H2020 SPIDER: a cyberSecurity Platform for vIrtualiseD 5G cybEr Range services
New cyber platform to strengthen telecom cyber security
The telecommunications sector is very vulnerable to cyberattacks. Despite billions of euros invested in cybersecurity measures, cyberattack mechanisms are becoming increasingly sophisticated, pervading critical infrastructures. The EU-funded SPIDER project plans to deliver an innovative cyber range platform that extends and combines the capabilities of existing telecommunication testbeds and cyber ranges into a unified facility. The virtual environment will be used for help train information security professionals to deal with real-world incidents, test new security technologies, and support companies in making optimal cybersecurity investment decisions. The gamification feature will make keep training exciting and increase the collaborative ability in handling incidents and defending against cyberattacks.Show the Project Objective
The increasing complexity of the telecommunication domain’s cyber threat landscape intensifies the need for new security solutions and for improving the technical security skills of experts and non-experts in the multi-tenant and multi-service environments coming with the domain’s 5th generation (5G). At the same time, attack mechanisms are increasingly sophisticated, pervading critical infrastructures despite billions of euros invested in cybersecurity measures. To address the above, SPIDER delivers an innovative Cyber Range as a Service platform that extends and combines the capabilities of existing telecommunication testbeds and cyber ranges into a unified facility for (i) testing new security technologies, (ii) training modern cyber defenders in near real-world conditions, and (iii) supporting organisations and relevant stakeholders in making optimal cybersecurity investment decisions. At its core, it is a highly customisable dynamic network modelling instrument that enables real-life virtualisation and real-time emulation of networks and systems. It also offers real-time interaction and information sharing capabilities by acting as a serious gaming repository for multiple stakeholders to share material and maximise efficiency in delivering complex cyber exercises. SPIDER’s gamified learning environment enables trainees to master how to use domain-specific cyber protection technologies and collaboratively improve their ability in handling incidents and risks. Complemented by cyber econometric capabilities, SPIDER also enables users to forecast the evolution of attacks and their associated economic impact through the application of innovative risk analysis methodologies, econometric models and real-time attack emulation. The proposed cyber range model will be validated in five highly realistic pilot use case scenarios aimed at demonstrating its applicability and validity for all requirements of the SU-DS01-2018 Call (simulation, training, and economics).
Our Role in the Project
K3Y’s involvement in the SPIDER Project mainly revolves around 5G cybersecurity training by utilizing human-centric gamification approaches, as well as the usage of novel expert and non-expert training modules. Moreover, the company participates in demonstration and evaluation exercises mainly in cybersecurity testing of 5G-ready applications and network services. In that context, K3Y has developed dockerized cybersecurity training environments, enabling trainees to test their network defense abilities. Communication and networking infrastructures are the pivotal attack targets, which the trainer (typically presumed attacker) tries to compromise and gain access to, whereas the trainee attempts to secure said network against malicious activity. For all tests conducted, fully functional dockerized instances of the targeted software components and infrastructure are created. The attacks simulated by K3Y’s testbeds include: man-in-the-middle attacks, brute force attacks, and multi-step security vulnerability exploit.
Project no. 833685
Type of project: IA – Innovation action
Call identifier: H2020-SU-DS-2018
Topic: SU-DS01-2018 – Cybersecurity preparedness – cyber range, simulation and economics
Duration: 1 July 2019 to 30 June 2022 (36 months)
CORDIS link: https://cordis.europa.eu/project/id/833685
Official Website: https://spider-h2020.eu/