CONCORDIA’s Cyber Security Ecosystem: Virtual Lab, Services and Training

CONCORDIA’s Cyber Security Ecosystem: Virtual Lab, Services and Training

Several activities within CONCORDIA build and improve trusted ecosystems with the goal to provide impact and sustainability for communities. Besides Threat Intelligence Platform and DDoS Clearing House, CONCORDIA‘s ecosystem has this focus by providing lab infrastructures, services, and training.

As CONCORDIA takes a holistic and scalable approach to cyber security, our vision is to provide a common portal via CONCORDIA‘s website at the end of the project. This portal provides access to Cyber Range platforms https://www.concordia-h2020.eu/#cyberrange, (virtual-) labs, and services. All these services are bringing added value to CONCORDIA‘s stakeholders.

We support the development of cyber security solutions by providing the necessary lab infrastructure. Virtual cybersecurity lab’s purpose is to grant access to partners and possibly also to certification bodies. This goal is very tightly connected to the Services and Training activities where several potential labs and solutions (tools) were mapped https://www.concordia-h2020.eu/concordia-service-cybersecurity-tools/.

The listed labs – actually designed for internal posting – are in scope of cyber-security experimentation and research, machine learning, big data, secure data hosting, special malware detection or 5G cellular IoT security features. As a concrete example for virtual labs in operation, the High-Security Laboratory (HSL, UL/Loria) is designed to host decisive research activities in order to make networks, internet exchanges and associated telecommunications equipment safer. It allows to collect and store data while ensuring their confidentiality and integrity, both logically and physically, while offering a safe environment for researchers to work. Usage is free for nonprofit usage (NDA and/or acknowledgement required). Other labs are represented in technologies for Malware, 5G-IOT or open source analytics (partly under construction). Actually, a general solution for remote access is envisaged.

The Training activity aims to develop and continuously evolve cyber range trainings to achieve better automated and custom-tailored training that correspond to the evolving cyber threat landscape. In particular, four joint cyber-security exercises (capture the flag events) have been organized so far by the different partners, where multiple teams can meet and compete to better understand security attacks and better defend against them:

  • CTF, Capture The Flag Event, Kypo Range, Brno, 2019,
  • CTF, The Fifth Element, Munich, Tame Range, 2019,
  • CTF, Capture The Flag Event, Nancy, Diateam Range, 2021,
  • CTF, Cube Apocalypse, Munich, Tame Range, 2021.

Cyber Range Open Format Exchange

Around the KYPO CRP platform https://www.concordia-h2020.eu/blog-post/do-you-need-a-cyber-range-the-kypo-cyber-range-platform-is-now-available-for-free/ , we will exchange content and/or building blocks to improve training scenarios and make them reusable and available to everyone. For that reason, virtual machines, networks, and trainings are entirely described in human-readable data-serialization languages JSON and YAML or used open-source software packer to build virtual machines and ansible for describing machine content. Concordia actually is working on open format – e.g. YAML, Heat template, Ansible, (as in KY-PO above) – across different cyber ranges in and beyond Concordia from different partners as an alternative solution to the cyber range federation concept in other CCN – Cyber Competence Network pilots in order to provide improved trainings to our customers.

Cooperation with the European Education Ecosystem for Cybersecurity on education scenar-ios is ongoing and special workshops actually focus on pentesting exercises and vulnerability testing. In particular, the practical exercises (training and exams) of the MOOC “Becoming a Cyber-security Consultant” have been jointly developed in that context, and are successful running over the KYPO cyber-range remotely for the participants.

Conclusion

CONCORDIA is leading the integration of Europe’s excellent cyber security competencies into the network of expertise to build the European secure, resilient, and trusted ecosystem. We aim to make Europe great in cyber security services: labs, cyber ranges and tools.

The BAdW-LRZ (Bavarian Academy of Sciences and Humanities – Leibniz Supercomputing Centre) actively participates in this project as a Task Leader and contributes in cyber security labs infrastructure and research topics.

(By Reinhard Gloger, BAdW-LRZ)