Cyber event artifact investigation training in a virtual environment
Mims, Simone M
Wylkynsone, Tye R.
MetadataShow full item record
The Internet has created many new technology advances that make everyday life easier and more efficient. However, technology has also enabled new attack capabilities and platforms that have the potential to cripple Department of Defense (DOD) and civilian information systems and cyber infrastructure. In order to minimize damages these threats could cause, the DOD needs well-trained operators and skilled cyber incident first responders at the helm. The first portion of this research focused on identifying operating system artifacts that give first responders the best information with which to identify if a cyber incident has occurred, or is occurring, and to determine the type of incident. The second portion of this research focused on developing virtual environments where students can participate in guided training and challenge labs. These labs can train system operators to recognize incident indicators and allow first responders to focus on collecting necessary information quickly. The Training Lab focuses on leading the student through an investigation of each designated artifact, while the Challenge Lab provides less guidance in order to test the students' acquired skills. This partnered learning experience should lead to more proficient cyber incident reporting and should decrease the response delay between detection and recovery.
Approved for public release; distribution is unlimited
Showing items related by title, author, creator and subject.
Bernstein, Catherine P. (Monterey, California: Naval Postgraduate School, 2014-09);Disaster responders are exposed to continuous periods of intense stress, and as a consequence, some suffer mental or emotional adverse effects. In recognition of critical stress as a valid concern, many emergency service ...
Favero, Gerald T. (Monterey, California: Naval Postgraduate School, 1999-12);This thesis argues that the current Incident Command System (ICS) is inadequate for activating the National Guard Military Support Detachment - Rapid Assessment Initial Detection (RAID) Teams, which are vital for responding ...
Naval Postgraduate School Center for Homeland Defense and Security (CHDS) (Monterey, California. Naval Postgraduate SchoolCenter for Homeland Defense and Security, 2009-09);September 2009. The overarching theme of this issue of Homeland Security Affairs is response – to public health emergencies, natural and man-made disasters, threats of nuclear attack, and the messages of terrorists. One ...