Information technology for orchestration of the cybersecurity training situation center cyber range virtual environment
DOI:
https://doi.org/10.20535/2411-1031.2024.12.2.316257Keywords:
cybersecurity, distributed computing systems, orchestration, cyber range, virtual environment, containerisation, virtualisationAbstract
The rapid development of information technology and the ever-increasing complexity of cyber threats create new challenges in the field of cybersecurity that require modern and innovative approaches to training. Effective training requires realistic and secure platforms, such as interactive simulated environments that allow for the modelling of various attack and defence scenarios. Cyber ranges have become a key tool for developing cybersecurity skills, but creating such platforms is a complex and resource-intensive process. Optimising the management of virtual resources is a critical condition for ensuring the flexibility and scalability of such environments. The aim of the paper is to improve the efficiency of managing virtual environments for cybersecurity training by improving the process of orchestrating virtual resources of a cyber training ground. The paper defines a cyber training ground as an interactive simulated platform that may include physical and virtual equipment to create training environments that are as close as possible to real-world conditions. The main types of such platforms and the main categories of their users are allocated. The modern approaches to the orchestration of virtual environments, such as manual configuration, scripting, infrastructure as code, containerisation and cloud orchestration, are analysed. An information technology for orchestrating the virtual environment of the cyber range training situation center for cybersecurity has been proposed, with functional requirements and the physical structure of the orchestration module defined. In the course of the work, a software implementation of the proposed information technology was developed in the form of an orchestration module, which automates the processes of deployment, configuration, management, and scaling of virtual resources. The development is based on Python 3, Flask 3, Docker, and JWT technologies, which allows for secure authentication, efficient container management, and integration via RESTful API. The testing confirmed that the module meets the criteria of scalability, flexibility, and security. The novelty of the work lies in the development of information technology for orchestrating the virtual environment of a cyber training ground, which takes into account the specific needs of organisations and minimises dependence on commercial solutions, as well as integrates modern technologies to improve the efficiency of training platforms.
References
President of Ukraine. (2021, May 14). Decree № 447/2021, On the Decision of the National Security and Defense Council of Ukraine “On the Cyber Security Strategy of Ukraine”. [Online]. Available: https://www.president.gov.ua/documents/4472021-40013. Accessed on: Jun. 24, 2024.
President of Ukraine. (2020, Sep. 14). Decree № 392/2020. Decision of the National Security and Defense Council of Ukraine “On the National Security Strategy of Ukraine” [Online]. Available: https://zakon.rada.gov.ua/laws/show/392/2020#Text. Accessed on: Jun. 24, 2024.
President of Ukraine. (2021, Sep. 27). Decree № 479/2021, Decision of the National Security and Defense Council of Ukraine "On the introduction of the national sustainability system". [Online]. Available: https://zakon.rada.gov.ua/laws/show/479/2021#Text. Accessed on: Jun. 24, 2024.
Y. Danyk, and O. Korneiko, “Fundamentals methodology of formation cyber competences at security sector experts and Ukraine defense”, Information Technology and Security, vol. 6, iss. 2, pp. 105-123, 2018. doi: https://doi.org/10.20535/2411-1031.2018.6.2.153495.
O. Puchkov, and О. Uvarkina, “Sustainable development of the system of formal cyber education: reflection of modern concepts”, Information Technology and Security, vol. 11, iss. 1, pp. 60-68, 2023. doi: https://doi.org/10.20535/2411-1031.2023.11.1.283635.
O. Puchkov, and О. Uvarkina, “The Phenomenon of the Warrior Ethos: Socio-philosophical reflection”, Visnuk of the Lviv University. Series philosophical science, iss. 29, pp. 150-156, 2022. doi: https://doi.org/10.30970/PHS.2022.29.16.
V. Horlynskyi, and B. Horlynskyi, “Analysis of key factors of formation of the system of competences of professionals in the field of cybersecurity”, Information Technology and Security, vol. 9, iss. 2, pp. 219-231. 2021. doi: https://doi.org/10.20535/2411-1031.2021.9.2.249976.
Verkhovna Rada of Ukraine. (2014, May 21). Law no. 1556-VII, About Higher Education. [Online]. Available: https://zakon.rada.gov.ua/laws/show/1556-18#Text. Accessed on: Jun. 24, 2024.
Verkhovna Rada of Ukraine. (2006, Fab. 23). Law no. 3475-ІV, About the State Service for Special Communications and Information Protection of Ukraine. [Online]. Available: https://zakon.rada.gov.ua/laws/show/3475-15#Text. Accessed on: Jun. 24, 2024.
Verkhovna Rada of Ukraine. (2017, Oct. 5). Law no. 2163-VIII. About the Basic Principles of Cyber Security of Ukraine. [Online]. Available: https://zakon.rada.gov.ua/laws/show/2163-19#Text. Accessed on: Jun. 24, 2024.
Ministry of Education and Science of Ukraine. (2018, Oct. 4). Order no. 1074. On approval of the standard of higher education by specialty 125 “Cyber Security” for the first (Bachelor) level of higher education. [Online]. Available: https://mon.gov.ua/storage/app/media/vishcha-osvita/zatverdzeni%20standarty/12/21/125-kierbezpeka-bakalavr.pdf. Accessed on: Jun. 24, 2024.
NTUU KPI Igor Sikorsky. (2023, May 17). Order No. NON/165/2023. Security of state information resources. Educational and professional program of the first (bachelor) level of higher education in specialty 125 “Cyber security and information protection”. [Online]. Available: https://osvita.kpi.ua/sites/default/files/opfiles/125_oppb_bdir_2023.pdf. Accessed on: Jun. 24, 2024.
V. Horlynskyi, and B. Horlynskyi, “Determining factors in the formation of the abilities of specialists for the State Special Service in modern conditions”, in Proc. 1st International Scientific and Practical Conference “Cyber security of state institutions and overcoming crisis situations”, Kiev, Ukraine, 2022, pp. 164-165.
V. Ananin, V. Horlynskyi, L. Evdochenko, and O. Puchkov, “Information challenges and value priorities of society” in Safety of Ukraine: Actual problems and evaluation criteria: Monograph. Kiev, Ukraine: ISCIP Ihor Sikorskyi KPI, 2018.
President of Ukraine. (2019, May 18). Decree № 286/2019, About the Strategy of National Patriotic Education. [Online]. Available: https://zakon.rada.gov.ua/laws/show/286/2019/print. Accessed on: Jun. 24, 2024.
V. Horlynskyi, “The value dimension of the national educational space in the conditions of war”, in Proc. All-Ukrainian Scientific and Pedagogical Advanced Training Varieties of Intelligence and Their Role in the Educational Process of the 21-st Century, Lviv, Ukraine, 2024, pp. 29-32. [Online]. Available: https://cuesc.org.ua/images/informlist/%D0%9C%D0%B0%D0%BA%D0%B5%D1%82%20advanc_training_PSAU.pdf#page=29. Accessed on: Jun. 24, 2024.
V. Ananin, V. Horlynskyi, “Mental structures of consciousness as a prerequisite for sustainable development and security of society”, Мultiversum. Philosophical almanac, iss. 2. vol. 1, pp. 3-18, 2021. doi: https://doi.org/10.35423/2078-8142.2021.2.1.01.
President of Ukraine. (2021, Aug. 20). Decree № 479/2021. Decision of the National Security and Defense Council of Ukraine “On the introduction of the national sustainability system”. [Online]. Available: https://www.president.gov.ua/documents/4472021-40013. Accessed on: Jun. 24, 2024.
Cabinet of Ministers of Ukraine. (2022, Fab. 23). Order no. 286-р. About the praise of the Strategy for the development of higher education in Ukraine for 2022-2032. [Online]. Available: https://zakon.rada.gov.ua/laws/show/286-2022-%D1%80#Text. Accessed on: Jun. 24, 2024.
V. Horlynskyi, and B. Horlynskyi, “Сonstitution of national cyber space and its educational significance for cyber security professionals”, Information Technology and Security, vol. 11, iss. 1, pp. 69-83, 2023. doi: https://doi.org/10.20535/2411-1031.2023.11.1.283710.
Basics of Post-Quantum Cryptography, Archon. [Online]. Available: https://www.archonsecure.com/post-quantum-cryptography-guide#chapter-2. Accessed on: Jun. 24, 2024.
I. D. Gorbenko, O. G. Kachko, Yu. I. Gorbenko, M. V. Yesina, and V. A. Ponomar, “The problem of standardization of cryptographic transformations in transition and post-quantum periods and the state of its solution”, in Proc. Global Cyber Security Forum, at the First International Scientific and Practical Forum, Kharkiv, Ukraine, 2019, с. 6–13, [Online]. Available: https://openarchive.nure.ua/server/api/core/bitstreams/c1977b5f-9ed3-4fba-90d3-67bf1e87ed47/content. Accessed on: Jun. 24, 2024.
United Nations (2024, Mar. 21). General Assembly adopts landmark resolution on artificial intelligence. [Online]. Available: https://news.un.org/en/story/2024/03/1147831. Accessed on: Jun. 24, 2024.
NATO (2024, Jul. 10). Summary of NATO's revised Artificial Intelligence (AI) strategy. [Online]. Available: https://www.nato.int/cps/en/natohq/official_texts_227237.htm. Accessed on: Jul. 16, 2024.
The role of artificial intelligence in cyber security: predicting and preventing attacks. Cyber security.[Online]. Available: https://www.bdodigital.com/insights/cybersecurity/the-role-of-ai-in-cybersecurity-anticipating-and-preventing-attacks#:~:text=AI%20plays%20a%20crucial%20role,help%20predict%20future%20attack%20vectors. Accessed on: Jun. 24, 2024.
O. Puchkov, D. Lande, I. Subach, and O. Rybak, “Integration of Information Search Technologies and Artificial Intelligence in the Field of Cybersecurity”, Information Technology and Security, vol. 11, iss. 2, pp. 206-215, 2023. doi: https://doi.org/10.20535/2411-1031.2023.11.2.293789.
Cabinet of Ministers of Ukraine. (2020, Dec. 02). The resolution no. 1556-р. “On the approval of the Concept of the development of artificial intelligence in Ukraine”. [Online]. Available: https://zakon.rada.gov.ua/laws/show/1556-2020-%D1%80/print. Accessed on: Jun. 24, 2024.
B. Edwards, “Microsoft launches AI chatbot for spies”, Ars Technica, 2024, [Online]. Available: https://arstechnica.com/information-technology/2024/05/microsoft-launches-ai-chatbot-for-spies/. Accessed on: Jun. 24, 2024.
M. Landi. “AI experts ‘uncertain’ on technology’s future, report says”, Independent: UK Edition, 2024. [Online]. Available: https://www.independent.co.uk/business/ai-experts-uncertain-on-technology-s-future-report-says-b2546861.html. Accessed on: Jun. 24, 2024.
By. Anubhav, “This Study Claims that AI has Learned How to Deceive Humans”, Gizmo China. News, 2024. [Online]. Available: https://www.gizmochina.com/2024/05/13/ai-deceive-humans-study/. Accessed on: Jun. 24, 2024.
NTUU KPI Igor Sikorsky. (2023, Dec. 29). Order No. NON/393/2023. The Policy of Using Artificial Intelligence for Academic Activities at KPI nam. Igor Sikorsky. [Online]. Available: https://osvita.kpi.ua/node/1225. Accessed on: Jun. 24, 2024.
M. Zatserkivna, “Digitalization of Education and Marketing of Educational Services in the Conditions of the Armed Aggression of the russian federation Against Ukraine”, Digital Platform: Information Technologies in Sociocultural Sphere, vol. 6, iss. 1, pp. 43-52, 2023. doi: https://doi.org/10.31866/2617-796X.6.1.2023.283941.
H. Kuzan, “Digitization of the Educational Process and Distance Learning in Ukraine: Challenges, Problems, Prospects”, Youth & market, no. 9, pp. 107-111, 2022. doi: https://doi.org/10.24919/2308-4634.2022.271161.
Cabinet of Ministers of Ukraine. (2019, Jan. 30). Order no. 56. “Some issues of digital development”. [Online]. Available: https://zakon.rada.gov.ua/laws/show/56-2019-%D0%BF#Text. Accessed on: Jun. 24, 2024.
O. Karpenko, and O. Puchkov, “Modern features of the implementation of the state policy of digital development in Ukraine”, in Proc. Scientific and practical conference “Information and telecommunication systems and technologies and cyber security: new challenges, new tasks”, Kyiv, Ukraine, 2019, pp. 81-85.
O. Kotuha, and Yu. Kotsan-Olynets, “Digitalization of modern higher education: challenges and tasks”, Legal scientific electronic journal, no. 11, pp. 444-447, 2022. doi: https://doi.org/10.32782/2524-0374/2022-11/107. Accessed on: Jun. 24, 2024.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Collection "Information Technology and Security"
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).
