Jaime C. Acosta, Joshua McKee, Alexander Fielder, S. Salamah
{"title":"一个以评估人员为中心的网络安全培训和数据采集平台","authors":"Jaime C. Acosta, Joshua McKee, Alexander Fielder, S. Salamah","doi":"10.1109/MILCOM.2017.8170768","DOIUrl":null,"url":null,"abstract":"Empirical-based models for security technologies in the commercial and military domain, including those that focus on protection, detection, and broader risk analysis, leverage data captured from sensors on network-connected devices including gateways, routers, and host nodes. Lacking, however, are datasets that contain specific state observations and actions from the evaluator (red/blue teammer) workstation; we call this the inside-view. This is largely due to issues associated with data ownership, data classification, and the lack of integrated evaluator-centric data-collection mechanisms. To enable and promote creation of open datasets that capture the inside-view, we introduce a scalable platform that consists of two main elements. First, the emulation sandbox, or EmuBox, is an open-source and portable (i.e., it can execute on a laptop) solution for creating small-to medium-sized heterogeneous scenarios for evaluators to set up practice environments and competitions and to hone their skills. Second, the evaluatorcentric and extensible logger, ECEL, is a centralized management system that uses plugins for capturing and formatting evaluator data. We conclude the paper by providing a case study to demonstrate the setup and configuration of the platform along with a performance analysis.","PeriodicalId":113767,"journal":{"name":"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"A platform for evaluator-centric cybersecurity training and data acquisition\",\"authors\":\"Jaime C. Acosta, Joshua McKee, Alexander Fielder, S. Salamah\",\"doi\":\"10.1109/MILCOM.2017.8170768\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Empirical-based models for security technologies in the commercial and military domain, including those that focus on protection, detection, and broader risk analysis, leverage data captured from sensors on network-connected devices including gateways, routers, and host nodes. Lacking, however, are datasets that contain specific state observations and actions from the evaluator (red/blue teammer) workstation; we call this the inside-view. This is largely due to issues associated with data ownership, data classification, and the lack of integrated evaluator-centric data-collection mechanisms. To enable and promote creation of open datasets that capture the inside-view, we introduce a scalable platform that consists of two main elements. First, the emulation sandbox, or EmuBox, is an open-source and portable (i.e., it can execute on a laptop) solution for creating small-to medium-sized heterogeneous scenarios for evaluators to set up practice environments and competitions and to hone their skills. Second, the evaluatorcentric and extensible logger, ECEL, is a centralized management system that uses plugins for capturing and formatting evaluator data. We conclude the paper by providing a case study to demonstrate the setup and configuration of the platform along with a performance analysis.\",\"PeriodicalId\":113767,\"journal\":{\"name\":\"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/MILCOM.2017.8170768\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MILCOM.2017.8170768","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A platform for evaluator-centric cybersecurity training and data acquisition
Empirical-based models for security technologies in the commercial and military domain, including those that focus on protection, detection, and broader risk analysis, leverage data captured from sensors on network-connected devices including gateways, routers, and host nodes. Lacking, however, are datasets that contain specific state observations and actions from the evaluator (red/blue teammer) workstation; we call this the inside-view. This is largely due to issues associated with data ownership, data classification, and the lack of integrated evaluator-centric data-collection mechanisms. To enable and promote creation of open datasets that capture the inside-view, we introduce a scalable platform that consists of two main elements. First, the emulation sandbox, or EmuBox, is an open-source and portable (i.e., it can execute on a laptop) solution for creating small-to medium-sized heterogeneous scenarios for evaluators to set up practice environments and competitions and to hone their skills. Second, the evaluatorcentric and extensible logger, ECEL, is a centralized management system that uses plugins for capturing and formatting evaluator data. We conclude the paper by providing a case study to demonstrate the setup and configuration of the platform along with a performance analysis.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
