SpringerLink
Log in

Methodology for Automating Attacking Agents in Cyber Range Training Platforms

  • Conference paper
  • First Online:
Secure and Resilient Digital Transformation of Healthcare (SUNRISE 2023)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1884))

  • 75 Accesses

Abstract

The world faces cyberattacks daily and the targets of these attacks are often critical infrastructure, including the healthcare sector. In addition, more than half of cybersecurity professionals lack the necessary knowledge to deploy the relevant countermeasures to these attacks. In this regard, there is no doubt that education and training in cybersecurity are essential to defend technological assets. That is why, in this context, it is easy to understand that Cyber Ranges play a crucial role since these tools provide the user with a hyper-realistic experience for quality training. Thanks to attack simulators, commonly Advanced Persistent Threats (APT) generators, those realistic defensive cyberexercises can be performed. To implement these components, a behavioral matrix is needed, marking the different stages used by a cybersecurity expert during an attack, e.g. reconnaissance, explotation, data exfiltration, etc. Since bringing the current methodologies to a hyper-realistic production environment is an inordinate challenge, a novel matrix will be designed from simulation environments for training. This new methodology will compact dependent phases and simplify similar stages to automatically. Furthermore, the contribution contains a logic that increases the reality of the attacks. Finally, a proof of concept is made to evaluate the purposes the contribution purses.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
EUR 29.95
Price includes VAT (Germany)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 50.28
Price includes VAT (Germany)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 64.19
Price includes VAT (Germany)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://atomicredteam.io/.

References

  1. Viewpoint: For stronger tech, Europe must spend more on defence and research. https://sciencebusiness.net/viewpoint/Sovereignty/stronger-tech-europe-must-spend-more-defence-and-research. Accessed 20 Apr 2023

  2. López Martínez, A., Gil Pérez, M., Ruiz-Martínez, A.: A comprehensive review of the state-of-the-art on security and privacy issues in healthcare. ACM Comput. Surv. 55(12) (2023). https://doi.org/10.1145/3571156

  3. Cavaliere, G.A., Alfalasi, R., Jasani, G.N., Ciottone, G.R., Lawner, B.J.: Terrorist attacks against healthcare facilities: a review. Health Secur. 19(5), 546–550 (2021)

    Article  Google Scholar 

  4. Newaz, A.I., Sikder, A.K., Rahman, M.A., Uluagac, A.S.: A survey on security and privacy issues in modern healthcare systems: attacks and defenses. ACM Trans. Comput. Healthc. 2(3), 1–44 (2021)

    Article  Google Scholar 

  5. Vishnu, S., Ramson, S.J., Jegan, R.: Internet of medical things (IoMT) - an overview. In: 2020 5th International Conference on Devices, Circuits and Systems (ICDCS), pp. 101–104 (2020)

    Google Scholar 

  6. Razaque, A., et al.: Survey: cybersecurity vulnerabilities, attacks and solutions in the medical domain. IEEE Access 7, 168774–168797 (2019)

    Article  Google Scholar 

  7. Fatima, A., et al.: Impact and research challenges of penetrating testing and vulnerability assessment on network threat. In: 2023 International Conference on Business Analytics for Technology and Security (ICBATS), pp. 1–8 (2023)

    Google Scholar 

  8. Vats, P., Mandot, M., Gosain, A.: A comprehensive literature review of penetration testing & its applications. In: 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), pp. 674–680 (2020)

    Google Scholar 

  9. Nespoli, P., Albaladejo-González, M., Pastor Valera, J.A., Ruipérez-Valiente, J.A., Gómez Mármol, F.: Capacidades avanzadas de simulación y evaluación con elementos de gamificación. In: VII Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2022), pp. 55–62 (2022)

    Google Scholar 

  10. World Economic Forum: WEF global cybersecurity outlook 2022. World Economic Forum, Technical Report (2022). https://www3.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2022.pdf

  11. Nespoli, P., Papamartzivanos, D., Gómez Mármol, F., Kambourakis, G.: Optimal countermeasures selection against cyber attacks: a comprehensive survey on reaction frameworks. IEEE Commun. Surv. Tutor. 20(2), 1361–1396 (2018)

    Google Scholar 

  12. Stefinko, Y., Piskozub, A., Banakh, R.: Manual and automated penetration testing. Benefits and drawbacks. Modern tendency. In: 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), pp. 488–491 (2016)

    Google Scholar 

  13. **ong, W., Legrand, E., Åberg, O., Lagerström, R.: Cyber security threat modeling based on the MITRE enterprise ATT &CK matrix. Softw. Syst. Model. 21(1), 157–177 (2022)

    Article  Google Scholar 

  14. Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 438–452. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_40

    Chapter  Google Scholar 

  15. Castaño, C.P.: Hacktricks. https://book.hacktricks.xyz/welcome/readme. Accessed 26 Apr 2023

  16. Richards, C.: Boyd’s ooda loop (2020)

    Google Scholar 

  17. Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure, Sunnyvale (2009)

    Google Scholar 

  18. Kennedy, D., O’Gorman, J., Kearns, D., Aharoni, M.: Metasploit: The Penetration Tester’s Guide, 1st edn. No Starch Press, USA (2011)

    Google Scholar 

  19. Polop, C.: Peass-ng (2023). https://github.com/carlospolop/PEASS-ng

  20. Kurant, M., Markopoulou, A., Thiran, P.: On the bias of BFS (breadth first search). In: 2010 22nd International Teletraffic Congress (lTC 22), pp. 1–8 (2010)

    Google Scholar 

  21. sshuttle: Sshuttle (2023). https://github.com/sshuttle/sshuttle

  22. Alford, R., Lawrence, D., Kouremetis, M.: Caldera: a red-blue cyber operations automation platform. In: Proceedings of the 32nd International Conference on Automated Planning and Scheduling, 13–24 June 2022 (2022)

    Google Scholar 

Download references

Acknowledgments

This work has been partially funded by the Spanish Ministry of Universities linked to the European Union through the NextGenerationEU programme, from the postdoctoral grant Margarita Salas (172/MSJD/22), and from the strategic project CDL-TALENTUM from the Spanish National Institute of Cybersecurity (INCIBE) and by the Recovery, Transformation and Resilience Plan, NextGenerationEU. Authors acknowledge as well support from the CybAlliance project (Grant no. 337316).

Author information

Authors and Affiliations

  1. Department of Information and Communications Engineering, University of Murcia, 30100, Murcia, Spain

    Pablo Martínez Sánchez, Pantaleone Nespoli & Félix Gómez Mármol

  2. SAMOVAR, Télécom SudParis, Institut Polytechnique de Paris, 19 place Marguerite Perey, 91120, Palaiseau, France

    Pantaleone Nespoli & Joaquín García Alfaro

Authors
  1. Pablo Martínez Sánchez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pantaleone Nespoli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Joaquín García Alfaro
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Félix Gómez Mármol
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pantaleone Nespoli .

Editor information

Editors and Affiliations

  1. Norwegian Computing Center, Oslo, Norway

    Habtamu Abie

  2. Norwegian University of Science and Technology, Gjøvik, Norway

    Vasileios Gkioulos

  3. Norwegian University of Science and Technology, Gjøvik, Norway

    Sokratis Katsikas

  4. Norwegian Computing Center, Oslo, Norway

    Sandeep Pirbhulal

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sánchez, P.M., Nespoli, P., Alfaro, J.G., Mármol, F.G. (2024). Methodology for Automating Attacking Agents in Cyber Range Training Platforms. In: Abie, H., Gkioulos, V., Katsikas, S., Pirbhulal, S. (eds) Secure and Resilient Digital Transformation of Healthcare. SUNRISE 2023. Communications in Computer and Information Science, vol 1884. Springer, Cham. https://doi.org/10.1007/978-3-031-55829-0_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-55829-0_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-55828-3

  • Online ISBN: 978-3-031-55829-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation