In this paper we propose a novel way of deploying vulnerable architectures for defense and research purposes, which aims to generate deception platforms based on the formal description of a scenario. An attack scenario is described by an attack graph in which transitions are labeled by ATT&CK techniques or procedures. The state of the attacker is modeled as a set of secrets he acquires and a set of nodes he controls. Descriptions of a single scenario on a technical level can then be declined into several different scenarios on a procedural level, and each of these scenarios can be deployed into its own vulnerable architecture. To achieve this goal we introduce the notion of architecture constraints, as some procedures may only be exploited on system presenting special properties, such as having a specific operating system version. Finally, we present our deployment process for converting one of these scenarios into a vulnerable infrastructure, and offer an online proof of concept demonstration of our tool, where readers may deploy locally deploy a complete scenario inspired by the threat actor APT-29.

翻译：本文提出了一种用于防御和研究目的的脆弱架构部署新方法，旨在基于场景的形式化描述生成欺骗平台。攻击场景由攻击图描述，其中转换过程通过ATT&CK技术或程序进行标注。攻击者的状态被建模为其获取的秘密集合和其控制的节点集合。在技术层面上对单一场景的描述可被细化为程序层面上的多个不同场景，每个场景均可部署到其自身的脆弱架构中。为实现这一目标，我们引入了架构约束的概念，因为某些程序仅能在具备特定属性（如特定操作系统版本）的系统中被利用。最后，我们展示了将这些场景转化为脆弱基础设施的部署流程，并提供了工具的在线概念验证演示，读者可基于威胁行为体APT-29启发的完整场景进行本地部署。