逐步定义网络范围参考架构

IF 3.8 2区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2024-11-21 DOI:10.1016/j.jisa.2024.103917
Vyron Kampourakis, Vasileios Gkioulos, Sokratis Katsikas
{"title":"逐步定义网络范围参考架构","authors":"Vyron Kampourakis,&nbsp;Vasileios Gkioulos,&nbsp;Sokratis Katsikas","doi":"10.1016/j.jisa.2024.103917","DOIUrl":null,"url":null,"abstract":"<div><div>Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"88 ","pages":"Article 103917"},"PeriodicalIF":3.8000,"publicationDate":"2024-11-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A step-by-step definition of a reference architecture for cyber ranges\",\"authors\":\"Vyron Kampourakis,&nbsp;Vasileios Gkioulos,&nbsp;Sokratis Katsikas\",\"doi\":\"10.1016/j.jisa.2024.103917\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"88 \",\"pages\":\"Article 103917\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-11-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624002199\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624002199","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

在工业 5.0 时代到来之际,各组织已逐步将信息技术纳入其以往密不透风的运营技术架构中。然而,这种融合扩大了攻击面,敲响了防备的警钟。在这一方向上,网络范围(CR)作为一种有价值、有吸引力的解决方案应运而生,为加强整体网络安全立场提供了多样化的视角。然而,在试图根据最新准则定义网络靶场设计、开发、评估和运行的完整方法方面,还存在很大的文献空白。为了弥补这一不足,本研究首次引入了我们所知的总体性、细粒度的 CR 参考架构。为此,我们采用了三步系统化方法。首先,我们仔细研究当代指南,提取出一个抽象的架构模型,从结构上巩固 CR 参考架构的基础。然后,我们对现有 CR 的共同功能和能力进行渗透和精确定位,从而划定参考架构的功能和信息方面。最后,我们设计了一个评估公式,用于近似判断 CR 与最新技术的一致性。通过后一个步骤,我们提供了一种统一的方法来确定最合适的组件,以实现 CR 的结构、功能和信息方面。总体而言,这项工作可被视为实现 CR 统一化和标准化的一次尝试,因此预计它将为不同层面的多方利益相关者提供依据和参考点。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
A step-by-step definition of a reference architecture for cyber ranges
Being on the advent of Industry 5.0, organizations have been progressively incorporating information technology into their formerly air-gapped operational technology architectures. This coalescence has nevertheless amplified the attack surface, ringing the bells of preparedness. In this direction, Cyber Ranges (CRs) have cropped up as a valuable and attractive solution, providing a diverse perspective on reinforcing the overall cybersecurity stance. However, there exists a significant literature gap in attempts to define a complete approach for CR design, development, evaluation, and operation as per the up-to-date guidelines. To address this shortcoming, this work introduces the first to our knowledge overarching, fine-grained reference architecture for CR. This is done by adopting a three-step, systematic methodology. First, we scrutinize contemporary guidelines to extract an abstract architectural model that structurally entrenches the foundations of CR reference architecture. Then, we percolate and pinpoint common functionalities and capabilities of existing CRs, towards delineating the functional and informational aspects of the reference architecture. Finally, we devise an evaluation formula that approximates the conformance of a CR with the state-of-the-art. Through the latter step, we impart a unified means of identifying the most appropriate components to implement the structural, functional, and informational aspects of a CR. Overall, this work can be seen as an attempt towards CR unification and standardization, therefore it is anticipated to serve as a basis and point of reference for multiple stakeholders at varying levels.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of Information Security and Applications
Journal of Information Security and Applications Computer Science-Computer Networks and Communications
CiteScore
10.90
自引率
5.40%
发文量
206
审稿时长
56 days
期刊介绍: Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
期刊最新文献
Towards an intelligent and automatic irrigation system based on internet of things with authentication feature in VANET A novel blockchain-based anonymous roaming authentication scheme for VANET IDPriU: A two-party ID-private data union protocol for privacy-preserving machine learning A step-by-step definition of a reference architecture for cyber ranges Fed-LSAE: Thwarting poisoning attacks against federated cyber threat detection system via Autoencoder-based latent space inspection
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1