A step-by-step definition of a reference architecture for cyber ranges

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2024-11-21 DOI:10.1016/j.jisa.2024.103917

Vyron Kampourakis, Vasileios Gkioulos, Sokratis Katsikas

{"title":"A step-by-step definition of a reference architecture for cyber ranges","authors":"Vyron Kampourakis, Vasileios Gkioulos, Sokratis Katsikas","doi":"10.1016/j.jisa.2024.103917","DOIUrl":null,"url":null,"abstract":"<div><div>Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"88 ","pages":"Article 103917"},"PeriodicalIF":3.8000,"publicationDate":"2024-11-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002199","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.

查看原文本刊更多论文

逐步定义网络范围参考架构

在工业 5.0 时代到来之际，各组织已逐步将信息技术纳入其以往密不透风的运营技术架构中。然而，这种融合扩大了攻击面，敲响了防备的警钟。在这一方向上，网络范围（CR）作为一种有价值、有吸引力的解决方案应运而生，为加强整体网络安全立场提供了多样化的视角。然而，在试图根据最新准则定义网络靶场设计、开发、评估和运行的完整方法方面，还存在很大的文献空白。为了弥补这一不足，本研究首次引入了我们所知的总体性、细粒度的 CR 参考架构。为此，我们采用了三步系统化方法。首先，我们仔细研究当代指南，提取出一个抽象的架构模型，从结构上巩固 CR 参考架构的基础。然后，我们对现有 CR 的共同功能和能力进行渗透和精确定位，从而划定参考架构的功能和信息方面。最后，我们设计了一个评估公式，用于近似判断 CR 与最新技术的一致性。通过后一个步骤，我们提供了一种统一的方法来确定最合适的组件，以实现 CR 的结构、功能和信息方面。总体而言，这项工作可被视为实现 CR 统一化和标准化的一次尝试，因此预计它将为不同层面的多方利益相关者提供依据和参考点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.