Identifying and embedding common indicators of compromise in virtual machines for lab-based incident response education
Author
Van Dusen, Matthew S.
Date
2015-09Advisor
Fulp, John D.
Singh, Gurminder
Metadata
Show full item recordAbstract
Though typical malware delivery vectors, behaviors, and general attack craft can be verbally explained and even illustrated, greater familiarity and confidence is imbued in the cyber defender when such theoretical explanations are followed by guided practical exercises that provide realistic scenarios. To demonstrate this, we created seven scenarios utilizing common attack types combined with prominent artifacts for indicators of compromise and prominent incident investigative tools. These scenarios will help facilitate the educational experience for students as well as instill confidence, resulting in more proficient incident response across the field. Should this type of education become a part of the NPS curriculum, additional research can be conducted to reaffirm its true capacity.
Rights
Copyright is reserved by the copyright owner.Collections
Related items
Showing items related by title, author, creator and subject.
-
Collecting cyberattack data for industrial control systems using honeypots
Hyun, Dahae (Monterey, California: Naval Postgraduate School, 2018-03);Operational technology, information technology for industrial control systems, has advanced more slowly in security than other kinds of information technology. To aid the discovery of indicators of compromise for industrial ... -
Vulnerability analysis of HD photo image viewer applications
Juan, Clifford C. (Monterey, California. Naval Postgraduate School, 2007-09);The introduction of Microsoft's new graphics file format, Windows Media Photo, into the mainstream market in 2006 has been one of the most interesting developments in the digital world. The file format, which has since ... -
A CRYPTOGRAPHIC ANALYSIS OF BLUETOOTH'S HUMAN-MACHINE AUTHENTICATED KEY EXCHANGE PROTOCOLS
Troncoso, Michael E. (Monterey, CA; Naval Postgraduate School, 2020-09);As Bluetooth is firmly ensconced as one of the leading standardizations for wireless communication, it becomes imperative to rigorously quantify its security. To forward this quantification, we conduct a comprehensive ...