Design requirements for a cloud-based automated red team in a cyber range for security operations training

Competitions for students, novices, and professionals to practice hacking and cyber defense skills (Conklin 2005; White et al. 2010). In cyber defense competitions teams design, implement, manage, and defend a network of computers and services (Schepens and James 2003). Cyber defense competitions are great learning opportunities for students and professionals. Typically, as in the case of the National Collegiate Cyber Defense Competition (https://www.nationalccdc.org/), the competitions consist of multiple blue teams of contestants and multiple red teams that attacks the services and systems that blue team is trying to counteract. An automated attack system needs to be intelligent, have low overhead, be realistic, and be modular (Miller et al. 2018). The components of automated attack systems vary. A patent for a very high-level design of an automated penetration system uses simulators (virtual machines or software that mimics the behavior of computers or networks), an exploit database, storage for scenarios, configuration files, and a penetration testing framework (Futoransky et al. 2013). Other systems can simulate network and user traffic (Rossey et al. 2002). We have so far identified four high-level design requirements: 1) ability to perform many types of attacks, 2) ability to follow a good process, 3) possession of a high-level situational understanding of the scenario, and 4) ease of sanitation and reuse of the simulation. Our continued work will identify more design requirements and areas of research that are needed to further the technological abilities and efficiency of automated red team design

Security framework for industrial collaborative robotic cyber-physical systems

The paper introduces a security framework for the application of human-robot collaboration in a futuristic industrial cyber-physical system (CPS) context of industry 4.0. The basic elements and functional requirements of a secure collaborative robotic cyber-physical system are explained and then the cyber-attack modes are discussed in the context of collaborative CPS whereas a defense mechanism strategy is proposed for such a complex system. The cyber-attacks are categorized according to the extent on controllability and the possible effects on the performance and efficiency of such CPS. The paper also describes the severity and categorization of such cyber-attacks and the causal effect on the human worker safety during human-robot collaboration. Attacks in three dimensions of availability, authentication and confidentiality are proposed as the basis of a consolidated mitigation plan. We propose a security framework based on a two-pronged strategy where the impact of this methodology is demonstrated on a teleoperation benchmark (NeCS-Car). The mitigation strategy includes enhanced data security at important interconnected adaptor nodes and development of an intelligent module that employs a concept similar to system health monitoring and reconfiguration

Artificial intelligence in the cyber domain: Offense and defense

Artificial intelligence techniques have grown rapidly in recent years, and their applications in practice can be seen in many fields, ranging from facial recognition to image analysis. In the cybersecurity domain, AI-based techniques can provide better cyber defense tools and help adversaries improve methods of attack. However, malicious actors are aware of the new prospects too and will probably attempt to use them for nefarious purposes. This survey paper aims at providing an overview of how artificial intelligence can be used in the context of cybersecurity in both offense and defense.Web of Science123art. no. 41