Presentation is loading. Please wait.

Presentation is loading. Please wait.

Training the Future Cyber Security Specialist: A Novel Approach

Published byYağmur Aktaş Modified over 6 years ago

Similar presentations

Presentation on theme: "Training the Future Cyber Security Specialist: A Novel Approach"— Presentation transcript:

1 Training the Future Cyber Security Specialist: A Novel Approach
Fatih Karayumak

2 The Norm Universities Training Institutes Standart Curriculums
Text-book and partly practiced education Lacking Real-World examples Good in theory No hands-on training Training Institutes Financial Concerns Limited time Crammed-up classrooms Limited Hands-on training

3 The Aim 3

4 Needs Analysis Emphasize on Hands-on Experience
Why do we need such an environment? Emphasize on Hands-on Experience Measurement of Readiness for Cyber Incidents Train for what Security Technologies / Products Security Monitoring Possible Attack Methods Incident Handling Other Considerations As fast as possible As comprehensive as possible 4

5 Hands-on Experience Why hackers mostly reach their target?
Real World Scenarios Why hackers mostly reach their target? Endurance Non-technical vulnerabilities Think like an hacker and calibrate for the worst case Emulate / simulate your own environment (learn for your system) Put yourself targets as an hacker and try to achieve it Find your way through the complex system 5

6 Measurement of Readiness
How ready are we? Main Motivation is Defence Defending is harder than attacking Technical measures do not help alone How to measure your defensive capability Effectiveness of Defensive Measures Measurement of readiness should be system specific Human (End users and administrators) + Technology + Hardening + Monitoring + Policy 6

7 Train for What Knowledge and Skills
Cyber Security Domain Knowledge and Skills Expertise areas Skills Possible Defensive and Offensive Scenarios Incident Handling and Cyber Security Crisis 7

8 Our Approach

9 Conseptual Diagram 9

10 Building Blocks 10

11 Source of the Know-How How did we gather the know-how?
26 different governmental entities have been security tested in the last 4 years. Penetration testing of 38 banks in 2011 including the international banks (BDDK- Banking Sector Regulator) Delivered 15 technical courses to 610 personnel from 55 governmental entities Penetration testing of private sector companies (GSM Sector, Insurance etc.) Participated in NATO Locked Shields 2014 in Green and Red Temas Participating in NATO Cyber Coalition Exercices to support TAF CDC 11

12 Creating the Training

13 Scenario Module

14 A Sample Drawing for the Scenarios & Steps
14

15 A Sample: Expertise and Scenarios
Windows OS and Domain Security Some Scenarios Involved Medium Acquiring domain admin rights in a Windows Domain by pyhsically accessing an unprivileged standard domain-enabled PC Medium Acquiring domain admin rights in a Windows Domain by obtaining credentials from a truecrypt file found in an NFS shared folder Hard Acquiring domain admin rights in a Windows Domain by sending a phishing that includes a malware Hard Bypass the anti-virüs software installed on the Domain Controller …. 15

16 Training the Skills

17 A Sample Scenario: The Building Steps
Train for the possible attack methods and impact Scenario Acquiring domain admin rights in a Windows Domain by pyhsically accessing an unprivileged domain-enabled PC The steps to accomplish Step 01: Pyhsical access to a PC Step 02: Enunumerate the user accounts from the command line Step 03: Access to company network Step 04: Internal network discovery using NMAP Step 05: Vulnerability scanning using NESSUS Step 06: Find the vulnerable Windows XP machine Step 07: Vulnerability scanning using NESSUS Step 08: Find the vulnerable PC Step 09: Exploit a vulnerability to gain access to the PC Step 10: Get the password hashes of some users Step 11: Access the machine of the domain administrator by opening a meterpreter Shell Step 12: Acquire the clear-text password of the domain administrator 17

18 Measurable Steps

19 Monitoring Module

20 A Sample: Monitoring 20

21 Fielded Events Cyber Security Summer Camp for University Students
In Full Activity Cyber Security Summer Camp for University Students SiberMeydan UNI (Cyber defence contest among all universities in Turkey) National Cyber Security Exercise 21

22 Work in Progress Separately monitoring defensive and offensive actions
SATCOM Terminalleri Separately monitoring defensive and offensive actions Integrate tactical and strategic level events and notifications with the technical scenarios. Hence, get the decision support involved More simulation than emulation Simulation of technical vulnerabilities and/or OS services Use red teams as human-in-the-loop 22

23

Download ppt "Training the Future Cyber Security Specialist: A Novel Approach"

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
1 Ben Woelk RIT Information Security Office Advancing Digital Self Defense Establishing a Culture of Security Awareness at the Rochester Institute of Technology.

1 Ben Woelk RIT Information Security Office Advancing Digital Self Defense Establishing a Culture of Security Awareness at the Rochester Institute of Technology.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Computer Crime and Information Technology Security

Computer Crime and Information Technology Security
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.
IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.
Module 14: Securing Windows Server 2003. Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.

Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
CSCE 548 Secure Software Development Security Operations.

CSCE 548 Secure Software Development Security Operations.
Retina Network Security Scanner

Retina Network Security Scanner
1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration.

1 Tactics and Penetration Testing. Overview Tactics: A procedure or set of maneuvers engaged in to achieve an end, an aim, or a goal. Tactics Penetration.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.

Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Cyber Storm Overview Wednesday 2/1/06 0900 PT. Cyber Storm Cyber Storm National Cyberspace Security Exercise Mandated in National Strategy to Secure Cyberspace.

Cyber Storm Overview Wednesday 2/1/ PT. Cyber Storm Cyber Storm National Cyberspace Security Exercise Mandated in National Strategy to Secure Cyberspace.
Cyber Services Plc 2015. BRIEF SUMMARY  Founded in 2015  Founders and members are security veterans with proven international reputation  Resources.

Cyber Services Plc BRIEF SUMMARY  Founded in 2015  Founders and members are security veterans with proven international reputation  Resources.

Similar presentations

Ads by Google