ABSTRACT
The cybersecurity landscape is undergoing a significant transformation, driven by the escalating sophistication and prevalence of cyber threats. Traditional defensive measures, focused on detection and prevention, are no longer sufficient to combat these evolving threats. To address this challenge, a more comprehensive strategy is required, incorporating advanced cybersecurity measures such as artificial intelligence (AI)-powered attack modelling and simulation tools. This review paper presents a thorough examination of existing attack simulators, analysing their capabilities, limitations, and applications in AI-driven cybersecurity. Our systematic review of 25 attack simulators reveals a predominant focus on network-based attacks, with limited coverage of endpoint, cloud, or IoT attacks. AI-powered simulators demonstrate enhanced accuracy and efficiency in predicting attack vectors and identifying vulnerabilities. However, current simulators lack realistic user behaviour modelling, hindering the accuracy of attack simulations. Furthermore, integration with existing security tools and frameworks is crucial for effective attack simulation and remediation.Our review highlights the need for holistic attack simulators addressing diverse attack types and vectors, enhanced AI-powered simulation capabilities for improved accuracy and efficiency, realistic user behaviour modelling to simulate real-world attack scenarios, and standardized evaluation metrics for attack simulators to ensure comparability and effectiveness. This review serves as a foundation for future research in AI-powered attack modelling and simulation, providing valuable insights for cybersecurity professionals seeking to enhance their defences against evolving cyber threats, researchers exploring innovative approaches to cybersecurity, and organizations aiming to bolster their cybersecurity posture.
References
[1] Abomhara, M., & Køien, G. M. (2015). Cyber security and the internet of things: vulnerabilities, threats, intruders and attacks. Journal of Cyber Security and Mobility, 65-88.
[2] Abrahams, T. O., Ewuga, S. K., Dawodu, S. O., Adegbite, A. O., & Hassan, A. O. (2024). A review of cybersecurity strategies in modern organizations: examining the evolution and effectiveness of cybersecurity measures for data protection. Computer Science & IT Research Journal, 5(1), 1-25.
[3] Adelaiye, O. I., Showole, A., & Faki, S. A. (2018). Evaluating advanced persistent threats mitigation effects: a review. International Journal of Information Security Science, 7(4), 159-171.
[4] Afreen, A., Aslam, M., & Ahmed, S. (2020, October). Analysis of fileless malware and its evasive behavior. In 2020 International Conference on Cyber Warfare and Security (ICCWS) (pp. 1-8). IEEE.
[5] Aggarwal, R., Mytton, O. T., Derbrew, M., Hananel, D., Heydenburg, M., Issenberg, B., … & Reznick, R. (2010). Training and simulation for patient safety. BMJ Quality & Safety, 19(Suppl 2), i34-i43.
[6] Agrafiotis, I., Nurse, J. R., Goldsmith, M., Creese, S., & Upton, D. (2018). A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate. Journal of Cybersecurity, 4(1), tyy006.
[7] Agrawal, N., & Tapaswi, S. (2019). Defense mechanisms against DDoS attacks in a cloud computing environment: State-of-the-art and research challenges. IEEE Communications Surveys & Tutorials, 21(4), 3769-3795.
[8] Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: towards an organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 25, 357-370.
[9] Ahmad, A., Maynard, S. B., Desouza, K. C., Kotsias, J., Whitty, M. T., & Baskerville, R. L. (2021). How can organizations develop situation awareness for incident response: A case study of management practice. Computers & Security, 101, 102122.
[10] Aïmeur, E., & Schőnfeld, D. (2011, July). The ultimate invasion of privacy: Identity theft. In 2011 Ninth Annual International Conference on Privacy, Security and Trust (pp. 24-31). IEEE.
[11] Ajala, O. A., Okoye, C. C., Ofodile, O. C., Arinze, C. A., & Daraojimba, O. D. (2024). Review of AI and machine learning applications to predict and Thwart cyber-attacks in real-time. Magna Scientia Advanced Research and Reviews, 10(1), 312-320.
[12] Ajmal, A. B., Shah, M. A., Maple, C., Asghar, M. N., & Islam, S. U. (2021). Offensive security: Towards proactive threat hunting via adversary emulation. IEEE Access, 9, 126023-126033.
[13] Alabady, S. A., Al-Turjman, F., & Din, S. (2020). A novel security model for cooperative virtual networks in the IoT era. International Journal of Parallel Programming, 48(2), 280-295.
[14] AlDaajeh, S., Saleous, H., Alrabaee, S., Barka, E., Breitinger, F., & Choo, K. K. R. (2022). The role of national cybersecurity strategies on the improvement of cybersecurity education. Computers & Security, 119, 102754.
[15] Alizadeh, R., Lund, P. D., Beynaghi, A., Abolghasemi, M., & Maknoon, R. (2016). An integrated scenario-based robust planning approach for foresight and strategic management with application to energy industry. Technological Forecasting and Social Change, 104, 162-171.
[16] Aljohani, A. (2023). Predictive analytics and machine learning for real-time supply chain risk mitigation and agility. Sustainability, 15(20), 15088.
[17] Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. (2019). A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Communications Surveys & Tutorials, 21(2), 1851-1877.
[18] Althobaiti, K., Jenkins, A. D., & Vaniea, K. (2021). A case study of phishing incident response in an educational organization. Proceedings of the ACM on Human-Computer Interaction, 5(CSCW2), 1-32.
[19] Ande, R., Adebisi, B., Hammoudeh, M., & Saleem, J. (2020). Internet of Things: Evolution and technologies from a security perspective. Sustainable Cities and Society, 54, 101728.
[20] Ani, U. D., He, H., & Tiwari, A. (2019). Human factor security: evaluating the cybersecurity capacity of the industrial workforce. Journal of Systems and Information Technology, 21(1), 2-35.
[21] Anisetti, M., Ardagna, C., Cremonini, M., Damiani, E., Sessa, J., & Costa, L. (2020). Security threat landscape. White Paper Security Threats.
[22] Apruzzese, G., Andreolini, M., Ferretti, L., Marchetti, M., & Colajanni, M. (2022). Modeling realistic adversarial attacks against network intrusion detection systems. Digital Threats: Research and Practice (DTRAP), 3(3), 1-19.
[23] Armenia, S., Angelini, M., Nonino, F., Palombi, G., & Schlitzer, M. F. (2021). A dynamic simulation approach to support the evaluation of cyber risks and security investments in SMEs. Decision Support Systems, 147, 113580.
[24] Asghar, M. R., Hu, Q., & Zeadally, S. (2019). Cybersecurity in industrial control systems: Issues, technologies, and challenges. Computer Networks, 165, 106946.
[25] Ashtiani, M., & Abdollahi Azgomi, M. (2014). A distributed simulation framework for modeling cyber attacks and the evaluation of security measures. Simulation, 90(9), 1071-1102.
[26] Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333.
[27] Baccelli, E. (2021). Internet of Things (IoT): Societal Challenges & Scientific Research Fields for IoT.
[28] Bahrami, P. N., Dehghantanha, A., Dargahi, T., Parizi, R. M., Choo, K. K. R., & Javadi, H. H. (2019). Cyber kill chain-based taxonomy of advanced persistent threat actors: Analogy of tactics, techniques, and procedures. Journal of information processing systems, 15(4), 865-889.
[29] Bajaj, S., Breslau, L., Estrin, D., Fall, K., Floyd, S., Haldar, P., … & Zappala, D. (1999). Improving simulation for network research. Technical Report 99-702b, University of Southern California.
[30] Bécue, A., Praça, I., & Gama, J. (2021). Artificial intelligence, cyber-threats and Industry 4.0: Challenges and opportunities. Artificial Intelligence Review, 54(5), 3849-3886.
[31] Behal, S., & Kumar, K. (2017). Characterization and Comparison of DDoS Attack Tools and Traffic Generators: A Review. Int. J. Netw. Secur., 19(3), 383-393.
[32] Bellardo, J., & Savage, S. (2003). 802.11 {Denial-of-Service} attacks: Real vulnerabilities and practical solutions. In 12th USENIX security symposium (USENIX Security 03).
[33] Beloglazov, A., Abawajy, J., & Buyya, R. (2012). Energy-aware resource allocation heuristics for efficient management of data centers for cloud computing. Future generation computer systems, 28(5), 755-768.
Download all article in PDF