Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud-based Resources for Cybersecurity Education and Training

Published byDominic Payne Modified over 5 years ago

Similar presentations

Presentation on theme: "Cloud-based Resources for Cybersecurity Education and Training"— Presentation transcript:

1 Cloud-based Resources for Cybersecurity Education and Training
David Raymond, Ph.D. Director, Virginia Cyber Range

2 Cybersecurity Talent Shortfalls

3 What is a Cyber Range? Isolated network Usually virtualized Used for:
Activity will appear malicious Actual malware sometimes used Usually virtualized Allows for maximum configurability Scripted network environment creation Used for: Hands-on cybersecurity training Defensive AND offensive Classroom exercises Capture-the-flag and red/blue CTFs Device and software testing Incident response rehearsals

4 Virginia Cyber Range: Background
Recommended by the Virginia Cyber Security Commission in August 2015 Funded by Commonwealth of Virginia on July 1st, 2016 2016 Executive Budget Document, Item 224, Paragraph J: “Out of this appropriation, [two years of funding will be] designated to support a cyber range platform to be used for cyber security training by students in Virginia's public high schools, community colleges, and four-year institutions. Virginia Tech shall form a consortium among participating institutions, and shall serve as the coordinating entity for use of the platform. The consortium should initially include all Virginia public institutions with a certification of academic excellence from the federal government.” 4 States have more CAEs than Virginia (10) – we want to be at the top! Florida: 14 Maryland: 17 New York: 12 Texas: 16

5 Governance: Executive Committee
George Mason University James Madison University Longwood University Lord Fairfax Community College Norfolk State University Thomas Nelson Community College Northern Virginia Community College Radford University Tidewater Community College Virginia Tech Danville Community College University of Virginia

6 Courseware Repository
Courses, modules, and exercises for use in HS, CC, and university cybersecurity curricula Instructors/professors can select course content in full or a la carte Grants offered for courseware development Courseware Repository Menu of per-student exercise environments for use in cybersecurity courses Working towards team-based offensive and defensive, scenario-based environments Capture-the-Flag infrastructure for cybersecurity competitions Exercise Area Consortium governance Convene workshops and conferences to “teach the teachers” and share best practices Helping to expand NSA/DHS CAE certification among Virginia colleges and universities Community of Purpose

7 Leveraging the Public Cloud
Design Requirements: Difficult to predict resource requirements Completely automatable Cost effective Short-term surge capacity Available anywhere Web portal for access to content Role-based access Login to see user-specific content Students just need a web browser and internet connection! Why the Cloud? Unlimited scalability! Quick start-up phase Low capital investment Rapid scalability Surge capacity Location independent Highly automated Pay as you use

8 Virginia Cyber Range Internet School network TCP:80;443 TCP:80;443
Proxy TCP:80;443 www. something. com Internal IP 10.10.x.y External IP TCP:3389 TCP:22 TCP:443 Student School network

9 Exercise Area Stats

10 Schools Supported

11 What is Capture-the-Flag?
Cybersecurity Competition Can be individual or team-based Sometimes in-person, often remote Various formats Jeopardy-style. Most popular and easiest to create Attack/Defend (Red/Blue) Hosted by: College CTF teams Companies looking for talent DoD and other government agencies You!

12 Example Jeopardy Board (NYU-Poly, 2012)

13 Common Challenge Types: Overview
Reconnaissance (“Recon”) Answer a question or follow a trail of hints to find a flag Cryptography (“Crypto”) Related to simple ciphers or modern cryptography algorithms Reverse Engineering (“Reversing”) Analyzing an executable program to produce a flag Web Find flag hidden in web page or vulnerable web application Digital Forensics (“Forensics”) Find digital artifacts in a drive image Networking Find a flag by analyzing captured network traffic

14 Want to play? Register for the CTF at (click “Register”) It might help to have Kali Linux virtual machine for some challenges On the ‘Login’ dialog, click “Have an invitation code?” and enter 327JPNCKJ2CP Select login option (Google, Facebook, Azure) 1. 2. 327JPNCKJ2CP 

15 Questions?

Download ppt "Cloud-based Resources for Cybersecurity Education and Training"

Similar presentations

The College Classroom in 2020: It Wont Be What It Is Today 1.

The College Classroom in 2020: It Wont Be What It Is Today 1.
National Database Templates for the Biosafety Clearing-House Application (NDT-nBCH) Overview of the US nBCH Applications.

National Database Templates for the Biosafety Clearing-House Application (NDT-nBCH) Overview of the US nBCH Applications.
Working Together to Integrate Veterans in Your Workforce Moderator: Judith Villamil, Monster Government Solution Ted Wadsworth, Senior Director of Veteran.

Working Together to Integrate Veterans in Your Workforce Moderator: Judith Villamil, Monster Government Solution Ted Wadsworth, Senior Director of Veteran.
CASE SCENARIO: GOOGLE DRIVE.  When Google Drive first launched, it served as a place to store your files in the cloud so that they could be accessed.

CASE SCENARIO: GOOGLE DRIVE.  When Google Drive first launched, it served as a place to store your files in the cloud so that they could be accessed.
Distance Learning: A Postsecondary Update John Opper Florida Distance Learning Consortium.

Distance Learning: A Postsecondary Update John Opper Florida Distance Learning Consortium.
Homeland Security 11 1) IT Security Courseware and Hands-on Labs, via Virtual Training Environment (VTE) 2) Federal Cybersecurity Training Exercise Program.

Homeland Security 11 1) IT Security Courseware and Hands-on Labs, via Virtual Training Environment (VTE) 2) Federal Cybersecurity Training Exercise Program.
Holyoke Public Schools Professional Development By, Judy Taylor

Holyoke Public Schools Professional Development By, Judy Taylor
By Raymond Greenlaw United States Naval Academy, Annapolis, Maryland Chiang Mai University, Chiang Mai, Thailand Ray gratefully acknowledges partial support.

By Raymond Greenlaw United States Naval Academy, Annapolis, Maryland Chiang Mai University, Chiang Mai, Thailand Ray gratefully acknowledges partial support.
Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.

Technology Steering Group January 31, 2007 Academic Affairs Technology Steering Group February 13, 2008.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
1 Virtual Forensics Lab Steve Kim (Client) Marilyn Silva Rajeswari Ian Anu Nagpal Anthony Glover 1.

1 Virtual Forensics Lab Steve Kim (Client) Marilyn Silva Rajeswari Ian Anu Nagpal Anthony Glover 1.
CAPTURE THE FLAG (CTF) Maxim A. Kulakov (Vladimir State University)

CAPTURE THE FLAG (CTF) Maxim A. Kulakov (Vladimir State University)
Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs

Herbert Bos Erik van der Kouwe Remco Vermeulen Andrei Bacs
Cloud Computing.

Cloud Computing.
Florida Distance Learning Consortium www.fldc.org John Opper, Ph.D. Executive Director March 23, 2011 Florida Distance Learning Consortium: An Overview.

Florida Distance Learning Consortium John Opper, Ph.D. Executive Director March 23, 2011 Florida Distance Learning Consortium: An Overview.
The DSpace Course Module – An introduction to DSpace.

The DSpace Course Module – An introduction to DSpace.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.

CSE 4481 Computer Security Lab Mark Shtern. INTRODUCTION.
SALSA-NetAuth Joint Techs Vancouver, BC July 2005.

SALSA-NetAuth Joint Techs Vancouver, BC July 2005.
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.

1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.

Similar presentations

Ads by Google