Generating Virtual Scenarios for Cyber Ranges from Feature-Based Context-Oriented Models: A Case Study

Abstract

A cyber range is a virtual training ground for security experts. Trainees are separated into attacking and defending teams, whose roles are either to compromise or to protect some critical infrastructure. As reuse of a same scenario may significantly reduce training efficiency, recent research proposed to automate the process of defining and deploying arbitrarily complex cyber range scenarios through the use of a virtual scenario description language (VSDL). However, it remains a challenge to generate VSDL scenarios dynamically, i.e. in an adaptive manner, to avoid having to redefine new VSDL scenarios for each new situation. Moreover, existing VSDLs often consider limited contextual information (e.g., only the virtualization budget) and do not link explicitly the vulnerabilities of their scenarios together, which prevents from proposing scenarios with more advanced cyber security exploits. In this vision paper, we rely on feature-based context-oriented modelling to generate relevant cyber range scenarios from an explicit user profile and exploits described in attack-defence trees. This result has high industrial potential, as it could enable a kind of on-demand cyber range scenario generation service.