SETC: A Vulnerability Telemetry Collection Framework

TL;DR

SETC is an automated, configurable framework that generates reproducible vulnerability exploit data at scale, enhancing security research through scalable, customizable, and repeatable testing environments.

Contribution

Introduces SETC, a modular framework for automated vulnerability exploit data collection using containerized environments, improving scalability and reproducibility over manual methods.

Findings

Enables automated generation of diverse security telemetry.

Supports scalable and customizable vulnerability testing.

Facilitates advanced threat modeling and detection research.

Abstract

As emerging software vulnerabilities continuously threaten enterprises and Internet services, there is a critical need for improved security research capabilities. This paper introduces the Security Exploit Telemetry Collection (SETC) framework - an automated framework to generate reproducible vulnerability exploit data at scale for robust defensive security research. SETC deploys configurable environments to execute and record rich telemetry of vulnerability exploits within isolated containers. Exploits, vulnerable services, monitoring tools, and logging pipelines are defined via modular JSON configurations and deployed on demand. Compared to current manual processes, SETC enables automated, customizable, and repeatable vulnerability testing to produce diverse security telemetry. This research enables scalable exploit data generation to drive innovations in threat modeling, detection methods, analysis techniques, and remediation strategies. The capabilities of the framework are demonstrated through an example scenario. By addressing key barriers in security data generation, SETC represents a valuable platform to support impactful vulnerability and defensive security research.