. "The Design and Implementation of Simulated Threat Generator based on MITRE ATT&CK for Cyber Warfare Training." Journal of the Korea Institute of Military Science and Technology Vol. 22, No. 6, pp. 797-805, Nov. 2019 DOI
2	Hyunjin Lee, Youngu Kim, Myung Kil Ahn, "Method for Cyber Attack Scenario Composition using MITRE ATT&CK", Annual Conference of IEIE 2020, Vol 42, pp. 1103-1104, Jeju, Korea, Jun. 2019
3	D. H Kim, Y. H. Kim, W. S. Cho, D. S. Kim, J. Y. Kim, Y. H. Kim, M. K. Ahn, C. W. Lee, D. H. Lee, "Software Design Description(SDD) for LVT of Cyber warfare Modeling Technology using LVC(CMT)", Agency for Defense Development, 314pages, 2017
4	Strom, B. E., Applebaum, A., Miller, D. P., Nickels, K. C., Pennington, A. G., & Thomas, C. B. (2018). Mitre att&ck: Design and philosophy. Technical report.
5	ATT&CK framework, https://attack.mitre.org/
6	Cyber attack group, https://attack.mitre.org/groups/
7	Cross, J. "Operation Dust Storm, Feb. 2016
8	Bruskin S., Zilberman P., Puzis R., Shwarz S., "SoK: A Survey of Open Source Threat Emulators", arxiv preprint arXiv:2003.01518, 2020
9	Red Team Automation, https://github.com/endgameinc/RTA
10	Lee, J.Y., Moon, D.S., Kim, I.K., "Technological Trends in Cyber Attack Simulations", Electronics and Telecommunications Trends, 35(1), pp. 34-48, 2020 DOI
11	Andy Applebaum, Doug Miller, Blake Strom, Chris Korban, and Orss Wolf, "Intelligent, Automated Red Team Emulation", In Proceedings of the 32nd Annual Conference on Computer Security Applications, ACSAC '16, pp 363-373, 2016
12	Atomic Red Team, https://atomicredteam.io/
13	Ferguson, Bernard, Anne Tall, and Denise Olsen, "National cyber range overview", In 2014 IEEE Military Communications Conference, pp. 123-128, IEEE, 2014
14	Pham, Cuong, Dat Tang, Ken-ichi Chinen, and Razvan Beuran, "Cyris: A cyber range instantiation system for facilitating security training.", In Proceedings of the Seventh Symposium on Information and Communication Technology, pp. 251-258, 2016
15	Yoo, J. D., Park, E., Lee, G., Ahn, M. K., Kim, D., Seo, S., & Kim, H. K. "Cyber Attack and Defense Emulation Agents", Applied Sciences, 10(6), 2140, 2020 DOI
16	AttackIQ, https://attackiq.com/
17	Cymulate, https://cymulate.com/