Journal
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
Volume 20, Issue 2, Pages 1596-1608Publisher
IEEE COMPUTER SOC
DOI: 10.1109/TDSC.2022.3160792
Keywords
Servers; Computational modeling; Planning; Databases; Proposals; Automation; Manuals; Network-level security and protection; security and protection; machine learning
Ask authors/readers for more resources
This article introduces the red team emulation tool Lore, which uses boolean logic and trained models to automatically select and execute red team actions. Lore improves the current state of red team automation and provides a more fun and educational experience compared to manual red teaming in cyber defence exercises. Empirical tests show that Lore's trained models result in double the compromised machines compared to expert-defined models and five times more compromised machines compared to random action selection.
This article presents the red team emulation tool Lore, which uses boolean logic and trained models to automatically select and execute red team actions. Lore improves the current state of red team automation, and is the first such tool shown to provide a more fun and educational experience than a manual red team during a cyber defence exercise. In addition to the cyber defence exercise, empirical tests are performed to examine the accuracy of Lore's trained models. The results show that application of these models lead to two times more compromised machines than when applying expert-defined models, and five times more compromised machines than when randomly selecting actions.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available