Automatically generating models of IT systems

Kovačević, Ivan; Groš, Stjepan; Đerek, Ante

izvor podataka: crosbi !

Automatically generating models of IT systems (CROSBI ID 305123)

Prilog u časopisu | izvorni znanstveni rad | međunarodna recenzija

Kovačević, Ivan ; Groš, Stjepan ; Đerek, Ante Automatically generating models of IT systems // IEEE access, 10 (2022), 13536-13554. doi: 10.1109/ACCESS.2022.3147312

Podaci o odgovornosti

Autori

Kovačević, Ivan ; Groš, Stjepan ; Đerek, Ante

Osnovni podaci na izvornom jeziku
Osnovni podaci na ostalim jezicima

Jezik

engleski

Naslov

Automatically generating models of IT systems

Sažetak

Information technology system (ITS), informally, consists of hardware and software infrastructure (e.g., workstations, servers, laptops, installed software packages, databases, LANs, firewalls, etc.), along with physical and logical connections and inter- dependencies between various items. Nowadays, every company owns and operates an ITS, but detailed information about the system is rarely publicly available. However, there are many situations where the availability of such data would be beneficial. For example, cyber ranges need descriptions of complex realistic IT systems in order to provide an effective training and education platform. Furthermore, various algorithms in cybersecurity, in particular attack tree generation, need to be validated on realistic models of IT systems. In this paper, we describe a system we call the Generator that, based on the high-level requirements such as the number of employees and the business area the target company belongs to, generates a model of an ITS that satisfies the given requirements. We put special emphasis on the following two criteria: the generated ITS models a large amount of details, and ideally resembles a real system. Our survey of related literature found no sufficiently similar prior works, so we believe that this is the first attempt of building something like this. We created a proof-of-concept implementation of the Generator, validated it by generating ITS models for a simplified fictional financial institution, and analyzed the Generators performance with respect to the problem size. The research was done in an iterative manner, with coauthors continuously providing feedback on intermediate results. The conducted experiments show that our approach is feasible. In the future, we intend to extend this prototype to allow probabilistic generation of IT systems when only a subset of parameters is explicitly defined, and further develop and validate our approach with the help of domain experts.

Ključne riječi

cybersecurity , cyber range , information technology system, Generators , Information technology , Computational modeling , Companies , Workstations , Prototypes , Licenses

Napomena

nije evidentirano

Jezik

nije evidentirano

Naslov

nije evidentirano

Sažetak

nije evidentirano

Ključne riječi

nije evidentirano

Napomena

nije evidentirano

Podaci o izdanju

Časopis

IEEE access

Volumen (broj)

Godina

2022.

Stranice rada

13536-13554

Status objave rada

objavljeno

e-ISSN

2169-3536

DOI

10.1109/ACCESS.2022.3147312

Povezanost rada

Povezane osobe

Ivan Kovačević (autor/i)

Stjepan Groš (autor/i)

Ante Đerek (autor/i)

Povezane ustanove

Fakultet elektrotehnike i računarstva (036) (autorova ustanova)

Područje

Računarstvo

Poveznice

doi.org

arxiv.org

ieeexplore.ieee.org

Indeksiranost

Scopus

Current Contents Connect (CCC)

Web of Science Core Collection, Science Citation Index Expanded (WoSCC-SCI-Exp)

Web of Science Core Collection, SCI-Exp, SSCI & A&HCI (WoSCC-SCI-Exp, SSCI, A&HCI)