Large-scale Testbed and Cyber Range Organiza6on and Design...Razvan Beuran, Ken-ichi Chinen CYBER...
19
Large-scale Testbed and Cyber Range Organiza6on and Design Razvan Beuran, Ken-ichi Chinen CYBER RANGE ORGANIZATION AND DESIGN
Transcript of Large-scale Testbed and Cyber Range Organiza6on and Design...Razvan Beuran, Ken-ichi Chinen CYBER...
-
Large-scaleTestbedandCyberRangeOrganiza6onandDesign
RazvanBeuran,Ken-ichiChinen
CYBER RANGE ORGANIZATION AND DESIGN
-
Outline
1. Mo9va9on&overview2. MakinguseofStarBED3. Casestudies4. Summary
2
-
Mo9va9on
• PeoplehavebecomemoreandmorereliantontheInternet– Aworldinwhichdevicesandpeopleareallconnectedtogether:theInternetofThings(IoT)
• Networkcommunica9onmakeslifemoreconvenient,butitalsoexposesuserstocybersecurityrisks,suchasmalware,phishing– Itisnecessarytoconductcybersecurityeduca9onandtrainingasweperformatJAIST
3
-
Cyberrange
• Environmentforcybersecuritytraining– Facilitateslearninganduseofprac9calskills
High-levelskills
Mid-levelskills
Low-levelskills
ITspecialists
Securityexperts
Endusers
Securitytraining
Securityawareness
training
4
-
CyberRangeOrganiza9onandDesign
• NECendowedchairatJAIST– 3yearperiodstar9nginFY2015
• Twomaindirec9ons– Cyberrangearchitectureanddesign
• Developtechnologiesandframeworks– Cybersecurityeduca9onprogramsandcourses
• Developcurriculum,trainingmaterials
5
-
MakinguseofStarBED
• Implementa9onandexecu9onofcyberranges,experiments,etc.
6
-
ForIT&securityprofessionals
• Usecyberrangestoacquiretheprac9calskillsforproperlyhandlingsecurityincidents
CyberRangeConfigura6on
CyberRangeInstan6a6on
CyberRange
UserInput
IncidentDatabase
CYBERRANGECREATIONFRAMEWORK
7
-
Forregularcomputerusers
• Useac9veeduca9ontogainawarenessofpoten9alcybersecurityrisks
E-learning
Role-playinggames
Prac9calskills
Preven9onreadiness
8
-
Networkemula9on
• Usenetworkemula9ontoassessapplica9onsandprotocolsfromtheperspec9veofcybersecurityrisks
Networkemula3onframework:NERVF
9
-
IoTexperiments
• ThoroughexperimentsarerequiredtomakesureIoTtechnologiesareopera9ngsafely
FPGA-basedpropaga3onemulator:StarWave802.15.4support(ongoingdevelopment)
10
-
Casestudies
• SANSNetWarsCon9nuous– OnlinetrainingprogramofSANSIns9tute– 5levelstobetackledduring4months– Topics
• VulnerabilityAssessment• PacketAnalysis• Penetra9onTes9ng• SystemHardening• MalwareAnalysis• DigitalForensicsandIncidentResponse
11
-
Levels1&2:Summary• Level1
– Analyzetheconfigura9onofalocalmachinetofindsecurityflaws– Evaluatebrowserforensicar9facts,commandshellhistory,document
metadata,andmalwaretodiscovercrucialevidence– Analyzepacketsforevidenceofaeacks– Determinehowanaeackerpivotedthroughthenetworktogain
accesstoatargetmachine• Level2
– Analyzeandisolatepersistent,evasivemalware– Analyzeasystemtodetermineandthwartaeackers'techniques– Reconstructnetworktopologiesandaeackevidencefrompacket
capturefiles– Cracklocalpasswordsandwirelesscryptokeys– WorkwithSQLdatabasestofindsecurityflawsandevidence
12
-
Levels1&2:Breakdown
# of Questions Points0
5
10
15
20
25
30SANS NetWars Continuous -- Level 1
OSNetwork
# of Questions Points0
5
10
15
20
25
30
35
40SANS NetWars Continuous -- Level 2
OSNetworkCryptographyImageDatabaseProgramming
TotalQues9ons:23TotalPoints:58
TotalQues9ons:18TotalPoints:77
-
Securityawarenesstraining
• Designsecurityawarenesstrainingplahorm– Testbasicsecurityskillsinaprac9calmanner– Focusonsocialengineeringaeackpreven9on
• Useconceptofgamifica9on(seriousgames)– Engageusersthroughemo9ons,compe99vebehavior,etc.
– Incorporatesocialandrewardaspectsofgames– Makeeduca9onandtrainingmoreeffec9ve
14
-
hep://www.social-engineer.org/social-engineering/social-engineering-infographic/April28,2014
15
-
Gameidea
• Examplestoryline(fragment)– Gotooffice– Meetpersoninelevator– He/shedropsUSBmemory– Inves9gateUSBmemory
• Testedskills– PickupUSBmemory?InsertitinPC?– OpenfileonUSBmemory?– Clickonlinkinemailfromperson?
16
-
Implementa9ontool
• Twine:open-sourcetoolfortellinginterac9ve,nonlinearstories(hep://twinery.org/)– Storiescanbeextendedwithvariables,condi9onallogic,images,CSS,andJavaScript
– PublishdirectlytoHTML– Stand-aloneorbrowserinterface
– UsedbyRPGresearchersforgameprototyping
17
-
Summary• Weaddresstheneedforcybersecurityeduca9onandtraining throughcyberranges– CyberRangeOrganiza9onandDesign(NECendowedchair)@JAIST
– Architectureanddesignofcyberranges– Educa9onprogramsandcourses
• StarBEDistheinfrastructurefortheimplementa9onandexecu9onofcyberranges– AlreadyusedbyCYDER,SecCapandHardeningtrainingprograms
– Alsousedfornetworkemula9onexperiments
18
-
THANKYOU!
19
![Technical Requirements of Experiment Support Software for ... · supporting software such as PlanetLab Central (PLC) and CoDeploy[6], while StarBED has SpringOS[7],[8],[9]. SpringOS](https://static.fdocuments.us/doc/165x107/60154dbfe2024b42a05398bb/technical-requirements-of-experiment-support-software-for-supporting-software.jpg)
