Competitions for students, novices, and professionals to practice hacking and cyber defense skills (Conklin 2005; White et al. 2010). In cyber defense competitions teams design, implement, manage, and defend a network of computers and services (Schepens and James 2003). Cyber defense competitions are great learning opportunities for students and professionals. Typically, as in the case of the National Collegiate Cyber Defense Competition (https://www.nationalccdc.org/), the competitions consist of multiple blue teams of contestants and multiple red teams that attacks the services and systems that blue team is trying to counteract. An automated attack system needs to be intelligent, have low overhead, be realistic, and be modular (Miller et al. 2018). The components of automated attack systems vary. A patent for a very high-level design of an automated penetration system uses simulators (virtual machines or software that mimics the behavior of computers or networks), an exploit database, storage for scenarios, configuration files, and a penetration testing framework (Futoransky et al. 2013). Other systems can simulate network and user traffic (Rossey et al. 2002). We have so far identified four high-level design requirements: 1) ability to perform many types of attacks, 2) ability to follow a good process, 3) possession of a high-level situational understanding of the scenario, and 4) ease of sanitation and reuse of the simulation. Our continued work will identify more design requirements and areas of research that are needed to further the technological abilities and efficiency of automated red team design.
Giboney, Justin; Adams, Kyle; Atwood, William; Belyeu, Joseph; Crandall, Caleb; and Keller, Joshua, "Design requirements for a cloud-based automated red team in a cyber range for security operations training" (2020). AMCIS 2020 TREOs. 56.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.