Dockerized Android: a container-based platform to build mobile Android scenarios for Cyber Ranges
Daniele Capone, Francesco Caturano, Angelo Delicato, Gaetano Perrone, Simon Pietro Romano
TL;DR
The paper tackles the absence of mobile device support in Cyber Ranges by introducing Dockerized Android, a container-based framework to safely emulate Android devices for security training. It details a design guided by ten functional and five non-functional requirements and a two-component architecture (Core and UI) that supports emulator or real-device scenarios, ADB control, web-based management, and third-party tool integration. The evaluation demonstrates practical mobile kill-chain scenarios, including an emulator-based Wi‑Fi Baby Monitor vulnerability PoC and a real-device BlueBorne attack, with concrete docker-compose configurations to reproduce complex chains. The work presents Dockerized Android as a scalable, portable platform for conducting sophisticated mobile cyber-attack simulations, while acknowledging current cross-platform limitations and hardware-emulation gaps, and outlining directions for cloud deployment and SDL-based automation.
Abstract
The best way to train people about security is through Cyber Ranges, i.e., the virtual platform used by cyber-security experts to learn new skills and attack vectors. In order to realize such virtual scenarios, container-based virtualization is commonly adopted, as it provides several benefits in terms of performance, resource usage, and portability. Unfortunately, the current generation of Cyber Ranges does not consider mobile devices, which nowadays are ubiquitous in our daily lives. Such devices do often represent the very first entry point for hackers into target networks. It is thus important to make available tools allowing to emulate mobile devices in a safe environment without incurring the risk of causing any damage in the real world. This work aims to propose Dockerized Android, i.e., a framework that addresses the problem of realizing vulnerable environments for mobile devices in the next generation of Cyber Ranges. We show the platform's design and implementation and show how it is possible to use the implemented features to realize complex virtual mobile kill-chains scenarios.