Analyzing constraints in ACO Gyms and implementing your own security scenario

The article examines the existing autonomous training environments for training information security agents and identifies their current functional capabilities and limitations. Objectives. Introduction to the basic concepts and definitions of automated information security. Identifying the key drawbacks of existing solutions. Development of a new training scenario based on the CybORGACO Gym. Evaluation and description of the scenario creation process based on the CybORGACO Gym, creation of recommendations for further correction of the functionality of the new scenario implementation. Making recommendations for further research and development of ACO Gyms aimed at increasing their effectiveness in corporate and research terms in the context of constantly evolving cyber threats. Methods. Collecting and analyzing information about the functionality, architecture, and functionality of popular platforms. An analytical method, an experiment to create your own script based on CybORG. Conducting a comparative analysis of key parameters. Analysis of the practical application of the platforms in terms of their corporate and user use. Systematization of the identified shortcomings during the analysis to determine the requirements for improvements. Making recommendations for further research and improvement of ACO Gyms. Results. A comparative analysis of five popular platforms was carried out: Farland, NASimEmu, Yawning Titan, CybORG and CAGE Challenge. Identification and suggestion of improvement vectors for the shortcomings of current platforms for training information security agents. The structure of ACO Gyms has been analyzed, and a study has been conducted on their functionality and capabilities provided for other developers. The basic concepts and definitions of automated information security are outlined. A custom script based on the CybORG framework has been developed and implemented to study the process of working with the functionality of creating a new script. The vector of further improvements in the existing functionality has been determined in order to use these platforms not only for academic purposes, but also at the corporate and user levels. Conclusions. An analysis of the existing ACO Gyms has confirmed that the existing platforms do not fully meet the requirements of modern information security challenges, especially in the context of rapidly evolving cyberattacks. The article offers a new framework for the further development of ACO Gyms, which can be expanded to take into account future threats and challenges in the field of information security.