Cloud-based Resources for Cybersecurity Education and Training

Slides:



Advertisements
Similar presentations
The College Classroom in 2020: It Wont Be What It Is Today 1.
Advertisements

National Database Templates for the Biosafety Clearing-House Application (NDT-nBCH) Overview of the US nBCH Applications.
Working Together to Integrate Veterans in Your Workforce Moderator: Judith Villamil, Monster Government Solution Ted Wadsworth, Senior Director of Veteran.
CASE SCENARIO: GOOGLE DRIVE.  When Google Drive first launched, it served as a place to store your files in the cloud so that they could be accessed.
Distance Learning: A Postsecondary Update John Opper Florida Distance Learning Consortium.
Homeland Security 11 1) IT Security Courseware and Hands-on Labs, via Virtual Training Environment (VTE) 2) Federal Cybersecurity Training Exercise Program.
Holyoke Public Schools Professional Development By, Judy Taylor
By Raymond Greenlaw United States Naval Academy, Annapolis, Maryland Chiang Mai University, Chiang Mai, Thailand Ray gratefully acknowledges partial support.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
1 Virtual Forensics Lab Steve Kim (Client) Marilyn Silva Rajeswari Ian Anu Nagpal Anthony Glover 1.
CAPTURE THE FLAG (CTF) Maxim A. Kulakov (Vladimir State University)
Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs
Cloud Computing.
Florida Distance Learning Consortium John Opper, Ph.D. Executive Director March 23, 2011 Florida Distance Learning Consortium: An Overview.
The DSpace Course Module – An introduction to DSpace.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
SALSA-NetAuth Joint Techs Vancouver, BC July 2005.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
Portal for ArcGIS An Introduction
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
I-Hack’08 International Hacking Competition “Details”
Center for Cybersecurity Research and Education (CCRE)
Enterprise Cloud Computing
Web Technologies Lecture 13 Introduction to cloud computing.
Role Of Network IDS in Network Perimeter Defense.
Mark Shtern.  Our life depends on computer systems  Traffic control  Banking  Medical equipment  Internet  Social networks  Growing number of.
WIDESCREEN PRESENTATION Tips and tools for creating and presenting wide format slides.
Reference Management Module I: Introduction By Rehema Chande-Mallya(PhD)
Web Technology Seminar
Module 1: Overview of Information System in Organizations
Cybersecurity Outlook for 2011
A Low Cost, Portable Platform for Information Assurance and Security Education Dan C. Lo, Kai Qian Department of Computer Science and Software Engineering.
Unit 3 Virtualization.
Accessing the VI-SEEM infrastructure
Department of Computer and Information Sciences
Chapter 6: Securing the Cloud
Containers as a Service with Docker to Extend an Open Platform
PIWIK JUNIOR TIDAL ASSOCIATE PROF., WEB SERVICES & MULTIMEDIA LIBRARIAN NEW YORK CITY COLLEGE OF TECHNOLOGY, CUNY.
Critical Security Controls
Discovering Computers 2010: Living in a Digital World Chapter 14
A lustrum of malware network communication: Evolution & insights
NSDL: A New Tool for Teaching and Learning.
VIVA Linked Data Pilot with Zepheira and Atlas Systems
Connecting to the Internet
IS4550 Security Policies and Implementation
2018 Real Cisco Dumps IT-Dumps
5G Security Training
Current plans and efforts by curriculum providers to help teachers prepare students for a pathway into cyber jobs mary beth dobbins, Moderator Cyber.
recommendations for potential pilot network(s)
Connectivity.
How to approach a top-down call topic in Horizon 2020?
CSSIA Center of Systems Security and Information Assurance Moraine Valley Community College Addressing the Need for More and Better IT Labs Virtually.
Microsoft Virtual Academy
Section 14.1 Section 14.2 Identify the technical needs of a Web server
Cloud-based Resources for Cybersecurity Education
Cyber Education & Research
WELCOME.
Cybersecurity Workforce Preparedness
What is it? What do people in Cyber Security do? What’s the big deal?
Commonwealth Cyber Initiative (CCI)
Learning Management System (LMS) Alignment Meeting April 02, 2019
Cybersecurity Workforce Development for the Nation
Microsoft Virtual Academy
Vice Provost, Old Dominion University Cyber Business Roundtable
Client/Server Computing and Web Technologies
MICHIGAN COMMUNITY COLLEGE ASSOCIATION
Hands-on Approach to Teaching Cybersecurity and IT/Networking Hau Nguyen Grossmont College August 2019
Presentation transcript:

Cloud-based Resources for Cybersecurity Education and Training David Raymond, Ph.D. Director, Virginia Cyber Range draymond@virginiacyberrange.org

Cybersecurity Talent Shortfalls

What is a Cyber Range? Isolated network Usually virtualized Used for: Activity will appear malicious Actual malware sometimes used Usually virtualized Allows for maximum configurability Scripted network environment creation Used for: Hands-on cybersecurity training Defensive AND offensive Classroom exercises Capture-the-flag and red/blue CTFs Device and software testing Incident response rehearsals

Virginia Cyber Range: Background Recommended by the Virginia Cyber Security Commission in August 2015 Funded by Commonwealth of Virginia on July 1st, 2016 2016 Executive Budget Document, Item 224, Paragraph J: “Out of this appropriation, [two years of funding will be] designated to support a cyber range platform to be used for cyber security training by students in Virginia's public high schools, community colleges, and four-year institutions. Virginia Tech shall form a consortium among participating institutions, and shall serve as the coordinating entity for use of the platform. The consortium should initially include all Virginia public institutions with a certification of academic excellence from the federal government.” 4 States have more CAEs than Virginia (10) – we want to be at the top! Florida: 14 Maryland: 17 New York: 12 Texas: 16

Governance: Executive Committee George Mason University James Madison University Longwood University Lord Fairfax Community College Norfolk State University Thomas Nelson Community College Northern Virginia Community College Radford University Tidewater Community College Virginia Tech Danville Community College University of Virginia

Courseware Repository Courses, modules, and exercises for use in HS, CC, and university cybersecurity curricula Instructors/professors can select course content in full or a la carte Grants offered for courseware development Courseware Repository Menu of per-student exercise environments for use in cybersecurity courses Working towards team-based offensive and defensive, scenario-based environments Capture-the-Flag infrastructure for cybersecurity competitions Exercise Area Consortium governance Convene workshops and conferences to “teach the teachers” and share best practices Helping to expand NSA/DHS CAE certification among Virginia colleges and universities Community of Purpose

Leveraging the Public Cloud Design Requirements: Difficult to predict resource requirements Completely automatable Cost effective Short-term surge capacity Available anywhere Web portal for access to content Role-based access Login to see user-specific content Students just need a web browser and internet connection! Why the Cloud? Unlimited scalability! Quick start-up phase Low capital investment Rapid scalability Surge capacity Location independent Highly automated Pay as you use

Virginia Cyber Range Internet School network TCP:80;443 TCP:80;443 Proxy TCP:80;443 www. something. com Internal IP 10.10.x.y External IP TCP:3389 TCP:22 TCP:443 Student School network

Exercise Area Stats

Schools Supported

What is Capture-the-Flag? Cybersecurity Competition Can be individual or team-based Sometimes in-person, often remote Various formats Jeopardy-style. Most popular and easiest to create Attack/Defend (Red/Blue) Hosted by: College CTF teams Companies looking for talent DoD and other government agencies You!

Example Jeopardy Board (NYU-Poly, 2012)

Common Challenge Types: Overview Reconnaissance (“Recon”) Answer a question or follow a trail of hints to find a flag Cryptography (“Crypto”) Related to simple ciphers or modern cryptography algorithms Reverse Engineering (“Reversing”) Analyzing an executable program to produce a flag Web Find flag hidden in web page or vulnerable web application Digital Forensics (“Forensics”) Find digital artifacts in a drive image Networking Find a flag by analyzing captured network traffic

Want to play? Register for the CTF at https://VACR.IO/CTF2018 (click “Register”) It might help to have Kali Linux virtual machine for some challenges https://console.virginiacyberrange.net On the ‘Login’ dialog, click “Have an invitation code?” and enter 327JPNCKJ2CP Select login option (Google, Facebook, Azure) 1. 2. 327JPNCKJ2CP 

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.