Abstract
Nowadays, time, scope and cost constraints along with knowledge requirements and personnel training constitute blocking restrictions for effective Offensive Cyberspace Operations (OCO). This paper presents RedHerd, an open-source, collaborative and serverless orchestration framework that overcomes these limitations. RedHerd leverages the ‘as a Service’ paradigm in order to seamlessly deploy a ready-to-use infrastructure that can be also adopted for effective simulation and training purposes, by reliably reproducing a real-world cyberspace battlefield in which red and blue teams can challenge each other. We discuss both the design and implementation of the proposed solution, by focusing on its main functionality, as well as by highlighting how it perfectly fits the Open Systems Architecture design pattern, thanks to the adoption of both open standards and wide-spread open-source software components. The paper also presents a complete OCO simulation based on the usage of RedHerd to perform a fictitious attack and fully compromise an imaginary enterprise following the Cyber Kill Chain (CKC) phases.
Highlights
Cyberspace at its core consists of, but is not limited to, a computerised environment that is artificially constructed and constantly under development
The solution proposed in this paper is one of a kind, so it is quite difficult to find other state-of-the-art products that cover the same scope of the RedHerd framework
This paper introduces the Offensive Cyberspace Operations as a Service (OCOaaS) model as a complete software solution, locally set up, remotely deployed or Cloud-based, which allows organizations to conduct Offensive Cyber Operations by offering a layer of abstraction placed on top of the operational infrastructure and tools
Summary
Cyberspace at its core consists of, but is not limited to, a computerised environment that is artificially constructed and constantly under development It can be defined as a global domain made up of interconnected communication systems, information technology and other electronic systems and networks, together with their data. Adversary offensive activities persist because opportunity costs are low, and accesses, platforms and payloads can remain useful for extended periods of time [2]. This domain can be described in terms of three layers: physical, logical and cyber-persona. The conduct of Cyberspace Operations (COs), i.e., actions in or through cyberspace intended to preserve friendly freedom of action in cyberspace and/or to create effects to achieve commanders’
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
