Show simple item record

dc.contributor.advisorKatt, Basel
dc.contributor.advisorPetrović, Slobodan
dc.contributor.authorYamin, Muhammad Mudassar
dc.date.accessioned2022-05-04T10:56:24Z
dc.date.available2022-05-04T10:56:24Z
dc.date.issued2022
dc.identifier.isbn978-82-326-6809-0
dc.identifier.issn2703-8084
dc.identifier.urihttps://hdl.handle.net/11250/2994131
dc.description.abstractRome was not built in a day, but it was burnt to the ground in only six. Wood naturally catches fire, and without adequate engineering, fireproof houses and training for firefighters, destruction caused by fire is inevitable. In the 21st century, our modern world is built not on wood but on a digital infrastructure that was proposed in the 20th century with very little thought to security. This has resulted in a countless number of incidents in which that infrastructure has been compromised, from hospitals serving critically ill patients to gas pipelines providing necessary heating to people living in adverse climate conditions. The current state of affairs is unacceptable, and serious efforts are needed to design and build a secure digital world and train individuals to use and operate it securely. Engineers and scientists design road infrastructure with great safety measures, but traffic accidents still happen. Indeed, they remain one of the leading causes of death in the world, and most traffic accidents are caused by human error or negligence. Similarly, the digital infrastructure can be designed and deployed securely, but its overall security and safety depend upon the humans who are operating and using it. Therefore, there is a great need to train individuals to operate the digital infrastructure in a secure manner. Multiple efforts are being made to provide this training. These efforts include cybersecurity education and training based on different pedagogical methods involving classroom teaching, workshops, seminars, conferences and hands-on training. However, the effects of these efforts are not yet visible, as we experience ever-increasing damage caused by cyber-attacks. Traditionally, most cybersecurity awareness and training has been achieved through classrooms and workshops. Little focus has been on hands-on cybersecurity exercises. This is because designing and deploying infrastructure to deliver realistic hands-on exercises is a resource- intensive, complex and difficult task that requires considerable manual technical expertise. This makes the training very expensive and the process error-prone and difficult to standardize. In order to solve these issues, different researchers have tried to remove inefficiencies in cybersecurity exercises by automating different phases of the exercises with limited success. Some efforts yielded very specific testbed-related artifacts, which were only applicable to that specific testbed, while other efforts lacked the complexity required for realistic cybersecurity exercises. Moreover, there is a lack of consensus among the community on defining the training scenarios that can be used in such exercises. Therefore, standard specifications of scenarios that can be executed in a cybersecurity exercise environment are needed. In this work, I attempt to overcome and address these issues by enhancing efficiency, realism and standardization with a novel method of modeling and executing cybersecurity exercise scenarios in a cybersecurity exercise environment, or a cyber range. This is achieved through the development of a domain-specific language that is used to model and specify the technical requirements for cybersecurity exercises at an abstract level. The model of the exercise scenario is formalized and verified through logic programming, and then the technical requirements are translated into operational artifacts through an orchestrator. The operational artifacts contain an exercise infrastructure with vulnerabilities, traffic generators and attack/defense agents that can exploit or defend those vulnerabilities at an operational level in a cyber range. The proposed system goes beyond the state of the art by overcoming many inefficiencies in cybersecurity exercise scenario modeling and deployment, making their execution efficient, realistic and computationally repeatable. The proposed artifacts and solutions were tested in Norway’s national cybersecurity competitions, university classrooms and other cybersecurity exercises with positive results.en_US
dc.language.isoengen_US
dc.publisherNTNUen_US
dc.relation.ispartofseriesDoctoral theses at NTNU;2022:134
dc.relation.haspartPaper 1: Yamin, Muhammad Mudassar; Katt, Basel. Inefficiencies in Cyber-Security Exercises Life-Cycle: A Position Paper. CEUR Workshop Proceedings 2018 ;Volum 2269.en_US
dc.relation.haspartPaper 2: Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios; Espen, Torseth; Kowalski, Stewart James. Make it and Break it: An IoT Smart Home Testbed Case Study. International Conference on Cyber Physical Systems and IoT(CPSIOT 2018) https://doi.org/10.1145/3284557.3284743en_US
dc.relation.haspartPaper 3: Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios. Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security 2020;Volum 88:101636. s. 1-26 https://doi.org/10.1016/j.cose.2019.101636en_US
dc.relation.haspartPaper 4: Yamin, Muhammad Mudassar; Katt, Basel; Nowostawski, Mariusz. Serious Games as a Tool to Model Attack and Defense Scenarios for Cyber-Security Exercises. Computers & Security 2021 ;Volum 110. https://doi.org/10.1016/j.cose.2021.102450en_US
dc.relation.haspartPaper 5: Yamin, Muhammad Mudassar; Katt, Basel. Modeling and Executing Cyber Security Exercise Scenarios in Cyber Ranges. Computers & Security 2022 https://doi.org/10.1016/j.cose.2022.102635en_US
dc.relation.haspartYamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios. Detecting Windows Based Exploit Chains by Means of Event Correlation and Process Monitoring. Lecture Notes in Networks and Systems 2019 ;Volum 70 LNNS. https://doi.org/10.1007/978-3-030-12385-7_73en_US
dc.relation.haspartPaper 7: Yamin, Muhammad Mudassar; Katt, Basel. Use of Cyber Attack and defense agents in Cyber Ranges: A Case Studyen_US
dc.titleModelling and Analyzing Attack- Defense Scenarios for Cyber- Rangesen_US
dc.typeDoctoral thesisen_US
dc.subject.nsiVDP::Technology: 500::Information and communication technology: 550en_US


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record