Cyber-attacks are increasing in both sophistication and scale, revealing the extent at which critical infrastructures and other information and communication systems are exposed. More highly skilled cyber security professionals are needed with a deep understanding of cyber-security to deal with the fast growing number of cyber-threats. Cyber-security education and training are becoming more and more relevant as it is the only way in which such incidents can be prevented and handled adequately. A cyber-range (CR) is the environment in which cyber-security experts and professionals can practice technical and soft skills and be trained —in an isolated virtual environment emulating large-scale complex networks— on how to respond to cyber-attack scenarios within various domains. The more realistic the simulated scenarios, the more prepared the trainees will be to face real-world attacks.
The cyber-space offered by the CR infrastructure recreates the experience of responding to a cyber-attack, by replicating a security operations center environment, an organization’s network and the attack itself. CRs are considered to be the key towards strengthening the robustness and security of critical infrastructures; therefore, it is important that they provide a realistic, diverse, and dynamic simulation environment so as to properly prepare trainees for preventing and responding to all incidents of cyber-attacks. This is an area in which further advancements should be made: the generated scenarios are tightly coupled with the domain being modelled, often not easily modifiable to accommodate changes in an organization’s infrastructure or software and likewise not easily extendable to acquire knowledge regarding newly discovered vulnerabilities, threats and attackers’ tactics, techniques, and procedures. In the era of IoT, these limitations do not allow easy prevention, detection, and mitigation of hybrid attacks spanning many different domains.
This workshop focuses on both research and practical aspects of cyber ranges and aims at addressing the main challenges involved in their development and use in professional cyber security training, as well as in exploring the use of emerging technologies. Aligned with the interdisciplinary nature of cyber security, authors from academia, industry, and government are welcome to contribute.
Prospective authors are encouraged to submit previously unpublished contributions from a broad range of topics, which include but are not limited to the following:
› Cyber range integration and federation
› Emulation and simulation techniques (exercises, architecture, etc.)
› Hybrid system integration
› Emerging technologies in cyber ranges
› Econometric models in cyber security training
› Risk assessment frameworks for training
› Trainee evaluation and situational awareness
› Learning methods in cyber security training certifications
› Serious gaming and visualization
› Cyber-exercises and strategic decision making
Paper submission deadline: April 22 May 27, 2022 AoE
Authors’ notification: May 13 June 23, 2022 AoE
Camera-ready submission: May 27 June 30, 2022 AoE
Early registration deadline: June 24 June 30, 2022 AoE
Workshop date: July 28, 2022
The workshop’s proceedings will be published by IEEE and will be included in IEEE Xplore. The guidelines for authors, manuscript preparation guidelines, and policies of the IEEE CSR conference are applicable to CRST 2022 workshop. Please visit the authors’ instructions page for more details. When submitting your manuscript via the conference management system, please make sure that the workshop’s track 2T2 CRST is selected in the Topic Areas drop down list.
Workshop chairs
Theodora Tsikrika, Centre for Research and Technology (GR)
Angelos Amditis, Institute of Communication and Computer Systems (GR)
George Kokkinis, Center for Security Studies (GR)
Dimitrios Kavallieros, Centre for Research and Technology (GR)
Organizing committee
Xavier Bellekens, Lupovis (UK)
Eleftherios Ouzounoglou, Institute of Communication and Computer Systems (GR)
Egidija Versinskiene, Lithuanian Cybercrime Center of Excellence (LT)
Sotiris Ioannidis, Foundation for Research and Technology – Hellas (GR)
Stefanos Vrohidis, Centre for Research and Technology (GR)
Eleni Darra, Centre for Research and Technology (GR)
Publicity chair
Damir Haskovic, Damir Haskovic, Minds & Sparks GmbH (AT)
Contact us
Program committee
Angelos Amditis, Institute of Communication and Computer Systems (GR)
Thibaud Antignac, French Alternative Energies and Atomic Energy Commission (FR)
Despoina Antonakaki, Foundation for Research and Technology – Hellas (GR)
Xavier Bellekens, Lupovis (UK)
Vasiliki-Georgia Bilali, Institute of Communication and Computer Systems (GR)
Evaldas Bruze, Lithuanian Cybercrime Center of Excellence (LT)
Evangelos Chaskos, University of Peloponnese (GR)
Eleni Darra, Centre for Research and Technology (GR)
Eleni-Constantina Davri, Center for Security Studies (GR)
Paloma de la Vallee, Royal Military Academy (BE)
Fulvio Frati, University of Milan (IT)
Jan Hajny, BRNO University of Technology (CZ)
Sotiris Ioannidis, Foundation for Research and Technology – Hellas (GR)
Paijanen Jani, JAMK University of Applied Sciences (FI)
Dimitrios Kavallieros, Centre for Research and Technology (GR)
George Kokkinis, Center for Security Studies (GR)
Notis Mengidis, Centre for Research and Technology (GR)
Eleftherios Ouzounoglou, Institute of Communication and Computer Systems (GR)
Christos Papachristos, Foundation for Research and Technology – Hellas (GR)
George Papavasiliou, Institute of Communication and Computer Systems (GR)
Theodora Tsikrika, Centre for Research and Technology (GR)
Algimantas Venckauskas, Kaunas University of Technology (LT)
Egidija Versinskiene, Lithuanian Cybercrime Center of Excellence (LT)
Stefanos Vrohidis, Centre for Research and Technology (GR)
Thursday, July 28
12.00–13:20 CET |
Chair: A. Amditis, Institute of Communication and Computer Systems (GR) |
|
|
12.00–12:20 |
Welcome by the CRST Chairs T. Tsikrika, A. Amditis, G. Kokkinis, and D. Kavallieros |
|
12.20–12:40 |
Leveraging cyber ranges for prototyping, certification and training: The ECHO case N. Mengidis, M. Bozhilova, C. Ceresola, C. Colabuono, M. Cooke, G. Depaix, A. Genchev, G. Koykov, W. Mees, M. Merialdo, A. Voulgaridis, T. Tsikrika, K. Votis, and S. Vrochidis |
|
12.40–13:00 |
Design and proof of concept of a prediction engine for decision support during cyber range attack simulations in the maritime domain M. Antonopoulos, G. Drainakis, E. Ouzounoglou, G. Papavassiliou, and A. Amditis |