当前位置: X-MOL 学术arXiv.cs.CR › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Pandora: A Cyber Range Environment for the Safe Testing and Deployment of Autonomous Cyber Attack Tools
arXiv - CS - Cryptography and Security Pub Date : 2020-09-24 , DOI: arxiv-2009.11484
Hetong Jiang, Taejun Choi, Ryan K. L. Ko

Cybersecurity tools are increasingly automated with artificial intelligent (AI) capabilities to match the exponential scale of attacks, compensate for the relatively slower rate of training new cybersecurity talents, and improve of the accuracy and performance of both tools and users. However, the safe and appropriate usage of autonomous cyber attack tools - especially at the development stages for these tools - is still largely an unaddressed gap. Our survey of current literature and tools showed that most of the existing cyber range designs are mostly using manual tools and have not considered augmenting automated tools or the potential security issues caused by the tools. In other words, there is still room for a novel cyber range design which allow security researchers to safely deploy autonomous tools and perform automated tool testing if needed. In this paper, we introduce Pandora, a safe testing environment which allows security researchers and cyber range users to perform experiments on automated cyber attack tools that may have strong potential of usage and at the same time, a strong potential for risks. Unlike existing testbeds and cyber ranges which have direct compatibility with enterprise computer systems and the potential for risk propagation across the enterprise network, our test system is intentionally designed to be incompatible with enterprise real-world computing systems to reduce the risk of attack propagation into actual infrastructure. Our design also provides a tool to convert in-development automated cyber attack tools into to executable test binaries for validation and usage realistic enterprise system environments if required. Our experiments tested automated attack tools on our proposed system to validate the usability of our proposed environment. Our experiments also proved the safety of our environment by compatibility testing using simple malicious code.

中文翻译:

Pandora:用于安全测试和部署自主网络攻击工具的网络靶场环境

网络安全工具越来越具有人工智能(AI)功能的自动化,以匹配攻击的指数规模,弥补培训新网络安全人才相对较慢的速度,并提高工具和用户的准确性和性能。然而,自主网络攻击工具的安全和适当使用——尤其是在这些工具的开发阶段——在很大程度上仍然是一个未解决的差距。我们对当前文献和工具的调查表明,大多数现有的网络靶场设计大多使用手动工具,并没有考虑增加自动化工具或由工具引起的潜在安全问题。换句话说,新的网络靶场设计仍有空间,允许安全研究人员安全地部署自主工具并在需要时执行自动化工具测试。在本文中,我们介绍了 Pandora,这是一个安全的测试环境,允许安全研究人员和网络范围用户对自动化网络攻击工具进行实验,这些工具可能具有强大的使用潜力,同时也具有强大的风险潜力。与与企业计算机系统直接兼容并可能在企业网络中传播风险的现有测试平台和网络范围不同,我们的测试系统有意设计为与企业真实世界计算系统不兼容,以降低攻击传播到实际的风险。基础设施。我们的设计还提供了一种工具,可将开发中的自动化网络攻击工具转换为可执行的测试二进制文件,以便在需要时进行验证和使用真实的企业系统环境。我们的实验在我们提议的系统上测试了自动攻击工具,以验证我们提议的环境的可用性。我们的实验还通过使用简单恶意代码的兼容性测试证明了我们环境的安全性。
更新日期:2020-09-25
down
wechat
bug