Authors:
Ryotaro Nakata
and
Akira Otsuka
Affiliation:
Institute of Information Security, Yokohama, Kanagawa, Japan
Keyword(s):
Information Security Education, Cyber Security, Cyber Range Scenario, Randomization, Docker Container.
Abstract:
With the development of information technology, the need for information security education is increasing, and
the effectiveness of cyber range exercises is attracting attention. The cyber range is a system to learn knowledge
and skills by experiencing an incident scenario reproduced in a virtual environment. Many scenarios are
required to train a security expert through various incident experiences. However, scenario development requires
highly specialized expertise. Thus, in practice, only a limited number of scenarios are worn out around.
Identical scenarios may decrease the educational effect since the other teams’ actions or write-ups on the internet
will hint the students. We propose CyExec*, a cyber range system that automatically generates multiple
scenarios based on DAG(Directed Acyclic Graph)-based scenario randomization. Multiple scenarios with the
same learning objectives can enhance teaching effectiveness and prevent cheating. We developed the DAGbased
scenario
randomization technique on a Docker-based cyber range system called CyExec. By taking
full advantage of Docker’s system/network configuration power, we can randomize complex scenarios across
multiple networks. Comparison with the VM-based scenario generators, CyExec* outperforms, especially in
storage usage. Further, CyExec* only consumes 1/3 memories, 1/4 CPU loads, and 1/10 storage usages. Thus,
Cyexec* can operate approximately 3-times more complex scenarios than VM-based systems.
(More)