TY - GEN
T1 - Attack specification language
T2 - 2021 IEEE Global Engineering Education Conference, EDUCON 2021
AU - Arshad, Sobia
AU - Alam, Masoom
AU - Al-Kuwari, Saif
AU - Khan, Muhammad Haider Ali
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/4/21
Y1 - 2021/4/21
N2 - Cyber education development is a crucial issue considering the human resource and skill shortage in the current cybersecurity arena. A cyber range is a tried and tested hands-on training in cybersecurity education, providing threat simulation of various scenarios. However, the threat scenario development poses crucial challenges that hurt the learning process and trainee's engagement in training. Firstly, the threat scenarios are static and have limited applicability. Secondly, due to the lack of proper representation of procedures and training scenarios used in attacks, it is hard to recognize redundant procedures. We propose an Attack Specific Language (ASL) based on the Mitre ATTCK framework. It provides one representation for all threat scenarios. This language will give information about attack techniques in compact ways, which will streamline and automate the cyber range functions of threat and challenge execution. It will help identify and reduce redundancy. ASL will also provide training customization through dynamic threat execution, which will be trainee-aware and will consider the trainee's performance while executing scenarios. It will provide trainees, better engagement, and training experience.
AB - Cyber education development is a crucial issue considering the human resource and skill shortage in the current cybersecurity arena. A cyber range is a tried and tested hands-on training in cybersecurity education, providing threat simulation of various scenarios. However, the threat scenario development poses crucial challenges that hurt the learning process and trainee's engagement in training. Firstly, the threat scenarios are static and have limited applicability. Secondly, due to the lack of proper representation of procedures and training scenarios used in attacks, it is hard to recognize redundant procedures. We propose an Attack Specific Language (ASL) based on the Mitre ATTCK framework. It provides one representation for all threat scenarios. This language will give information about attack techniques in compact ways, which will streamline and automate the cyber range functions of threat and challenge execution. It will help identify and reduce redundancy. ASL will also provide training customization through dynamic threat execution, which will be trainee-aware and will consider the trainee's performance while executing scenarios. It will provide trainees, better engagement, and training experience.
KW - Cyber education
KW - Cyber range
KW - Domain language
KW - Dynamic training method
UR - http://www.scopus.com/inward/record.url?scp=85112481634&partnerID=8YFLogxK
U2 - 10.1109/EDUCON46332.2021.9454094
DO - 10.1109/EDUCON46332.2021.9454094
M3 - Conference contribution
AN - SCOPUS:85112481634
T3 - IEEE Global Engineering Education Conference, EDUCON
SP - 873
EP - 879
BT - Proceedings of the 2021 IEEE Global Engineering Education Conference, EDUCON 2021
A2 - Klinger, Thomas
A2 - Kollmitzer, Christian
A2 - Pester, Andreas
PB - IEEE Computer Society
Y2 - 21 April 2021 through 23 April 2021
ER -