CyTrONE is a cybersecurity training framework that aims to simplify the training setup process through an approach that integrates training content and training environment management. CyTrONE is being developed by the Cyber Range Organization and Design (CROND) NEC-endowed chair at the Japan Advanced Institute of Science and Technology (JAIST).
An overview of CyTrONE is provided below. Based on input from the training organizer and a training database, CyTrONE uploads the training content to a Learning Management System (LMS) via the helper tool called CyLMS, and also creates the associated training environment via the cyber range instantiation system called CyRIS, both developed by CROND as well. Trainees can then access the LMS to consult the training content, connect to the cyber range to conduct the necessary investigation, and then provide the answers via the LMS.
Next we provide brief information on the prerequisites for running CyTrONE, on how to setup, and on how to use CyTrONE. Please refer to the accompanying User Guide for details.
The following steps must be carried out before using CyTrONE:
- Install the Moodle LMS on the host used as training content server; please refer to the relevant documentation for details. https://moodle.org/
- Install the CyLMS cybersecurity training support tools for LMS on the same host where Moodle is installed; please refer to the CyLMS User Guide for details. https://github.com/crond-jaist/cylms/
- Install the CyRIS cyber range instantiation system on the hosts used for cyber range creation; please refer to the CyRIS User Guide for details. https://github.com/crond-jaist/cyris/
- Install the Web-based UI for CyTrONE; please refer to the corresponding user guide. https://github.com/crond-jaist/cytrone-ui-web
To setup CyTrONE follow the steps below:
- Extract the CyTrONE archive to the hosts to manage the training and
to run Moodle. The archive includes the following sub-directories:
code/
: Framework source code written in Python.scripts/
: Helper scripts for managing and using CyTrONE.database/
: Sample training content for CyTrONE.
- Configure the helper scripts according to the actual setup (see the
files for details):
start_cytrone.sh
,stop_cytrone.sh
: To start and stop CyTrONE modules (and ssh tunnels if a gateway is used).create_training.sh
,end_training.sh
,get_sessions.sh
: To create and end training sessions, as well as get active session information.
Note that the following software is required to run CyTrONE (some of these requirements are shared with CyLMS and CyRIS):
- Python: Currently using version 2.7 on Ubuntu OS;
- PyYAML: Library for handling YAML files;
- PassLib: Library for handling passwords.
We provide next the basic steps necessary for using CyTrONE:
-
Start all the CyTrONE modules.
$ ./start_cytrone.sh
-
Create a new training session by running the command below and selecting one of the pre-configured menu choices displayed (these choices can be customized by modifying the script itself).
$ ./create_training.sh
-
Information about how to access the created cyber range will be displayed (and trainees must be provided with the details regarding the instance allocated to each of them). Verify that the cyber range is accessible and that training content is displayed in the Moodle LMS.
-
End the training session (assuming that the session id is 1).
$ ./end_training.sh 1
-
Stop all the CyTrONE modules (when training activities are finished).
$ ./stop_cytrone.sh
For a research background regarding CyTrONE, please refer to the following paper:
- R. Beuran, C. Pham, D. Tang, K. Chinen, Y. Tan, Y. Shinoda, "CyTrONE: An Integrated Cybersecurity Training Framework", International Conference on Information Systems Security and Privacy (ICISSP 2017), Porto, Portugal, February 19-21, 2017, pp. 157-166.
For the list of contributors, please check the file CONTRIBUTORS.