In today digital landscape, organizations face constantly evolving cyber threats, making it essential to discover slippery attack vectors through novel techniques like Security Chaos Engineering (SCE), which allows teams to test defenses and identify vulnerabilities effectively. This paper proposes to integrate SCE into Breach Attack Simulation (BAS) platforms, leveraging adversary profiles and abilities from existing threat intelligence databases. This innovative proposal for cyberattack simulation employs a structured architecture composed of three layers: SCE Orchestrator, Connector, and BAS layers. Utilizing MITRE Caldera in the BAS layer, our proposal executes automated attack sequences, creating inferred attack trees from adversary profiles. Our proposal evaluation illustrates how integrating SCE with BAS can enhance the effectiveness of attack simulations beyond traditional scenarios, and be a useful component of a cyber defense strategy.
翻译:在当今数字化环境中,组织面临着不断演变的网络威胁,因此必须通过安全混沌工程等新型技术发现隐蔽的攻击向量。该方法使团队能够有效测试防御体系并识别漏洞。本文提出将安全混沌工程整合至入侵攻击模拟平台,利用现有威胁情报数据库中的攻击者画像与能力数据。该创新性网络攻击仿真方案采用三层结构化架构:安全混沌工程编排层、连接层及入侵攻击模拟层。通过在入侵攻击模拟层部署MITRE Caldera系统,本方案可执行自动化攻击序列,并根据攻击者画像生成推理攻击树。评估结果表明,将安全混沌工程与入侵攻击模拟相结合,能够超越传统场景提升攻击仿真的有效性,成为网络防御策略的有益组成部分。