Abstract
Cyber Range has become a very important means to support tasks such as network security technology validation, network weapon testing, training of network attack and defense and network risk assessment. However, Cyber Ranger faces many security threats from internal and external environments. In order to establish an adaptive security protection system, threat modeling is needed to analyze potential threats and provide security solutions. In this paper, we present a novel threat modeling method for Cyber Range. Based on ontology and knowledge graph, our research focuses on the design of threat ontology, knowledge base, and unified description specification. Typical cases are given to demonstrate our approach. This study could serve as groundwork for further Cyber Range researches including security architecture, situation awareness and intelligent decision-making.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Hernan, S., Lambert, S., Ostwald, T., et al.: Threat modeling-uncover security design flaws using the stride approach. MSDN Mag.-Louisville 68–75 (2006)
Schneier, B.: Attack trees—modeling security threats. Dr, Dobb’s J. 24 (1999)
Ericson, C.A.: Fault tree analysis. Hazard Anal. Tech. Syst. Saf. 183–221 (2005)
Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Trans. Softw. Eng. 25(5), 633–650 (1999)
Phillips, C., Swiler, L.P.: A Graph-Based System for Network-Vulnerability Analysis, 1998. ACM (1998)
Jajodia, S., Noel, S.: Topological vulnerability analysis. In: Jajodia, S., Liu, P., Swarup, V., Wang, C. (eds.) Cyber Situational Awareness. Advances in Information Security, vol. 46. Springer, Boston, MA (2010)
Moore, A.P., Kennedy, K.A., Dover, T.J.: Introduction to the special issue on insider threat modeling and simulation. Comput. Math. Organ. Theory 22(3), 1–12 (2016)
Barnum, S.: Standardizing cyber threat intelligence information with the structured threat information eXpression (STIX). MITRE Corp. 11, 1–22 (2012)
Gibb, W.: Nettraveler in openioc format. FireEye (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gong, L., Tian, Y. (2020). Threat Modeling for Cyber Range: An Ontology-Based Approach. In: Liang, Q., Liu, X., Na, Z., Wang, W., Mu, J., Zhang, B. (eds) Communications, Signal Processing, and Systems. CSPS 2018. Lecture Notes in Electrical Engineering, vol 517. Springer, Singapore. https://doi.org/10.1007/978-981-13-6508-9_128
Download citation
DOI: https://doi.org/10.1007/978-981-13-6508-9_128
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-6507-2
Online ISBN: 978-981-13-6508-9
eBook Packages: EngineeringEngineering (R0)