Alpaca: Building dynamic cyber ranges with procedurally-generated vulnerability lattices

Abstract

Developing cyber ranges for cybersecurity penetration testing and capture-the-flag challenges is normally a time-consuming process. A good cyber range challenges practitioners to find obscure paths to break into a system. The cyber range should encourage a “graph thinking” mindset, in which the attacker approaches the challenge from a variety of directions that may involve multiple steps before escalating privileges and solving the challenge. However, developing cyber ranges usually requires significant time and effort, and the solutions of many pre-made cyber ranges have already been published. We have developed Alpaca, a system that generates complex cyber ranges according to user-specified constraints. Using an AI planning engine and a database of vulnerabilities and machine configurations, the system is able to generate “vulnerability lattices,” that is, sequences of vulnerabilities and exploits that achieve a user-specified goal. Alpaca also generates working virtual machines that include the vulnerabilities in the lattice. Constraints may be specified to require Alpaca to generate cyber ranges with a minimum or maximum complexity or require that certain vulnerabilities must be used to exploit the cyber range.