Realistic simulation of users for IT systems in cyber ranges
Alexandre Dey (IRISA), Benjamin Cost\'e, \'Eric Totel, Adrien B\'ecue
TL;DR
This paper presents a method for realistic user activity simulation in cyber ranges by instrumenting machines with adaptive agents and using conditional text generation to create coherent scenarios, enhancing security evaluation and attacker analysis.
Contribution
It introduces a novel external agent combining deterministic and deep learning methods for environment adaptation and employs conditional text generation for scenario creation.
Findings
Effective user activity simulation across different OS and software versions.
High-performance adaptive agents for cyber range environments.
Coherent scenario generation through conditional text models.
Abstract
Generating user activity is a key capability for both evaluating security monitoring tools as well as improving the credibility of attacker analysis platforms (e.g., honeynets). In this paper, to generate this activity, we instrument each machine by means of an external agent. This agent combines both deterministic and deep learning based methods to adapt to different environment (e.g., multiple OS, software versions, etc.), while maintaining high performances. We also propose conditional text generation models to facilitate the creation of conversations and documents to accelerate the definition of coherent, system-wide, life scenarios.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsNetwork Security and Intrusion Detection · Digital and Cyber Forensics · Topic Modeling