Simulating Cyberattacks through a Breach Attack Simulation (BAS) Platform empowered by Security Chaos Engineering (SCE)

• URL: http://arxiv.org/abs/2508.03882v1
• Date: Tue, 05 Aug 2025 19:52:57 GMT
• Title: Simulating Cyberattacks through a Breach Attack Simulation (BAS) Platform empowered by Security Chaos Engineering (SCE)
• Authors: Arturo Sánchez-Matas, Pablo Escribano Ruiz, Daniel Díaz-López, Angel Luis Perales Gómez, Pantaleone Nespoli, Gregorio Martínez Pérez,
• Abstract summary: Security Chaos Engineering (SCE) allows teams to test defenses and identify vulnerabilities effectively.<n>This paper proposes to integrate SCE into Breach Attack Simulation platforms, leveraging adversary profiles and abilities from existing threat intelligence databases.
• Score: 1.055551340663609
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: In today digital landscape, organizations face constantly evolving cyber threats, making it essential to discover slippery attack vectors through novel techniques like Security Chaos Engineering (SCE), which allows teams to test defenses and identify vulnerabilities effectively. This paper proposes to integrate SCE into Breach Attack Simulation (BAS) platforms, leveraging adversary profiles and abilities from existing threat intelligence databases. This innovative proposal for cyberattack simulation employs a structured architecture composed of three layers: SCE Orchestrator, Connector, and BAS layers. Utilizing MITRE Caldera in the BAS layer, our proposal executes automated attack sequences, creating inferred attack trees from adversary profiles. Our proposal evaluation illustrates how integrating SCE with BAS can enhance the effectiveness of attack simulations beyond traditional scenarios, and be a useful component of a cyber defense strategy.

Related papers

• CyGATE: Game-Theoretic Cyber Attack-Defense Engine for Patch Strategy Optimization [73.13843039509386]
  This paper presents CyGATE, a game-theoretic framework modeling attacker-defender interactions.<n>CyGATE frames cyber conflicts as a partially observable game (POSG) across Cyber Kill Chain stages.<n>The framework's flexible architecture enables extension to multi-agent scenarios.
  arXiv  Detail & Related papers  (2025-08-01T09:53:06Z)
• CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
  This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
  arXiv  Detail & Related papers  (2025-07-19T20:09:52Z)
• CyGym: A Simulation-Based Game-Theoretic Analysis Framework for Cybersecurity [23.264130153035794]
  We introduce a novel cybersecurity encounter simulator between a network defender and an attacker.<n>Our simulator, built within the OpenAI Gym framework, incorporates realistic network topologies, vulnerabilities, exploits (including-zero-days) and defensive mechanisms.<n>We use our simulator and associated game-theoretic framework to analyze the Volt Typhoon advanced persistent threat (APT)
  arXiv  Detail & Related papers  (2025-06-26T18:15:18Z)
• CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
  Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
  arXiv  Detail & Related papers  (2025-06-12T12:22:45Z)
• Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report [50.268821168513654]
  We present Foundation-Sec-8B, a cybersecurity-focused large language model (LLMs) built on the Llama 3.1 architecture.<n>We evaluate it across both established and new cybersecurity benchmarks, showing that it matches Llama 3.1-70B and GPT-4o-mini in certain cybersecurity-specific tasks.<n>By releasing our model to the public, we aim to accelerate progress and adoption of AI-driven tools in both public and private cybersecurity contexts.
  arXiv  Detail & Related papers  (2025-04-28T08:41:12Z)
• OCCULT: Evaluating Large Language Models for Offensive Cyber Operation Capabilities [0.0]
  We demonstrate a new approach to assessing AI's progress towards enabling and scaling real-world offensive cyber operations.<n>We detail OCCULT, a lightweight operational evaluation framework that allows cyber security experts to contribute to rigorous and repeatable measurement.<n>We find that there has been significant recent advancement in the risks of AI being used to scale realistic cyber threats.
  arXiv  Detail & Related papers  (2025-02-18T19:33:14Z)
• AI-based Attacker Models for Enhancing Multi-Stage Cyberattack Simulations in Smart Grids Using Co-Simulation Environments [1.4563527353943984]
  The transition to smart grids has increased the vulnerability of electrical power systems to advanced cyber threats.<n>We propose a co-simulation framework that employs an autonomous agent to execute modular cyberattacks.<n>Our approach offers a flexible, versatile source for data generation, aiding in faster prototyping and reducing development resources and time.
  arXiv  Detail & Related papers  (2024-12-05T08:56:38Z)
• Countering Autonomous Cyber Threats [40.00865970939829]
  Foundation Models present dual-use concerns broadly and within the cyber domain specifically. Recent research has shown the potential for these advanced models to inform or independently execute offensive cyberspace operations. This work evaluates several state-of-the-art FMs on their ability to compromise machines in an isolated network and investigates defensive mechanisms to defeat such AI-powered attacks.
  arXiv  Detail & Related papers  (2024-10-23T22:46:44Z)
• From Sands to Mansions: Towards Automated Cyberattack Emulation with Classical Planning and Large Language Models [10.557417449327868]
  There is a pressing need for a comprehensive and up-to-date cyberattack dataset to support threat-informed defense.<n>We propose Aurora, a system that autonomously emulates cyberattacks using third-party attack tools and threat intelligence reports.<n>We utilize Aurora to create a dataset containing over 1,000 attack chains.
  arXiv  Detail & Related papers  (2024-07-24T01:33:57Z)
• CARACAS: vehiCular ArchitectuRe for detAiled Can Attacks Simulation [37.89720165358964]
  This paper showcases CARACAS, a vehicular model, including component control via CAN messages and attack injection capabilities. CarACAS showcases the efficacy of this methodology, including a Battery Electric Vehicle (BEV) model, and focuses on attacks targeting torque control in two distinct scenarios.
  arXiv  Detail & Related papers  (2024-06-11T10:16:55Z)
• Strategic Deployment of Honeypots in Blockchain-based IoT Systems [1.3654846342364306]
  It introduces an AI-powered system model for the dynamic deployment of honeypots, utilizing an Intrusion Detection System (IDS) integrated with smart contract functionalities on IoT nodes. The model enables the transformation of regular nodes into decoys in response to suspicious activities, thereby strengthening the security of BIoT networks.
  arXiv  Detail & Related papers  (2024-05-21T17:27:00Z)
• Looking Beyond IoCs: Automatically Extracting Attack Patterns from External CTI [3.871148938060281]
  LADDER is a framework that can extract text-based attack patterns from cyberthreat intelligence reports at scale. We present several use cases to demonstrate the application of LADDER in real-world scenarios.
  arXiv  Detail & Related papers  (2022-11-01T12:16:30Z)
• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS [70.60975663021952]
  We study blackbox adversarial attacks on network classifiers. We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions. We show that a continual learning approach is required to study attacker-defender dynamics.
  arXiv  Detail & Related papers  (2021-11-23T23:42:16Z)
• The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
  We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems. In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
  arXiv  Detail & Related papers  (2021-06-26T10:50:07Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.