Cyber Range Technology Stack Review

Abstract

AbstractRecent studies on cybersecurity threats have revealed the complexity of the situation, both in terms of quantity, as the number of targeted IT/OT infrastructures, and in terms of the techniques and technologies used to carry out modern cyberattacks. In this context, Cyber Range systems can tilt the scales in favor of cybersecurity prevention and preparedness. A cyber range is designed to simulate real-world circumstances for detecting and responding to simulated assaults, as well as allowing practitioners to test new technologies for the purpose of improving the existing cybersecurity platforms. A Cyber Range system is meant to be an overly complex system, composed of multiple independent modules configured and managed through a primary component. Existing known Cyber Range implementations use different technologies and deployment/management techniques. Considering these facts, a Cyber Range technology stack review may significantly contribute to the design and implementation improvement. The lack of CR implementation standardization causes a significant problem in terms of knowledge sharing between different cybersecurity entities: companies, government institutions, research teams, etc. Detailed analysis of the technologies used in this area may lead to a standardization of the CR implementation and thus to a beneficial knowledge sharing system. One of the most important modules of a CR system is the virtualization component, which makes it possible to simulate/emulate the virtual infrastructures used in cybersecurity scenarios development. As a first step, this paper presents the results of an in-depth analysis of the virtualization technologies used in the implementation of Cyber Range systems.KeywordsCyber rangeVirtualizationNetwork simulationNetwork emulationCybersecurity exercises