kypo a platform for cyber defence exercises
play

KYPO A PLATFORM FOR CYBER DEFENCE EXERCISES Symposium on M&S - PowerPoint PPT Presentation

Dec 06, 2022 •443 likes •644 views

KYPO A PLATFORM FOR CYBER DEFENCE EXERCISES Symposium on M&S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence (MSG- 133 ), Munich, Germany 15 th October, 2015 Pavel ELEDA, Jakub EGAN Jan VYKOPAL,

  1. KYPO — A PLATFORM FOR CYBER DEFENCE EXERCISES Symposium on “M&S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence” (MSG- 133 ), Munich, Germany 15 th October, 2015 Pavel ČELEDA, Jakub ČEGAN Jan VYKOPAL, Daniel TOVARŇÁK {celeda|cegan|jan.vykopal|danos}@mail.muni.cz

  2. KYPO Vision & Goals Vision Provide unique environment for research and development of new methods to protect critical infrastructure against cyber attacks in Czech Republic. Goals Cloud infrastructure, threat detection & advanced visualization. Cyber security courses and exercises – hands-on. Contribution I ncrease readiness of Czech Republic in cyber research. Advance training methods for security teams (CERT/CSIRT). KYPO — A Platform for Cyber Defence Exercises Page 2 / 19

  3. KYPO Architecture KYPO — A Platform for Cyber Defence Exercises Page 3 / 19

  4. KYPO Architecture Cloud Users User Interface Various Scenarious KYPO — A Platform for Cyber Defence Exercises Page 4 / 19

  5. KYPO Use Cases KYPO — A Platform for Cyber Defence Exercises Page 5 / 19

  6. Cyber Research & Development Sandbox design makes experiments easily repeatable. Provides monitoring using NetFlow and packet capture (PCAP). Data is stored for further analysis or fast replay of experiment. KYPO — A Platform for Cyber Defence Exercises Page 6 / 19

  7. Forensics Analysis & Network Simulations Adjustments of the sandbox according to malware actions. Malware is kept in a safe isolated environment. Various tools can be used during the analysis in the sandbox. KYPO — A Platform for Cyber Defence Exercises Page 7 / 19

  8. Security Training & Exercises Covering skills needed by both users and ICT administrators. Main advantages are high rate of interactivity, built-in monitoring, and remote access to all computers for students. KYPO — A Platform for Cyber Defence Exercises Page 8 / 19

  9. The Design of a Cyber Defence Exercise KYPO — A Platform for Cyber Defence Exercises Page 9 / 19

  10. Cyber Exercise Design Cyber Czech 2015 – October 6-7, 2015 Objectives Focused on defending critical information infrastructure. Participants are put into the role of CSIRT members sent into unknown organizations to recover compromised networks. They have to secure the simulated infrastructure, investigate attacks and cooperate with media and organizers. Attackers are skilled and coordinated with unclear motivations. KYPO — A Platform for Cyber Defence Exercises Page 10 / 19

  11. Roles White T eam Green T eam - rules - maintain - score - repair - guide - fi x Red T eam Blue T eam - secure - attack - monitor - scan - defense - penetrate KYPO — A Platform for Cyber Defence Exercises Page 11 / 19

  12. Technical Implementation .ex D N S Global Network INTERNET Gateway Blue www ? T eam N DMZ ? www Desktop Segment Server Segment Blue T eam 1 KYPO — A Platform for Cyber Defence Exercises Page 12 / 19

  13. Monitoring Infrastructure Built-in network tra ffi c monitoring (provided by the KYPO platform). Ad-hoc host-based monitoring (based on Syslog). Ad-hoc service monitoring based on Nagios (network- and host-based). Basis for the scoring system and post-mortem evaluation of the exercise. KYPO — A Platform for Cyber Defence Exercises Page 13 / 19

  14. Scoring Implementation Availability of requested services – based on Nagios monitoring. Resistance to prepared attacks – manually rated and entered by Red team members. Quality of reporting to the organizers and media – manually assessed by White team. Penalty for 10 -minutes direct access to particular host simulating physical visit of a server room – entered by White team. KYPO — A Platform for Cyber Defence Exercises Page 14 / 19

  15. Physical Facility – KYPO Laboratory KYPO — A Platform for Cyber Defence Exercises Page 15 / 19

  16. Physical Facility – Cyber Czech 2015 All Blue team members ( 20 people) invited to KYPO Lab. 1 team = 4 people around a table with 3 desktops. KYPO — A Platform for Cyber Defence Exercises Page 16 / 19

  17. Conclusion KYPO — A Platform for Cyber Defence Exercises Page 17 / 19

  18. KYPO – Cyber Exercise & Research Platform Summary Largest (academic) cyber range in the Czech Republic. First Czech national cyber exercise – Cyber Czech 2015 . Looking for R&D partners and cyber security practioners. KYPO — A Platform for Cyber Defence Exercises Page 18 / 19

  19. THANK YOU FOR YOUR ATTENTION. Pavel Čeleda et al. www.kypo.cz @csirtmu celeda@mail.muni.cz

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Defence Exercises in a Cyber Range Frontiers in Education 2017 October 21, 2017 Jan Vykopal

Defence Exercises in a Cyber Range Frontiers in Education 2017 October 21, 2017 Jan Vykopal

Lessons Learned From Complex Hands-on Defence Exercises in a Cyber Range Frontiers in Education 2017 October 21, 2017 Jan Vykopal Masaryk University, Brno Who am I? Post-doc researcher with KYPO academic cloud-based cyber range.

451 views • 16 slides
KYPO Cyber Range Design and Use Cases ICSOFT CONFERENCE 24.7.-26.7. 2017 Daniel Tovark

KYPO Cyber Range Design and Use Cases ICSOFT CONFERENCE 24.7.-26.7. 2017 Daniel Tovark

KYPO Cyber Range Design and Use Cases ICSOFT CONFERENCE 24.7.-26.7. 2017 Daniel Tovark Masaryk University (ICS) tovarnak@ics.muni.cz Cyber Ranges Cyber Range is a platform for cyber security research and education it is a

1.1k views • 18 slides
Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan

Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan

Evaluation of Cyber Defense Exercises Using Visual Analytics Process Radek Olejek, Jan Vykopal, Karolna Bursk , and Vt Rusk IEEE Frontier in Education Conference, San Jose, USA, 2018 1 KYPO Cyber Range Cloud-based simulator

538 views • 14 slides
Cyber Defence Data Exchange and Collaboration Infrastructure 22 nd Annual FIRST Conference

Cyber Defence Data Exchange and Collaboration Infrastructure 22 nd Annual FIRST Conference

NATO Command, Control and Consultation Agency Cyber Defence Data Exchange and Collaboration Infrastructure 22 nd Annual FIRST Conference Miami, 13-18 June 2010 Luc Dandurand CAT 2 Cyber Defence and Assured Information Sharing NATO

671 views • 10 slides
The future of cyber security exercises more than just education? The Problem: how can

The future of cyber security exercises more than just education? The Problem: how can

The future of cyber security exercises more than just education? The Problem: how can we run large cyber security exercises once a week? 2 Stepping back Looking at the configuration management problem, e.g., the gap

749 views • 20 slides
Cyberspace What, Why and How DEFENCE CYBER OPERATIONS GROUP Strategic implications and use

Cyberspace What, Why and How DEFENCE CYBER OPERATIONS GROUP Strategic implications and use

Cyberspace What, Why and How DEFENCE CYBER OPERATIONS GROUP Strategic implications and use of Cyberspace Major General J Shaw ACDS(GI) DEFENCE CYBER OPERATIONS GROUP What is Cyberspace? A global domain within the information

558 views • 8 slides
What We Learn from Cyber Exercises, or Not Jim Duncan CSIRT Coordinator, BB&T 2007 June 20

What We Learn from Cyber Exercises, or Not Jim Duncan CSIRT Coordinator, BB&T 2007 June 20

What We Learn from Cyber Exercises, or Not Jim Duncan CSIRT Coordinator, BB&T 2007 June 20 2007 FIRST Annual Technical Conference Sevilla, Espaa Overview Background Purpose of exercises Examples of what we can

351 views • 23 slides
Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service 05-10-2015 05-10-2015 Who are we? Centre for Cyber Security In respect of the Rule of Law and Privacy Cyber is a priority (Gov.

455 views • 18 slides
New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective

New Defence Perspective New Defence Perspective New Defence Perspective New Defence Perspective Innovative technology, knowledge, problem solving are critical for Canada and its allies to mitigate new threats, stay ahead of potential

469 views • 18 slides
The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander

The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander

The Cyber Landscape Ikahan Seminar Jakarta April 2019 Commodore James McCormack RAN Commander Defence SIGINT and Cyber Command Scope What is cyber Cyber 101. The Conceptual Framework The nature of the cyber threat problem.

753 views • 12 slides
Seminar Whats your cyber defence? Thursday 27 February 2020 Welcome Jerry Moriarty CEO,

Seminar Whats your cyber defence? Thursday 27 February 2020 Welcome Jerry Moriarty CEO,

Seminar Whats your cyber defence? Thursday 27 February 2020 Welcome Jerry Moriarty CEO, IAPF House keeping NOTE EMERGENCY EXITS PUT MOBILE DEVICES ON SILENT FILL IN EVALUATION FORMS DOWNLOAD PRESENTATIONS AT WWW.IAPF.IE Whats your

821 views • 32 slides
Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques

Current Trends in Cyber Security Course on Cyber Attack Detection & Mitigation Techniques (NIT-K) S. K. Pal Defence Research & Development Organization (DRDO) SAG, Metcalfe House, Delhi 27-Jul-2020 1 What is Cyberspace? Refers to

766 views • 17 slides
WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison

WELCOME Les Shearn Alliance Facilitator Defence Teaming Centre Defence Industry Liaison Officer - Defence SA 1 DEFENCE SA A SOUTH AUSTRALIAN GOVERNMENT AGENCY MISSION Facilitate the growth of Defence and sustainable defence industries in

457 views • 13 slides
a Security ECONomics service platform for smart security investments and cyber insurance pricing

a Security ECONomics service platform for smart security investments and cyber insurance pricing

a Security ECONomics service platform for smart security investments and cyber insurance pricing in the beyonD 2020 era SECONDO: A Platform for Cybersecurity Investments and Cyber Insurance Decisions The 17th International Conference on Trust,

273 views • 13 slides
cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK

Building an effective and dynamic cyber defence capability: A practitioners perspective Luke Beeson, Vice President Security UK and GB&FM BT Security 1 BT Security 2 Our History Rethinking the Risk as a Trusted Security Partner BT

141 views • 10 slides
Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation

Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation

INSTITUTE OF INFORMATION SYSTEMS Probabilistic Mission Defense and Assurance NATO STO IST-148 Symposium on Cyber Defence Situation Awareness Alexander Motzek Ralf Mller Universitt zu Lbeck Institute of Information Systems

605 views • 28 slides
Ba Barossa First ssa First The he Bel Belongi nging BAROSSA FIRST: THE BELONGING

Ba Barossa First ssa First The he Bel Belongi nging BAROSSA FIRST: THE BELONGING

BARO BA ROSS SSA 2 0 1 9 T h i n k T a n k Ba Barossa First ssa First The he Bel Belongi nging BAROSSA FIRST: THE BELONGING Investm Inv stment o of $ $800k 00k + to to gr grow ow wine wine ex expor ports by by showc

396 views • 22 slides
Bishkek Project Presentation Kyrgyzstan shares borders with China, Kazakhstan, Uzbekistan and

Bishkek Project Presentation Kyrgyzstan shares borders with China, Kazakhstan, Uzbekistan and

November 2012 Bishkek Project Presentation Kyrgyzstan shares borders with China, Kazakhstan, Uzbekistan and Tajikistan; situated less than 200 miles from Afghanistan Total area is 77,181 sq miles Population is 5, 8 million Capital city of

314 views • 17 slides
WHAT CAN SOCIAL MEDIA IN CHINA TEACH THE WORLD? DR. LINDA XU CHIEF CLIENT OFFICER KANTAR

WHAT CAN SOCIAL MEDIA IN CHINA TEACH THE WORLD? DR. LINDA XU CHIEF CLIENT OFFICER KANTAR

WHAT CAN SOCIAL MEDIA IN CHINA TEACH THE WORLD? DR. LINDA XU CHIEF CLIENT OFFICER KANTAR MEDIA CIC Why social media in China is so different The Chinese Internet serves as a powerful platform for entertainment, information, socializing,

326 views • 31 slides
Polina Golomydko Anastasia Kolmagorova Toni Lappalainen Kantaro Senoo How to make it easier for

Polina Golomydko Anastasia Kolmagorova Toni Lappalainen Kantaro Senoo How to make it easier for

Danil Drobot Polina Golomydko Anastasia Kolmagorova Toni Lappalainen Kantaro Senoo How to make it easier for tourists to come and Challenge experience the Vardhus Fortress? The webpage -Responsive -Clean and Lightweight -Platform for

359 views • 8 slides
On the design of security games: From frustrating to engaging learning 2016 USENIX Advances in

On the design of security games: From frustrating to engaging learning 2016 USENIX Advances in

On the design of security games: From frustrating to engaging learning 2016 USENIX Advances in Security Education Workshop August 9, 2016 Jan Vykopal , Milo Bartk Masaryk University, Brno Who am I? Ph.D. graduate in flow-based intrusion

291 views • 17 slides
CRYTON BREACH AND ATTACK SIMULATION Thursday 4 th October, 2018 Ivo Nutr Outline Breach &

CRYTON BREACH AND ATTACK SIMULATION Thursday 4 th October, 2018 Ivo Nutr Outline Breach &

CRYTON BREACH AND ATTACK SIMULATION Thursday 4 th October, 2018 Ivo Nutr Outline Breach & Attack Simulation Cryton Cryton Page 2 / 22 About me Where I work CSIRT-MU KYPO What I Do Cryton B&S Penetration testing CyberEx GT/RT

666 views • 22 slides
Matthew Foval Chase Forbes Larry Francioni Xochitl Roman IPSEC Encrypts each data

Matthew Foval Chase Forbes Larry Francioni Xochitl Roman IPSEC Encrypts each data

Matthew Foval Chase Forbes Larry Francioni Xochitl Roman IPSEC Encrypts each data packet during the connection Transport mode and Tunneling mode Creates a tunnel between two L2TP connection points L2TP Usually paired with

510 views • 16 slides
IPv6 deployment - an ISP view Gert D oring SpaceNet AG, Munich ICANN Meeting, Lisbon, March

IPv6 deployment - an ISP view Gert D oring SpaceNet AG, Munich ICANN Meeting, Lisbon, March

SpaceNet: IPv6 Introduction 1 IPv6 deployment - an ISP view Gert D oring SpaceNet AG, Munich ICANN Meeting, Lisbon, March 25, 2007 SpaceNet: IPv6 Introduction Overview Introduction ISP network

656 views • 14 slides

More recommend