collective views of the nsa css cyber defense exercise on
play

Collective Views of the NSA/CSS Cyber Defense Exercise on Curricula - PowerPoint PPT Presentation

Sep 03, 2023 •231 likes •445 views

Collective Views of the CDX Collective Views of the NSA/CSS Cyber Defense Exercise on Curricula and Learning Objectives William J. Adams Efstratios L. Gavas Tim Lacey . Leblanc Sylvain P United States Military Academy

  1. Collective Views of the CDX Collective Views of the NSA/CSS Cyber Defense Exercise on Curricula and Learning Objectives William J. Adams † Efstratios L. Gavas ‡ Tim Lacey ¶ . Leblanc § Sylvain P † United States Military Academy ‡ United States Merchant Marine Academy ¶ Air Force Institute of Technology § Royal Military College of Canada USENIX CSET 2009

  2. Collective Views of the CDX Outline Introduction Overview What is the CDX? Academies’ Experiences United States Merchant Marine Academy United States Military Academy Air Force Institute of Technology Royal Military College of Canada Attacks What happened? Conclusions

  3. Collective Views of the CDX Introduction Objective of Paper ◮ Discuss the Cyber Defense Exercise (CDX) ◮ Review curriculum ◮ Promote hands-on IA activities ◮ Show flexibility of cyber security exercises

  4. Collective Views of the CDX Overview What is the CDX? Overview of CDX ◮ Four-day exercise, but months of preparation ◮ Ninth year of competition ◮ Red vs. Blue, with White moderating

  5. Collective Views of the CDX Overview What is the CDX? Overview of CDX ◮ Eight teams participated: ◮ Air Force Institute of Technology (AFIT) ◮ Naval Postgraduate School (NPS) ◮ Royal Military College of Canada (RMC) ◮ United States Air Force Academy (USAFA) ◮ United States Coast Guard Academy (USCGA) ◮ United States Merchant Marine Academy (USMMA) ◮ United States Military Academy (USMA) ◮ United States Naval Academy (USNA) ◮ Participation at both graduate and undergraduate levels

  6. Collective Views of the CDX Overview What is the CDX? Overview of CDX ◮ Each team is given a mock budget to secure a poorly-configured/compromised network ◮ Email, instant messaging, database and web servers, workstations, and a domain controller ◮ Administer network while under attacks by NSA Red Team ◮ Deal with exercise “ injects ” ◮ Forensics, helpdesk requests, DNS and network reconfiguration ◮ Reporting requirements

  7. Collective Views of the CDX Academies’ Experiences The Differences ◮ Different curricula ◮ Different learning objectives ◮ Different resources

  8. Collective Views of the CDX Academies’ Experiences United States Merchant Marine Academy USMMA Overview ◮ Established to train Merchant Marine officers ◮ Part of the Department of Transportation ◮ Smallest of the five US undergraduate service academies ◮ In the Heroic 1 phase of security team building ◮ . . . Possibly the Incompetence phase! 1 http://taosecurity.blogspot.com/2009/05/lessons-from-cdx.html

  9. Collective Views of the CDX Academies’ Experiences United States Merchant Marine Academy How They Came to Their Design ◮ Cost Trade-Offs ◮ Administrative Trade-Offs ◮ Monitoring Trade-Offs ◮ Mistakes Made ◮ Last-Minute Course Corrections

  10. Collective Views of the CDX Academies’ Experiences United States Merchant Marine Academy Review of USMMA Network Design Keep It Simple, Sailor

  11. Collective Views of the CDX Academies’ Experiences United States Merchant Marine Academy USMMA Summary ◮ We do OK ◮ Simplicity was our weapon of choice ◮ If you don’t understand it – it is not secure! ◮ Don’t be afraid of your system

  12. Collective Views of the CDX Academies’ Experiences United States Military Academy USMA Overview ◮ Serves as a senior-level capstone ◮ Active ACM and CS programs ◮ Large team size (30-60 people) ◮ Supported through the Information Technology and Operations Center (ITOC)

  13. Collective Views of the CDX Academies’ Experiences United States Military Academy USMA Observations ◮ Cleaned workstations with homemade Tripwire -like script ◮ Rebuilt database and web servers ◮ No significant compromises ◮ Communication was a special focus

  14. Collective Views of the CDX Academies’ Experiences Air Force Institute of Technology AFIT Overview ◮ Graduate program ◮ Focus on lab activities ◮ Range of skills (novice to network administrator) ◮ Two teams of fifteen ◮ Supported through the Center for Cyberspace Research (CCR)

  15. Collective Views of the CDX Academies’ Experiences Air Force Institute of Technology AFIT Observations ◮ Effective use of IPsec ◮ Utilized proxy server ◮ Mitigated compromises with user privileges

  16. Collective Views of the CDX Academies’ Experiences Royal Military College of Canada RMC Overview ◮ First year competing ◮ Mixed graduates and undergraduates ◮ Only graduate participation this year

  17. Collective Views of the CDX Academies’ Experiences Royal Military College of Canada RMC Observations ◮ First time working in a Network Operations Center (NOC) ◮ Reinforced communication needs

  18. Collective Views of the CDX Attacks What happened? Attacks What happened? ◮ Twenty-one significant, distinct compromises ◮ Most effective: Malware callbacks (7) ◮ Most interesting: OpenFire remote access (4) A lot to keep track of . . .

  19. Collective Views of the CDX Conclusions Conclusions ◮ Budget and operational issues are important ◮ Fewer successful attacks ◮ Wider range of attacks ◮ Hands-on activities can better direct student ◮ Live exercises build critical skills ◮ Communication ◮ Operations ◮ Leadership

  20. Collective Views of the CDX Summary Summary More information ◮ http://www.afit.edu/en/ccr/ ◮ http://www.itoc.usma.edu Final Words. . . ◮ If you hack boats or students, contact me (gavase{at}usmma[.]edu) ◮ Suggestions welcome

Recommend

Collective Decision-Making with Goals Arianna Novaro PhD Thesis Defense 12 th of November 2019

Collective Decision-Making with Goals Arianna Novaro PhD Thesis Defense 12 th of November 2019

Collective Decision-Making with Goals Arianna Novaro PhD Thesis Defense 12 th of November 2019 Supervised by Umberto Grandi Dominique Longin Emiliano Lorini Collective Decision-Making with Goals PhD Defense The Research (Fields) Behind the

565 views • 30 slides
US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer

US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer

US Army War College Fellowship Cyber Defense/Offense Dr. Bill Young Department of Computer Science University of Texas at Austin Last updated: February 27, 2013 at 11:16 Dr. Bill Young: 1 Cyber Defense/Offense Some Sources Jeffrey Carr,

936 views • 60 slides
Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan

Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan

Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan Vykopal, Karolna Bursk , and Vt Rusk IEEE Frontier in Education Conference, San Jose, USA, 2018 1 KYPO Cyber Range Cloud-based simulator

538 views • 14 slides
Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber

Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber

Survey of Cyber Moving Targets Presented By Sharani Sankaran Moving Target Defense A cyber moving target technique refers to any technique that attempts to defend a system and increase the complexity of cyber attacks by making the system

728 views • 27 slides
Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation

Cyber Threats Views from the FBI Special Agent Keith Custer Federal Bureau of Investigation Baltimore Division Overview Cyber Threat Overview Cyber-enabled Fraud Types of Cyber-enabled Fraud Business Email Compromise

796 views • 47 slides
Food Defense Tabletop Exercise: Schools as a Target Pres esen ent ed ed by Douglas Conw ell

Food Defense Tabletop Exercise: Schools as a Target Pres esen ent ed ed by Douglas Conw ell

Food Defense Tabletop Exercise: Schools as a Target Pres esen ent ed ed by Douglas Conw ell t or I nst r t ruct o National Food Service Management I nstitute 1 What I s Food Defense? FOOD DEFENSE is defined as the protection of food

629 views • 45 slides
Experiences In Cyber Security Education: The MIT Lincoln Laboratory Capture-the-Flag Exercise*

Experiences In Cyber Security Education: The MIT Lincoln Laboratory Capture-the-Flag Exercise*

Experiences In Cyber Security Education: The MIT Lincoln Laboratory Capture-the-Flag Exercise* Joseph Werther, Michael Zhivich, Timothy Leek, Nickolai Zeldovich Cyber Security Experimentation And Test 2011 8 August 2011 This work is

313 views • 15 slides
Effectively Evaluating Risk Through Factors Defense Acquisition University Exercise handout

Effectively Evaluating Risk Through Factors Defense Acquisition University Exercise handout

Effectively Evaluating Risk Through Factors Defense Acquisition University Exercise handout Exercise Instructions Read the consensus findings and determine from the narrative what is the adjectival rating (AJ) and risk rating (R)

392 views • 6 slides
Food Defense Food Defense Tabletop Food Defense Food Defense Tabletop Tabletop Tabletop

Food Defense Food Defense Tabletop Food Defense Food Defense Tabletop Tabletop Tabletop

Food Defense Food Defense Tabletop Food Defense Food Defense Tabletop Tabletop Tabletop Exercise: Exercise: Schools as a Target Schools as a Target Presented by Presented by Presented by Presented by National Food Service Management I

756 views • 44 slides
Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager

Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager

Botnets, Collective Defense, and Project MARS Jeff Williams Principal Group Program Manager Microsoft Malware Protection Center The Basics A Picture of Health? Location 1Q2010 2Q10 3Q10 4Q10 Delta 4.2% United States 11,025,811

468 views • 31 slides
IPSASB ED on Collective and Individual Services and Emergency Relief Disclaimer The views and

IPSASB ED on Collective and Individual Services and Emergency Relief Disclaimer The views and

ED 173 IPSASB ED on Collective and Individual Services and Emergency Relief Disclaimer The views and opinions expressed in this presentation are those of the individual. Official positions of the ASB on accounting matters are determined only

434 views • 32 slides
Cyber Defense: three fundamental steps Giorgio Mosca Strategy and Technology Director It

Cyber Defense: three fundamental steps Giorgio Mosca Strategy and Technology Director It

Cyber Defense: three fundamental steps Giorgio Mosca Strategy and Technology Director It would seem that Caesar's recurrent and deep-rooted fault was his concentration in pursuing the objective immediately in front of his eyes to the

847 views • 16 slides
KNOW YOUR ROLE DO YOUR JOB: A mapping of skills and building a Cyber Security Career EILEEN. A.

KNOW YOUR ROLE DO YOUR JOB: A mapping of skills and building a Cyber Security Career EILEEN. A.

KNOW YOUR ROLE DO YOUR JOB: A mapping of skills and building a Cyber Security Career EILEEN. A. Cyber Defense and Forensics Analyst The Dilemma Caught in a web, ever growing cyber attacks, changes in technology. Strategies seem to last an

452 views • 28 slides
Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed

Do You See What I See? Navigating Human & Cyber Threats at the Workplace The views expressed by us are not representative of the City of Charlotte. OUTLINE INTRODUCTIONS HUMAN THREATS CYBER THREATS QUESTIONS INTRODUCTIONS

445 views • 25 slides
TeamDefend TeamDefend Organizational and Inter-Organizational Cyber Defense Training S C I E N

TeamDefend TeamDefend Organizational and Inter-Organizational Cyber Defense Training S C I E N

TeamDefend TeamDefend Organizational and Inter-Organizational Cyber Defense Training S C I E N C E A P P L I C A T I O N S I N T E R N A T I O N A L C O R P O R A T I O N Agenda Agenda Background on Cyber Exercises Introduction

428 views • 15 slides
UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense

UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense

UC.yber Meeting 12 WARGAMES! Last Week Discussed National Collegiate Cyber Defense Competition Planned out what we need for becoming an official chapter Planned out our visit to Loveland HS Received a donation! Thanks to

1.11k views • 9 slides
Integration Spiral Results Wende Peters, JH-APL wende.peters@jhuapl.edu iacd@jhuapl.edu

Integration Spiral Results Wende Peters, JH-APL wende.peters@jhuapl.edu iacd@jhuapl.edu

Integrated Adaptive Cyber Defense: Integration Spiral Results Wende Peters, JH-APL wende.peters@jhuapl.edu iacd@jhuapl.edu September 2015 Integrated Adaptive Cyber Defense Cybersecurity Reality in the Greater Cyber Ecosystem We arent

660 views • 53 slides
Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line

Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line

Cyber Security Information Sharing Oscar Serrano NCI Agency Cyber Security Service Line DeepSec 2014, Vienna, 21 November 2014 NATO UNCLASSIFIED Cyber Security In NATO NATO in a nutshell: Collective defence Interoperable

666 views • 42 slides
Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon

Wargames in the 5th Domain The next Pearl Harbor could very well be a cyber attack. - Leon Panetta, US Secretary of Defense The United States is fighting a cyber-war today, and we are losing. - Mike McConnell, former Director of

298 views • 28 slides
A Study of Japan Self Defense Forces Strategic Communication

A Study of Japan Self Defense Forces Strategic Communication

A Study of Japan Self Defense Forces Strategic Communication Japan Air Self Defense Force Colonel Toshimitsu INOUE Disclaimer The views, opinions, and proposals provided in this presentation are

456 views • 33 slides
Formalizing Agents Beliefs for Cyber-Security Defense Strategy Planning 8 th International

Formalizing Agents Beliefs for Cyber-Security Defense Strategy Planning 8 th International

INSTITUTE OF INFORMATION SYSTEMS Formalizing Agents Beliefs for Cyber-Security Defense Strategy Planning 8 th International Conference on Computational Intelligence in Security for Information Systems Karsten Martiny Alexander Motzek

563 views • 15 slides
DISCLAIMER: The views presented at this event are those of the speaker or author, and do not

DISCLAIMER: The views presented at this event are those of the speaker or author, and do not

DISCLAIMER: The views presented at this event are those of the speaker or author, and do not represent the views of the U.S. Government, Department of Defense, Military Departments, or their components. The appearance of speakers and authors at

669 views • 19 slides
Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation

Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation

INSTITUTE OF INFORMATION SYSTEMS Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation Awareness Alexander Motzek Ralf Mller Universitt zu Lbeck Institute of Information Systems

605 views • 28 slides
2019 Cybersecurity Report Beyond Obfuscation: The Defense Industrys Position within Federal

2019 Cybersecurity Report Beyond Obfuscation: The Defense Industrys Position within Federal

2019 Cybersecurity Report Beyond Obfuscation: The Defense Industrys Position within Federal Cybersecurity Policy About the Report Section I: Illustrations of Cyber Threats and Vulnerabilities Section II: Policy Response to Cyber Risk

249 views • 20 slides

More recommend