Simulation in Cybersecurity: Understanding Techniques, Applications, and Goals

TL;DR

This paper provides a comprehensive review of simulation techniques in cybersecurity, categorizing applications, threats, and goals to better understand methodological trends and identify suitable approaches for various cybersecurity challenges.

Contribution

It offers a broad classification and analysis of existing simulation methods in cybersecurity, addressing gaps left by previous domain-specific reviews.

Findings

Simulation is used across diverse cybersecurity domains.

Different modeling paradigms suit specific cyber threats.

The review highlights strengths and limitations of current approaches.

Abstract

Modeling and simulation are widely used in cybersecurity research to assess cyber threats, evaluate defense mechanisms, and analyze vulnerabilities. However, the diversity of application areas, the variety of cyberattacks scenarios, and the differing objectives of these simulations makes it difficult to identify methodological trends. Existing reviews often focus on specific modeling techniques or application domains, making it challenging to analyze the field as a whole. To address these limitations, we present a comprehensive review of the current state of the art, classifying the selected papers based on four dimensions: the application domain, the types of cyber threats represented, the simulation techniques employed, and the primary goals of the simulation. The review discusses the strengths and limitations of different approaches, identifies which cyber threats are the most suited for simulation-based investigations, and analyzes which modeling paradigms are most appropriate for specific cybersecurity challenges.