VulnerVAN: A Vulnerable Network Generation Tool

Cyber training, security testing, and research and development activities are vital to improve the security posture of a network. Currently, many institutions use cyber security testbeds to conduct these activities in an isolated virtual environment. One of the important requirements for such an environment is to provide organizers (or experimenters) with a library of vulnerable network scenarios and capabilities to mount attacks against them. However, the task of preparing a vulnerable network scenario in current testbed environments is costly in time and labor, requires significant support from the testbed staff. To this end, we present a toolset called VulnerVAN that creates a vulnerable network scenario to realize an attack sequence. In this paper, we discuss the design of VulnerVAn - our proof-of-concept implementation on CyberVAN - and present a new high-level attack specification language that enables users to chain attack steps into an attack sequence. For a given attack sequence and network scenario, VulnerVAN identifies all possible attack paths through the network that can realize the attack sequence, and provides instructions to configure machines on an attack path selected by the user. VulnerVAn also provides an attack blueprint that can guide a Red team or an automated attacker to execute the attack sequence. To demonstrate VulnerVAN's capability, we consider the use-case of a typical data exfiltration attack sequence conducted by APTs and study the performance of VulnerVAn in mapping the attack sequence to different networks.