Automated Generation of Cybersecurity Exercise Scenarios

TL;DR

This paper introduces an approach to automatically generate diverse cybersecurity scenarios for training, supported by open-source tools and a large dataset, enhancing practical cybersecurity education and testing.

Contribution

It presents a novel method for automated cybersecurity scenario generation, including a large dataset and open-source simulation tools, to improve training and evaluation.

Findings

Generated a large dataset of 100,000 scenarios with varied properties

Created open-source simulation and virtualization environments for exercises

Demonstrated the ability to produce scenarios with different sizes, scopes, and difficulties

Abstract

There is a growing need for cybersecurity professionals with practical knowledge and experience to meet societal needs and comply with new standards and regulations. At the same time, the advances in software technology and artificial intelligence point towards a future where software agents will play an important role in protecting the computer systems that are critical for society to function. The training and development of both humans and software agents requires the design and execution of cybersecurity exercises that differ in properties such as size, scope, objectives, difficultly, etc. Cybersecurity scenarios are critical for the operation of cybersecurity exercises as they describe the scope, context, operational environment and storyline of each exercise. In this work, we present an approach to automatically generate cybersecurity scenarios that model enterprise IT systems. Our approach is able to generate a large number of scenarios that differ in multiple criteria including size, scope, difficulty, complexity and diversity. We further release as open source: a simulation and a virtualization environment that can run cybersecurity exercises based on the generated scenarios and a dataset containing 100000 sample scenarios.