ARCeR: an Agentic RAG for the Automated Definition of Cyber Ranges
This addresses the need for efficient tools to build realistic IT environments for cybersecurity professionals, though it appears incremental as it builds on existing RAG and AI technologies.
The paper tackles the problem of automating the creation of Cyber Ranges (CRs) for cybersecurity training and analysis by proposing ARCeR, an Agentic RAG system that generates and deploys CRs from natural language descriptions, achieving successful processing in cases where LLMs or basic RAG systems fail.
The growing and evolving landscape of cybersecurity threats necessitates the development of supporting tools and platforms that allow for the creation of realistic IT environments operating within virtual, controlled settings as Cyber Ranges (CRs). CRs can be exploited for analyzing vulnerabilities and experimenting with the effectiveness of devised countermeasures, as well as serving as training environments for building cyber security skills and abilities for IT operators. This paper proposes ARCeR as an innovative solution for the automatic generation and deployment of CRs, starting from user-provided descriptions in a natural language. ARCeR relies on the Agentic RAG paradigm, which allows it to fully exploit state-of-art AI technologies. Experimental results show that ARCeR is able to successfully process prompts even in cases that LLMs or basic RAG systems are not able to cope with. Furthermore, ARCeR is able to target any CR framework provided that specific knowledge is made available to it.