D 2017

Lessons Learned From Complex Hands-on Defence Exercises in a Cyber Range

VYKOPAL, Jan, Martin VIZVÁRY, Radek OŠLEJŠEK, Pavel ČELEDA, Daniel TOVARŇÁK et. al.

Basic information

Original name

Lessons Learned From Complex Hands-on Defence Exercises in a Cyber Range

Name in Czech

Zkušenosti z přípravy komplexních praktických obranných cvičení v kybernetických polygonech

Authors

VYKOPAL, Jan (203 Czech Republic, guarantor, belonging to the institution), Martin VIZVÁRY (703 Slovakia, belonging to the institution), Radek OŠLEJŠEK (203 Czech Republic, belonging to the institution), Pavel ČELEDA (203 Czech Republic, belonging to the institution) and Daniel TOVARŇÁK (203 Czech Republic, belonging to the institution)

Edition

Indianapolis, IN, USA, 2017 IEEE Frontiers in Education Conference, p. 1-8, 8 pp. 2017

Publisher

IEEE

Other information

Language

English

Type of outcome

Proceedings paper

Field of Study

10201 Computer sciences, information science, bioinformatics

Country of publisher

United States of America

Confidentiality degree

is not subject to a state or trade secret

Publication form

electronic version available online

References:

RIV identification code

RIV/00216224:14610/17:00094479

Organization unit

Institute of Computer Science

ISBN

978-1-5090-5919-5

ISSN

DOI

UT WoS

000426974900279

Keywords in English

hands-on exercise; cybersecurity; cyber range; exercise design;

Tags

Tags

International impact, Reviewed
Changed: 16/4/2018 15:29, Mgr. Alena Mokrá

Abstract

V originále

We need more skilled cybersecurity professionals because the number of cyber threats and ingenuity of attackers is ever growing. Knowledge and skills required for cyber defence can be developed and exercised by lectures and lab sessions, or by active learning, which is seen as a promising and attractive alternative. In this paper, we present experience gained from the preparation and execution of cyber defence exercises involving various participants in a cyber range. The exercises follow a Red vs. Blue team format, in which the Red team conducts malicious activities against emulated networks and systems that have to be defended by Blue teams of learners. Although this exercise format is popular and used worldwide by numerous organizers in practice, it has been sparsely researched. We contribute to the topic by describing the general exercise life cycle, covering the exercise's development, dry run, execution, evaluation, and repetition. Each phase brings several challenges that exercise organizers have to deal with. We present lessons learned that can help organizers to prepare, run and repeat successful events systematically, with lower effort and costs, and avoid a trial-and-error approach that is often used.

Links

VI20162019014, research and development project
Name: Simulace, detekce a potlačení kybernetických hrozeb ohrožujících kritickou infrastrukturu (Acronym: KYPO II)
Investor: Ministry of the Interior of the CR, Simulation, Detection, and Mitigation of Cyber Threats Endangering Critical Infrastructure

Files attached

2017-FIE-lessons-learned-exercises-cyber-range-paper.pdf Licence Creative Commons File version
2017-FIE-lessons-learned-exercises-cyber-range-presentation.pdf Licence Creative Commons File version