RED-Scenario: A Resource-Efficient Deployment Framework for Scenarios through Dependency Package Management

Cyber range, a simulation platform, replicates real-world communication systems. It can provide realistic, controlled scenarios that accurately mirror network attacks for training cybersecurity personnel. However, developing scenarios within the cyber range requires significant expert experience and computational resources, rendering the process both challenging and costly. Although many studies aim to reduce deploying scenario costs using system-level mitigation strategies, there remains a gap in application-level optimizations, particularly those that optimize installation package resource consumption. In deploying application-level scenarios, third-party packages are essential components but often face challenges due to inconsistent version reliability. The situation results in failed downloads and installations, ultimately consuming time and resources. To address the above problem, this article presents RED-Scenario, a resource-efficient deployment framework for scenarios through dependency package management. RED-Scenario revolutionizes application-level scenario deployment by automatically verifying package feasibility, intricately constructing a comprehensive package knowledge graph, and optimizing dependency trees with search algorithms and merge strategies. It enables the efficient, error-free deployment of vulnerable applications, reducing the time experts spend on scenario deployment. Meanwhile, it effectively lowers both communication overhead and storage requirements. To validate the effectiveness and scalability of RED-Scenario, we conduct an empirical study on vulnerable packages and regular applications written in Python and Node.js. RED-Scenario can automate the downloading and installation process for vulnerable packages, achieving a 71 percent success rate for Python packages and an impressive 85 percent for Node.js packages. Concurrently, RED-Scenario significantly reduces package sizes, shrinking vulnerable Python packages by 10.87× and Node.js packages by 2.33×. As for regular applications, it saves an average of 27.02 percent of the original size for Python and 81.47 percent for Node.js. These findings indicate that the RED-Scenario is a valuable auxiliary framework for scenario deployments.