Hit 'em Where it Hurts: A Live Security Exercise on Cyber Situational Awareness

Final pdf 451KB

Presentation pdf 13.4MB

Adam Doupé
University of California Santa Barbara
United States

Manuel Egele
Technical University Vienna
Austria

Benjamin Caillat
Ecole Superieure d'Informatique Electronique Automatique
France

Gianluca Stringhini
University of California Santa Barbara
United States

Gorken Yakin
University of California Santa Barbara
United States

Ali Zand
University of California Santa Barbara
United States

Ludovico Cavedon
University of California Santa Barbara
United States

Giovanni Vigna
University of California Santa Barbara
United States

Abstract:
Live security exercises are a powerful educational tool to motivate students to excel and foster research and development of novel security solutions. Our insight is to design a live security exercise to provide interesting datasets in a specific area of security research. In this paper we validated this insight, and we present the design of a novel kind of live security competition centered around the concept of Cyber Situational Awareness. The competition was carried out in December 2010, and involved 72 teams (900 students) spread across 16 countries, making it the largest educational live security exercise ever performed. We present both the innovative design of this competition and the novel dataset we collected. In addition, we define Cyber Situational Awareness metrics to characterize the toxicity and effectiveness of the attacks performed by the participants with respect to the missions carried out by the targets of the attack.