IEEE Access (Jan 2024)

Framework for Network Topology Generation and Traffic Prediction Analytics for Cyber Exercises

  • Dong-Wook Kim,
  • Gun-Yoon Shin,
  • Young-Hoan Jang,
  • Seungjae Cho,
  • Kwangsoo Kim,
  • Jaesik Kang,
  • Myung-Mook Han

DOI
https://doi.org/10.1109/ACCESS.2023.3344170
Journal volume & issue
Vol. 12
pp. 23869 – 23880

Abstract

Read online

Today’s cyber-attacks have become increasingly sophisticated and diverse, targeting systems that hold sensitive information, creating the need for continuous cyber exercise and skill development for cyber professionals. Because cyber exercises require training activities and environments that can support a variety of situations, significant technological efforts have been made to build training environments. In line with technological trends, current cyber exercise simulations are being studied to create various cyber scenarios that can help build an intelligent cyber battlefield using big data and artificial intelligence (AI). This requires a large amount and different types of data for learning, as well as a technical system that can manage and update them periodically. The objective of this study is to develop network topology generation and traffic prediction technologies based on intelligent network traffic analysis and AI models for cyber exercise technology systems. To automate training network scenarios, a path generation technology based on graph theory was developed, and the network environment was analyzed based on the amount of transmission by building a software-defined network capable of analyzing and predicting network traffic. A comparison of AI models such as long short-term memory (LSTM), bidirectional LSTM (BiLSTM), and gated recurrent units (GRU) to predict the amount of transmission showed good performance, with BiLSTM showing a better prediction error. The proposed methodology provides insights that can be used to adjust training scenarios during the network design and operation phases, which is expected to help manage the network, increase efficiency, and address security issues.

Keywords