Archivio Istituzionale della RicercaToday, simulation environments known as cyber ranges are attracting considerable attention across the cybersecurity ecosystem, for their ability to emulate realistic situations and offer pragmatic training to security professionals and students. The extraordinary capabilities of virtualization systems provide great impetus to the development of such platforms, which can scale and be easily maintained. However, many security threats related to the hardware domain of devices are difficult to reproduce in such environments, while instead they are assuming a strategic importance, in a world permeated by electronic devices, which control the objects of our daily life and which handle a large flow of people's private data. This paper presents PAIDEUSIS, a hybrid training environment that seeks to combine the advantages of virtualization and scalability with the realism of hardware devices physically present and connected to the cyber range, including a wide range of devices such as IoT, industrial control, and network hardware devices. Issues faced during the implementation and the management of the platform are presented, as well as the features of some hosted theaters and scenarios based on embedded and IoT devices, some of which already used in relevant Capture-the-Flag (CTF) competitions.
Paideusis: a remote hybrid cyber range for hardware, network, and iot security training / Berra, Giulio; Ferraro, Gaspare; Fornero, Matteo; Maunero, Nicolò; Prinetto, Paolo; Roascio, Gianluca. - ELETTRONICO. - 2940:(2021), pp. 284-297. (Intervento presentato al convegno ITASEC 2021 - Italian Conference on Cybersecurity 2021 tenutosi a All Digital Event nel April 7-9, 2021).
Paideusis: a remote hybrid cyber range for hardware, network, and iot security training
Fornero, Matteo;Maunero, Nicolò;Prinetto, Paolo;Roascio, Gianluca
2021
Abstract
Today, simulation environments known as cyber ranges are attracting considerable attention across the cybersecurity ecosystem, for their ability to emulate realistic situations and offer pragmatic training to security professionals and students. The extraordinary capabilities of virtualization systems provide great impetus to the development of such platforms, which can scale and be easily maintained. However, many security threats related to the hardware domain of devices are difficult to reproduce in such environments, while instead they are assuming a strategic importance, in a world permeated by electronic devices, which control the objects of our daily life and which handle a large flow of people's private data. This paper presents PAIDEUSIS, a hybrid training environment that seeks to combine the advantages of virtualization and scalability with the realism of hardware devices physically present and connected to the cyber range, including a wide range of devices such as IoT, industrial control, and network hardware devices. Issues faced during the implementation and the management of the platform are presented, as well as the features of some hosted theaters and scenarios based on embedded and IoT devices, some of which already used in relevant Capture-the-Flag (CTF) competitions.
| File | Dimensione | Formato | |
|---|---|---|---|
|
paper24.pdf
accesso aperto
Descrizione: Articolo principale
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Creative commons
Dimensione
1.87 MB
Formato
Adobe PDF
|
1.87 MB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2923654