Automated Generation of Cybersecurity Exercise Scenarios
This addresses the problem of scalable and diverse training for cybersecurity professionals and software agents, though it is incremental as it builds on existing scenario generation methods.
The paper tackles the need for varied cybersecurity training scenarios by presenting an automated approach to generate enterprise IT system scenarios, resulting in a dataset of 100,000 sample scenarios and an open-source simulation environment.
There is a growing need for cybersecurity professionals with practical knowledge and experience to meet societal needs and comply with new standards and regulations. At the same time, the advances in software technology and artificial intelligence point towards a future where software agents will play an important role in protecting the computer systems that are critical for society to function. The training and development of both humans and software agents requires the design and execution of cybersecurity exercises that differ in properties such as size, scope, objectives, difficultly, etc. Cybersecurity scenarios are critical for the operation of cybersecurity exercises as they describe the scope, context, operational environment and storyline of each exercise. In this work, we present an approach to automatically generate cybersecurity scenarios that model enterprise IT systems. Our approach is able to generate a large number of scenarios that differ in multiple criteria including size, scope, difficulty, complexity and diversity. We further release as open source: a simulation and a virtualization environment that can run cybersecurity exercises based on the generated scenarios and a dataset containing 100000 sample scenarios.