Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Representing attacks in a cyber range
Linköping University, Department of Computer and Information Science, Software and Systems.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
Representation av attacker i en cyber range (Swedish)
Abstract [en]

Trained security experts can be a mitigating factor to sophisticated cyberattacks that aim to violate the confidentiality, integrity, and availability of information. Reproducible sessions in a safe training environment is an effective way of increasing the excellence of security experts. One approach to achieving this is by using cyber ranges, which essentially is a set of hardware nodes that can virtually represent a large organization or system. The Swedish Defense Research Agency (FOI) develops and maintains a fully functioning cyber range and has the ability to automatically deploy sophisticated attacks against organizations and systems represented in this cyber range through a system called SVED.

In this thesis, the capability to deploy different types of cyberattacks through SVED against virtual organizations in a cyber range, CRATE, is investigated. This is done by building a dataset of publicly disclosed security incidents from a database and attempting to represent each of them in SVED, and subsequently instantiating these attack representations against organizations in CRATE.

The results show that the prevalence of at least one CVE-entry (Common Vulnerabilities and Exposures) in the incident description is a key factor to be able to represent an attack in SVED. When such an entry does exist, SVED is likely able to implement a representation of the attack. However, for certain type of attacks a CVE-entry is not enough to determine how an attack was carried out, which is why some attacks are harder to implement in SVED. This was the case for Denial of Service (DoS) attacks, which are too reliant on infrastructure rather than one or more vulnerabilities, and SQL injections, which are more reliant on the implementation of database access.

Finally, CRATE is able to handle almost all attacks implemented in SVED, given that the correct vulnerable application software is installed on at least one machine in one of the organizations in CRATE.

Place, publisher, year, edition, pages
2019. , p. 37
Keywords [en]
it-security, cyber range, information security, penetration testing, SVED, CRATE
Keywords [sv]
cyber range, it-säkerhet, informationssäkerherhet, penetrationstestning, SVED, CRATE
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:liu:diva-159838ISRN: LIU-IDA/LITH-EX-A--19/042--SEOAI: oai:DiVA.org:liu-159838DiVA, id: diva2:1345407
External cooperation
Totalförsvarets Forskningsinstitut, FOI
Subject / course
Computer Engineering
Presentation
2019-06-14, Allen Newell, Linköping, 10:15 (English)
Supervisors
Examiners
Available from: 2019-08-26 Created: 2019-08-23 Last updated: 2019-08-27Bibliographically approved

Open Access in DiVA

fulltext(612 kB)30 downloads
File information
File name FULLTEXT01.pdfFile size 612 kBChecksum SHA-512
41a4f25fbedb764e0be25ff16e1333a306978d122dbbeb8e2fdbd5f09bb753f60ee2595b52684579efdf795a4879e584d693774c83a8aa09035de74693f1e814
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Hätty, Niklas
By organisation
Software and Systems
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar
Total: 30 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 121 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf