A multistage cyber-attack simulator to generate a new dataset

In the field of cyber defense, researchers always suffer from the lack of a proper dataset to evaluate their proposed theories and methods. Unfortunately, in the various datasets existing in cyber defense scope, the ground truth is ambiguous, and the scenarios used by the attackers to carry out the attacks are unclear. This will lead to a serious challenge to the verification of methods and researches in this area. In this paper, a method is proposed by which a new database can be generated with the explisit ground truth and predetermined scenarios for multistage cyber attacks. In this method, a cyber attack guidance template is used to determine the various stages of the attacks and an attack scenario generator is also used to determine the scenarios used by simulated attackers. Network topology is considered as input, and random variables are used to create variety in simulator performances. Also, in the proposed method, various techniques such as fuzzy c-means for clustering, and artificial neural networks for classification are used. To set the simulator parameters, the CDX dataset is used and its ability to create a new dataset of multistage cyber attacks is well illustrated. To evaluate the proposed method, scoring by SME's is used, and finally with the mean score of 90.7, it had been approved.