Attack specification language: Domain specific language for dynamic training in cyber range

Sobia Arshad, Masoom Alam, Saif Al-Kuwari, Muhammad Haider Ali Khan

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Citations (Scopus)

Abstract

Cyber education development is a crucial issue considering the human resource and skill shortage in the current cybersecurity arena. A cyber range is a tried and tested hands-on training in cybersecurity education, providing threat simulation of various scenarios. However, the threat scenario development poses crucial challenges that hurt the learning process and trainee's engagement in training. Firstly, the threat scenarios are static and have limited applicability. Secondly, due to the lack of proper representation of procedures and training scenarios used in attacks, it is hard to recognize redundant procedures. We propose an Attack Specific Language (ASL) based on the Mitre ATTCK framework. It provides one representation for all threat scenarios. This language will give information about attack techniques in compact ways, which will streamline and automate the cyber range functions of threat and challenge execution. It will help identify and reduce redundancy. ASL will also provide training customization through dynamic threat execution, which will be trainee-aware and will consider the trainee's performance while executing scenarios. It will provide trainees, better engagement, and training experience.

Original languageEnglish
Title of host publicationProceedings of the 2021 IEEE Global Engineering Education Conference, EDUCON 2021
EditorsThomas Klinger, Christian Kollmitzer, Andreas Pester
PublisherIEEE Computer Society
Pages873-879
Number of pages7
ISBN (Electronic)9781728184784
DOIs
Publication statusPublished - 21 Apr 2021
Event2021 IEEE Global Engineering Education Conference, EDUCON 2021 - Vienna, Austria
Duration: 21 Apr 202123 Apr 2021

Publication series

NameIEEE Global Engineering Education Conference, EDUCON
Volume2021-April
ISSN (Print)2165-9559
ISSN (Electronic)2165-9567

Conference

Conference2021 IEEE Global Engineering Education Conference, EDUCON 2021
Country/TerritoryAustria
CityVienna
Period21/04/2123/04/21

Keywords

  • Cyber education
  • Cyber range
  • Domain language
  • Dynamic training method

Fingerprint

Dive into the research topics of 'Attack specification language: Domain specific language for dynamic training in cyber range'. Together they form a unique fingerprint.

Cite this