Design and Implementation of Cyber Range for Cyber Defense Exercise Based on Cyber Crisis Alert
![]() |
Choi, Younghan
(Cyber Security Training and Exercise Center)
Jang, Insook (Cyber Security Training and Exercise Center) Whoang, Inteck (Cyber Security Training and Exercise Center) Kim, Taeghyoon (Cyber Security Training and Exercise Center) Hong, Soonjwa (Cyber Security Training and Exercise Center) Park, Insung (Cyber Security Training and Exercise Center) Yang, Jinsoek (Cyber Security Training and Exercise Center) Kwon, Yeongjae (Cyber Security Training and Exercise Center) Kang, Jungmin (Cyber Security Training and Exercise Center) |
1 | National Cyber Security Center, "Cyber Crisis Alert," https://www.nis.go.kr: 4016/AF/1_7_1_1/list.do |
2 | D. Bodeau and R. Graubart, "Cyber resiliency design principles," 17-0103, MITRE, 2017. |
3 | J. Davis and S. Magrath, "A survey of cyber ranges and testbeds", DSTO-GD-0771, Cyber Electronic Warfare Division, 2013. |
4 | P.W. Tsai, F. Piccialli, C.W. Tsai, M.Y. Luo, and C.S. Yang, "Control framework in network emulation testbeds: A survey," Journal of Computer Science, vol. 22, pp. 148-161, Sep. 2017. DOI |
5 | K. Hara, "Cyber range CYBERIUM for training security meisters to deal with cyber attacks," Fujitsu Scientific & Technical Journal, vol. 55, no. 5, pp. 59-63, 2019. |
6 | Florida Cyber Range, https://floridacyberrange.org/ |
7 | Circadence Cyber Range, https://www.circadence.com/ |
8 | Cyber Warfare Range, https://www.azcwr.org/ |
9 | Airbus, "CyberRange," https://airbus-cyber-security.com/products-and-services/prevent/cyberrange/ |
10 | Medium, "AWS cyber range," https://medium.com/aws-cyber-range |
11 | P. Qiu, "Cisco cyber range", 2016. |
12 | Keysight, "Cyber-range services", https://www.keysight.com/us/en/products/services/network-security-services/cyber-range-services.html |
13 | SimSpace, "SimSpace cyber range", 2015 Annual Computer Security Applications Conference, Dec. 2015. |
14 | CyberCENTS, "CENTS," https://cybercents.com/ |
15 | R. Chadha, T. Bowen, Y.J. C.J. Chiang, Y.M. Gottlieb, A.Poylisher, A. Sapello, C. Serban, S. Sugrim, G. Walther, L.M. Marvel, E.A. Newcomb, and J. Santos, "CyberVAN: A cyber security virtual assured network testbed", Proceedings of 2016 IEEE Military Communications Conference, Nov. 2016. |
16 | Raytheon Technologies, "Cyber range," https://www.raytheon.com/cyber/capabilities/range |
17 | M.M. Yamin, B. Katt, and V. Gkioulos, "Cyber ranges and security testbeds: Scenarios, functions, tools and architecture," Computer & Security, vol. 88, pp. 1-26, Jan. 2020. |
18 | D.B. Fox, C.D. McCollum, E.I. Arnoth, and D.J. Mak, "Cyber wargaming: Framework for enhancing cyber wargaming with realistic business context," 16-J-00184-04, HSSEDI, Aug. 2018. |
19 | I. Priyadarshini, "Features and architecture of the modern cyber range: A qualitative analysis and survey," Master Thesis, University of Delaware, Sep. 2018. |
20 | E.C. Chaskos, "Cyber-security training: A comparative analysis of cyber-ranges and emerging trends," Master Thesis, National and Kapodistrian University of Athens, Mar. 2019. |
21 | Virginia Cyber Range, https://www.virginiacyberrange.org |
22 | Regent University, "Science, technology, engineering & math," https://www.regent.edu/programs/academicdegrees/science-technology-engineering-math/ |
23 | Wayne State University, "Wayne cyber range hub," https://wayne.edu/educationaloutreach/cyber-range/ |
24 | F. Dickson and P. Goodwin, "Five key technologies for enabling a Cyber-resilience framework," US45455119, IBM, 2019. |
25 | University of Central Arkansas, "Cyber range," https://nicerc.org/arcybersecurity/ |
26 | Georgia Cyber Center, "Cyber range," https://www.gacybercenter.org/services/cyber-range/ |
27 | GeorgiaCyber, "kinetic system," https://github.com/GeorgiaCyber/kinetic |
28 | V. Giuliano and V. Formicola, "ICSrange: A simulation-based cyber range platform for industrial control systems," Proceedings of the 15th European Dependable Computing Conference, 2019. |
29 | Cyberbit, "Cyber range," https://www.cyberbit.com/solutions/cyber-range/ |
30 | A. Ashok, S. Krishnaswamy, and M. Govindarasu, "PowerCyber: A remotely accessible testbed for cyber physical security of the smart grid," Proceedings of 2016 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference, Sep. 2016. |
31 | OpenStack, https://www.openstack.org |
32 | A.F. Browne, S. Watson, and W.B. Williams, "Development of an architecture for a cyber-physical emulation test range for network security testing," IEEE Access, vol. 6, pp. 73273-73279, Nov. 2018. DOI |
33 | C. Javali and G. Revadigar, "Network web traffic generator for cyber range exercises," Proceedings of IEEE 44th Conference on Local Computer Networks, 2019. |
34 | G. Kavallierators, S.K. Katsikas, and V. Katsikas, "Towards a cyber-physical range," Proceedings of the 5th on Cyber-Physical System Security Workshop, pp. 25-34, Jul. 2019. |
35 | VMware, "vSphere," https://www.vmware.com/products/vsphere.html |
36 | KVM, https://www.linux-kvm.org/page/Main_Page |
37 | Amazon Web Service, https://aws.amazon.com |
38 | Azure, https://azure.microsoft.com |
39 | A.S. Raj, B. Alangot, S. Prabhu, and K. Achuthan, "Scalable and lightweight CTF infrastructures using application containers," Proceedings of 2016 USENIX Workshop on Advances in Security Education, pp. 1-8, Aug. 2016. |
40 | DEFCON, https://www.defcon.org |
41 | A.K. Amorin, B. Shekar, and C.L. AlAufi, "CloudWhip: A tool for provisioning cyber security labs in the amazon cloud," Proceedings of 2014 International Conference on Security and Management, 2014. |
42 | C. Pham, D. Tang, K.I. Chinen, and R. Beuran, "CyRIS: A cyber range instantiation system for facilitating security testing," Proceedings of the 7th International Symposium on Information and Communication Technology, pp. 251-258, Dec. 2016. |
43 | CROND, https://www.jaist.ac.jp/misc/crond/achievements-en.html |
44 | R. Beuran, D. Tang, C. Pham, K.I. Chinen, Y. Tan, and Y. Shinoda, "Integrated framework for hands-on cybersecurity training: CyTrONE," Computers and Security, vol. 78, pp. 43-59, Sep. 2018. DOI |
45 | I.D. Alvarenga, M.B. Duarte, "RIO: A denial of service experimentation platform in a future internet testbed," Proceedings of 7th International Conference on the Network of the Future, Jan. 2016. |
46 | Z. Tian, Y. Cui, L. An, S. Su, X. Yin, L. Yin and X. Cui, "A real-time correlation of host-level events in cyber range service for smart campus," IEEE Access, vol. 6, 35355-35364, Jun. 2018. DOI |
47 | Norwich University Applied Research Institutes, "DECIDE Platform," https://nuari.net/ |
48 | P. Celeda, J. Cegan, J. Vykopal, and D. Tovarnak, "KYPO - A platform for cyber defense exercise," STO-MP-MSG-133, NATO Science and Technology Organization, 2015. |
49 | J. Vykopal, R. Oslejsek, P. Celeda, M. Vizvary, and D. Tovarnak "KYPO cyber range: Design and use cases," Proceedings of 12th International Conference on Software Technologies, 2017. |
50 | J.S. Kim, Y.J. Maeng, and M.S. Jang, "Becoming invisible hands of national live-fire attack-defense cyber exercise," Proceedings of 2019 IEEE European Symposium on Security and Privacy Workshops, pp. 77-84, Jun. 2019. |
51 | R. Beuran, T. Inoue, Y. Tan, and Y. Shinoda, "Realistic cybersecurity training via scenario progression management," Proceedings of 2019 IEEE European Symposium on Security and Privacy Workshops, pp. 67-76, Jun. 2019. |
52 | M. Pihelgas, "Design and implementation of an availability scoring system for cyber defense exercises," Proceedings of the 14th International Conference on Cyber Warfare and Security, pp. 329-337, Feb. 2019. |
53 | E. Trickel, F. Disperati, E. Gustafson, F. Kalantari, M. Mabey, N. Tiwari, Y. Safaei, A. Doupe, and G. Vigna, "Shall we play a game? CTF-as-a-service for security education," Proceedings of 2017 USENIX Workshop on Advances in Security Education, pp. 1-10, Aug. 2017. |
54 | J. Yuen, "Automated cyber red teaming," DSTO-TN-1420, Australian Government Department of Defence, Apr. 2015. |
55 | A. Applebaum, D. Miller, B. Strom, C. Korban, and R.Wolf, "Intelligent, automated red team emulation," Proceedings of the 32nd Annual Computer Security Applications Conference, pp. 363-373, Dec. 2016. |
56 | M. Andreolini, V.G. Colacino, M. Colajanni, and M. Marchetti, "A framework for the evaluation of trainee performance in cyber range exercises," Mobile Networks an Applications, vol. 25, no. 2, pp. 236-247, Dec. 2019. |
57 | National Security Agency, "Cyber Defense Exercise (CDX)," https://apps.nsa.gov/iaarchive/programs/cyber-defense-exercise/index.cfm |
58 | Cybersecurity & Infrastructure Security Agency, "Cyber Storm: Securing cyber space," https://www.cisa.gov/cyber-storm-securing-cyber-space |
59 | The NATO Cooperative Cyber Defence Centre of Excellence, "Locked Shields," https://ccdcoe.org/exercises/lockedshields/ |
60 | European Union Agency For Cybersecurity, "Cyber Europe 2020," https://www.enisa.europa.eu/topics/cyberexercises/cyber-europe-programme/cyber-europe-2020 |
61 | E. Seker and H.H. Ozbenli, "The concept of Cyber Defense Exercise (CDX): Planning, execution, evaluation," Proceedings of 2018 International Conference on Cyber Security and Protection of Digital Services, June 2018. |
62 | W.M. Petullo, K. Moses, B. Klimkowski, R. Hand and K. Olson, "The use of Cyber-Defense Exercises in undergraduate computing education," Proceedings of 2016 USENIX Workshop on Advances in Security Education, pp. 1-8, Aug. 2016. |
63 | N. Hatty, "Representing attacks in a cyber range," Mater Thesis, Linkoping University, Jun. 2019. |
64 | M. Rosenstein and F. Corvese, "A secure architecture for the range-level command and control system of a national cyber range testbed," Proceedings of the 5th USENIX Workshop on Cyber Security Experimentation and Test, pp. 1-9, Aug. 2012. |
65 | B.C. Ferguson and A. Tall, "National cyber range overview," Proceedings of 2014 IEEE Military Communications Conference, Oct. 2014. |
66 | Swedish Defence Research Agency, "CRATE, cyber range and training environment," https://www.foi.se/en/foi/resources/crate-cyber-range-andtraining-environment.html |
67 | Austrian Institute of Technology, "Cyber range & training," https://www.ait.ac.at/en/research-topics/cyber-security/cyber-range-training/ |
68 | M. Frank, M. Leitner, and T. Pahi, "Design considerations for cyber security testbeds: A case study on a cyber security testbed for education," Proceedings of 15th International Symposium on Dependable, Automatic and Secure Computing, pp. 38-46, Nov. 2017. |
69 | CybExer Technologies, "Cyber range platform," https://cybexer.com |
70 | silensec, "Cyber ranges," https://www.silensec.com/cyber-range |
71 | ThinkCyber, "Cyberium arena," https://www.thinkcyber.co.il/ |
72 | IBM, "X-force command cyber tactical operations center," https://www.ibm.com/security/services/managed-security-services/xforce-command-cyber-tactical-operations-center |
73 | Merit, "Cyber education training," https://www.merit.edu/security/training/ |
74 | Cybergym, https://www.cybergym.com |
75 | Baltimore Cyber, "Baltimore cyber's range," https://www.baltimorecyberange.com/copy-of-about |
76 | W. Newhouse, S. Keith, B. Scribner, and G. Witte, "National initiative for cybersecurity education (NICE) cybersecurity workforce framework," 800-181, NIST, Aug. 2017. |
77 | R. Ross, V. Pillitteri, R. Graubart, D. Bodeau, and R. Mcquaid, "Developing cyber resilient systems," 800-160, NIST, Nov. 2019. |
![]() |