Cyber event artifact investigation training in a virtual environment
Download
Author
Mims, Simone M
Wylkynsone, Tye R.
Date
2017-12Advisor
Fulp, J.D.
Second Reader
Singh, Gurminder
Metadata
Show full item recordAbstract
The Internet has created many new technology advances that make everyday life easier and more efficient. However, technology has also enabled new attack capabilities and platforms that have the potential to cripple Department of Defense (DOD) and civilian information systems and cyber infrastructure. In order to minimize damages these threats could cause, the DOD needs well-trained operators and skilled cyber incident first responders at the helm. The first portion of this research focused on identifying operating system artifacts that give first responders the best information with which to identify if a cyber incident has occurred, or is occurring, and to determine the type of incident. The second portion of this research focused on developing virtual environments where students can participate in guided training and challenge labs. These labs can train system operators to recognize incident indicators and allow first responders to focus on collecting necessary information quickly. The Training Lab focuses on leading the student through an investigation of each designated artifact, while the Challenge Lab provides less guidance in order to test the students' acquired skills. This partnered learning experience should lead to more proficient cyber incident reporting and should decrease the response delay between detection and recovery.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Related items
Showing items related by title, author, creator and subject.
-
ASSUMPTION AND ADAPTATION IN EMERGENCY RESPONSE: EVALUATING THE STRATEGIC APPROACH OF THE NATIONAL INCIDENT MANAGEMENT SYSTEM
Chapman, Charles W. (Monterey, CA; Naval Postgraduate School, 2020-12);The National Incident Management System (NIMS) guidance strategy influences local public safety organizations and jurisdictions with emergency response obligations to develop and adopt all-hazards emergency response plans ... -
Building Team Belay
Bernstein, Catherine P. (Monterey, California: Naval Postgraduate School, 2014-09);Disaster responders are exposed to continuous periods of intense stress, and as a consequence, some suffer mental or emotional adverse effects. In recognition of critical stress as a valid concern, many emergency service ... -
Flexibility of the incident command system to respond to domestic terrorism
Favero, Gerald T. (Monterey, California: Naval Postgraduate School, 1999-12);This thesis argues that the current Incident Command System (ICS) is inadequate for activating the National Guard Military Support Detachment - Rapid Assessment Initial Detection (RAID) Teams, which are vital for responding ...