Today, simulation environments known as cyber ranges are attracting considerable attention across the cybersecurity ecosystem, for their ability to emulate realistic situations and offer pragmatic training to security professionals and students. The extraordinary capabilities of virtualization systems provide great impetus to the development of such platforms, which can scale and be easily maintained. However, many security threats related to the hardware domain of devices are difficult to reproduce in such environments, while instead they are assuming a strategic importance, in a world permeated by electronic devices, which control the objects of our daily life and which handle a large flow of people's private data. This paper presents PAIDEUSIS, a hybrid training environment that seeks to combine the advantages of virtualization and scalability with the realism of hardware devices physically present and connected to the cyber range, including a wide range of devices such as IoT, industrial control, and network hardware devices. Issues faced during the implementation and the management of the platform are presented, as well as the features of some hosted theaters and scenarios based on embedded and IoT devices, some of which already used in relevant Capture-the-Flag (CTF) competitions.

Paideusis: a remote hybrid cyber range for hardware, network, and iot security training / Berra, Giulio; Ferraro, Gaspare; Fornero, Matteo; Maunero, Nicolò; Prinetto, Paolo; Roascio, Gianluca. - ELETTRONICO. - Vol-2940:(2021), pp. 284-297. ((Intervento presentato al convegno ITASEC 2021 - Italian Conference on Cybersecurity 2021 tenutosi a All Digital Event nel April 7-9, 2021.

Paideusis: a remote hybrid cyber range for hardware, network, and iot security training

Fornero, Matteo;Maunero, Nicolò;Prinetto, Paolo;Roascio, Gianluca
2021

Abstract

Today, simulation environments known as cyber ranges are attracting considerable attention across the cybersecurity ecosystem, for their ability to emulate realistic situations and offer pragmatic training to security professionals and students. The extraordinary capabilities of virtualization systems provide great impetus to the development of such platforms, which can scale and be easily maintained. However, many security threats related to the hardware domain of devices are difficult to reproduce in such environments, while instead they are assuming a strategic importance, in a world permeated by electronic devices, which control the objects of our daily life and which handle a large flow of people's private data. This paper presents PAIDEUSIS, a hybrid training environment that seeks to combine the advantages of virtualization and scalability with the realism of hardware devices physically present and connected to the cyber range, including a wide range of devices such as IoT, industrial control, and network hardware devices. Issues faced during the implementation and the management of the platform are presented, as well as the features of some hosted theaters and scenarios based on embedded and IoT devices, some of which already used in relevant Capture-the-Flag (CTF) competitions.
File in questo prodotto:
File Dimensione Formato  
paper24.pdf

accesso aperto

Descrizione: Articolo principale
Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Creative commons
Dimensione 1.87 MB
Formato Adobe PDF
1.87 MB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2923654