Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture

Abstract

The first line of defense against cyber threats and cyber crimes is to be aware and get ready, e.g., through cyber security training. Training can have two forms, the first is directed towards security professionals and aims at improving understanding of the latest threats and increasing skill levels in defending and mitigating against them. The second form of training, which used to attract less attention, aims at increasing cyber security awareness among non-security professionals and the general public. Conducting such training programs requires dedicated testbeds and infrastructures that help realizing and executing the training scenarios and provide a playground for the trainees. A cyber range is an environment that aims at providing such testbeds. The purpose of this paper is to study the concept of a cyber range, and provide a systematic literature review that covers unclassified cyber ranges and security testbeds. In this study we develop a taxonomy for cyber range systems and evaluate the current literature focusing on architecture and scenarios, but including also capabilities, roles, tools and evaluation criteria. The results of this study can be used as a baseline for future initiatives towards the development and evaluation of cyber ranges in accordance with existing best practices and lessons learned from contemporary research and developments.

Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture