Abstract
The world faces cyberattacks daily and the targets of these attacks are often critical infrastructure, including the healthcare sector. In addition, more than half of cybersecurity professionals lack the necessary knowledge to deploy the relevant countermeasures to these attacks. In this regard, there is no doubt that education and training in cybersecurity are essential to defend technological assets. That is why, in this context, it is easy to understand that Cyber Ranges play a crucial role since these tools provide the user with a hyper-realistic experience for quality training. Thanks to attack simulators, commonly Advanced Persistent Threats (APT) generators, those realistic defensive cyberexercises can be performed. To implement these components, a behavioral matrix is needed, marking the different stages used by a cybersecurity expert during an attack, e.g. reconnaissance, explotation, data exfiltration, etc. Since bringing the current methodologies to a hyper-realistic production environment is an inordinate challenge, a novel matrix will be designed from simulation environments for training. This new methodology will compact dependent phases and simplify similar stages to automatically. Furthermore, the contribution contains a logic that increases the reality of the attacks. Finally, a proof of concept is made to evaluate the purposes the contribution purses.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
References
Viewpoint: For stronger tech, Europe must spend more on defence and research. https://sciencebusiness.net/viewpoint/Sovereignty/stronger-tech-europe-must-spend-more-defence-and-research. Accessed 20 Apr 2023
López Martínez, A., Gil Pérez, M., Ruiz-Martínez, A.: A comprehensive review of the state-of-the-art on security and privacy issues in healthcare. ACM Comput. Surv. 55(12) (2023). https://doi.org/10.1145/3571156
Cavaliere, G.A., Alfalasi, R., Jasani, G.N., Ciottone, G.R., Lawner, B.J.: Terrorist attacks against healthcare facilities: a review. Health Secur. 19(5), 546–550 (2021)
Newaz, A.I., Sikder, A.K., Rahman, M.A., Uluagac, A.S.: A survey on security and privacy issues in modern healthcare systems: attacks and defenses. ACM Trans. Comput. Healthc. 2(3), 1–44 (2021)
Vishnu, S., Ramson, S.J., Jegan, R.: Internet of medical things (IoMT) - an overview. In: 2020 5th International Conference on Devices, Circuits and Systems (ICDCS), pp. 101–104 (2020)
Razaque, A., et al.: Survey: cybersecurity vulnerabilities, attacks and solutions in the medical domain. IEEE Access 7, 168774–168797 (2019)
Fatima, A., et al.: Impact and research challenges of penetrating testing and vulnerability assessment on network threat. In: 2023 International Conference on Business Analytics for Technology and Security (ICBATS), pp. 1–8 (2023)
Vats, P., Mandot, M., Gosain, A.: A comprehensive literature review of penetration testing & its applications. In: 2020 8th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), pp. 674–680 (2020)
Nespoli, P., Albaladejo-González, M., Pastor Valera, J.A., Ruipérez-Valiente, J.A., Gómez Mármol, F.: Capacidades avanzadas de simulación y evaluación con elementos de gamificación. In: VII Jornadas Nacionales de Investigación en Ciberseguridad (JNIC 2022), pp. 55–62 (2022)
World Economic Forum: WEF global cybersecurity outlook 2022. World Economic Forum, Technical Report (2022). https://www3.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2022.pdf
Nespoli, P., Papamartzivanos, D., Gómez Mármol, F., Kambourakis, G.: Optimal countermeasures selection against cyber attacks: a comprehensive survey on reaction frameworks. IEEE Commun. Surv. Tutor. 20(2), 1361–1396 (2018)
Stefinko, Y., Piskozub, A., Banakh, R.: Manual and automated penetration testing. Benefits and drawbacks. Modern tendency. In: 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), pp. 488–491 (2016)
**ong, W., Legrand, E., Åberg, O., Lagerström, R.: Cyber security threat modeling based on the MITRE enterprise ATT &CK matrix. Softw. Syst. Model. 21(1), 157–177 (2022)
Yadav, T., Rao, A.M.: Technical aspects of cyber kill chain. In: Abawajy, J.H., Mukherjea, S., Thampi, S.M., Ruiz-Martínez, A. (eds.) SSCC 2015. CCIS, vol. 536, pp. 438–452. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-22915-7_40
Castaño, C.P.: Hacktricks. https://book.hacktricks.xyz/welcome/readme. Accessed 26 Apr 2023
Richards, C.: Boyd’s ooda loop (2020)
Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure, Sunnyvale (2009)
Kennedy, D., O’Gorman, J., Kearns, D., Aharoni, M.: Metasploit: The Penetration Tester’s Guide, 1st edn. No Starch Press, USA (2011)
Polop, C.: Peass-ng (2023). https://github.com/carlospolop/PEASS-ng
Kurant, M., Markopoulou, A., Thiran, P.: On the bias of BFS (breadth first search). In: 2010 22nd International Teletraffic Congress (lTC 22), pp. 1–8 (2010)
sshuttle: Sshuttle (2023). https://github.com/sshuttle/sshuttle
Alford, R., Lawrence, D., Kouremetis, M.: Caldera: a red-blue cyber operations automation platform. In: Proceedings of the 32nd International Conference on Automated Planning and Scheduling, 13–24 June 2022 (2022)
Acknowledgments
This work has been partially funded by the Spanish Ministry of Universities linked to the European Union through the NextGenerationEU programme, from the postdoctoral grant Margarita Salas (172/MSJD/22), and from the strategic project CDL-TALENTUM from the Spanish National Institute of Cybersecurity (INCIBE) and by the Recovery, Transformation and Resilience Plan, NextGenerationEU. Authors acknowledge as well support from the CybAlliance project (Grant no. 337316).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Sánchez, P.M., Nespoli, P., Alfaro, J.G., Mármol, F.G. (2024). Methodology for Automating Attacking Agents in Cyber Range Training Platforms. In: Abie, H., Gkioulos, V., Katsikas, S., Pirbhulal, S. (eds) Secure and Resilient Digital Transformation of Healthcare. SUNRISE 2023. Communications in Computer and Information Science, vol 1884. Springer, Cham. https://doi.org/10.1007/978-3-031-55829-0_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-55829-0_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-55828-3
Online ISBN: 978-3-031-55829-0
eBook Packages: Computer ScienceComputer Science (R0)