Evaluation of Vulnerability Reproducibility in Container-based Cyber Range

Ryotaro Nakata, Akira Otsuka

Abstract

The cyber range is a practical and highly educational information security exercise system, but it has not been widely used due to its high introduction and maintenance costs. Therefore, there is a need for a cyber range that can be adopted and maintained at a low cost. Recently, container type virtualization is gaining attention as it can create a high-speed and high-density exercise environment. However, existing researches have not clearly shown the advantages of container virtualization for building exercise environments. Moreover, it is not clear whether sufficient vulnerabilities are reproducible, required to conduct incident scenarios in the cyber range. In this paper, we compare container virtualization with existing virtualization type and confirm that the amount of memory, CPU, and storage consumption can be reduced to less than 1/10 of the conventional virtualization methods. We also compare and verify the reproducibility of the vulnerabilities used in common exercise scenarios and confirm that 99.3% of the vulnerabilities are reproducible. The container-based cyber range can be used as a new standard to replace existing methods.

Download


Paper Citation


in Harvard Style

Nakata R. and Otsuka A. (2021). Evaluation of Vulnerability Reproducibility in Container-based Cyber Range.In Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-491-6, pages 635-642. DOI: 10.5220/0010324606350642


in Bibtex Style

@conference{icissp21,
author={Ryotaro Nakata and Akira Otsuka},
title={Evaluation of Vulnerability Reproducibility in Container-based Cyber Range},
booktitle={Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2021},
pages={635-642},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010324606350642},
isbn={978-989-758-491-6},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 7th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Evaluation of Vulnerability Reproducibility in Container-based Cyber Range
SN - 978-989-758-491-6
AU - Nakata R.
AU - Otsuka A.
PY - 2021
SP - 635
EP - 642
DO - 10.5220/0010324606350642