Malicious Activity Simulation tool (MAST) and trust

Loading...
Thumbnail Image
Authors
Diana, Brian J.
Subjects
Malware
network security
training
Security Control Assessment
threat model
Advisors
Burke, Karen
Gibson, John
Date of Issue
2015-06
Date
Jun-15
Publisher
Monterey, California: Naval Postgraduate School
Language
Abstract
Malicious Activity Simulation Tool (MAST) provides an on-the-job-training medium for information system operators to practice responding to cyber threats simulated on the operational information systems that they manage day-to-day. Because MAST has the capability to simulate various cyber attacks, it is important to measure the risk the system poses to the information systems on which it will operate. This thesis analyzes MAST’s security posture and proposes potential solutions to any vulnerability discovered in that analysis. The analysis is based on a Security Control Assessment (SCA) utilizing the Defense Information Systems Agency Application Security and Development Security Technical Implementation Guide. Following the SCA, a threat model is used to determine mitigations to technical findings. Outputs from this research will enable a more secure implementation of MAST.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
Copyright is reserved by the copyright owner.
Collections