Attack Emulation with Caldera at Seurity Lab Energy

For intrusion detection research, appropriate data is of critical importance. Given that we can hardly find any usable and useful public dataset that fits our application domain and with which we can evaluate and improve our detection methods, we need to resort to attack emulation. For this, we do experiments, on the one hand, on a real energy system (with minimal impact on it), and on the other hand, in a lab environment. With Caldera, we aim to mimic common behaviors of cyber-attackers in our test systems, for data generation.

At the beginning (1-2 months), the supervisor will spend a reasonable amount of time to teach, guide and support the student with the appropriate materials. In this case, the student does not have to spend/waste lots of time for finding the appropriate literature, tutorials. At the end, the student should have a solid understanding of cyber-attacks, and practical experience in implementing attacks and using various tools etc.

Your tasks:
Literature review of major cyber-attacks, APT actors, MITRE ATT&CK matrix
Get familiar with the Caldera attack emulation framework
Implement attack steps listed in the above figures, and be creative
Collect, process and label the generated data