Test and evaluation of the Malicious Activity Simulation Tool (MAST) in a Local Area Network (LAN) running the Common PC Operating System Environment (COMPOSE)

Abstract

In the Department of the Navys layered defense approach to protecting a computer network, it is the networks administrators who provide the last layer of defense before the end user. Training network administrators is a rather expensive and time consuming process. However, this training needs to be provided on a regular basis in order to refresh their readiness and to train them to respond to new, emerging threats. Malicious Activity Simulation Tool (MAST) aims to provide realistic, tailored simulation of malicious activity for the purpose of training network administrators to recognize and respond to threats on the network they manage. In a continuation of MAST development, this thesis reports the testing and evaluation of the MAST functionality on a Local Area Network (LAN) using a Common PC Operating System Environment (COMPOSE) as its network operating system. We conclude that MAST can present realistic simulations of malicious activity that could be detected, recognized, and responded to by network administrators and host network, while posing no threat to the operational readiness of the host network or its supported missions.