Have you ever had to remotely monitor a network where the owners/defenders of that network were actively making the network unstable? Have you ever tried to operate in an environment where the network was under siege by skilled attackers? This is the environment that we have developed our remote monitoring and tasking system for. As the referees for this simulated battle, it was our job to ensure a fair battle could be waged.
The Cyber Defense Exercise (CDX) pits multiple defending teams, Blue cells, from U.S. and Canadian service academies against a team of professional industry and military attackers, the Red cell, on the same network in order to provide realistic training and evaluate skills learned by students. The winner of the exercise is the school whose students can best defend their network while maintaining a required standard of functionality. In order to create a realistic and fair environment, it is necessary to both generate simulated traffic on the network as well as ensure that the participants are following the rules of the exercise. With both Red and Blue cells operating in the environment independently and simultaneously, the networks can rapidly become both hostile and unstable. This is the environment in which our system must operate.
Adapting simulation and remote control software to such a contested and changing environment requires re-evaluating the typical way one thinks about distributed network monitoring and control. In this talk we will describe the unique challenges this environment created operationally, and the unique solutions our team has developed to make the simulated environment more realistic and easier to manage.
Derek Yap is an engineer for the Department of Defense, where he specializes in network and mobile security as well as large scale analytical platforms. He has also worked on automation systems for State Farm, and advanced edge router testing automation at Laurel Networks (now ECI Telecom). In his free time, Derek hacks on Raspberry Pi, Arduino, and other electronics projects to support his home automation habit.
Jim Elliott is a software engineer for the Department of Defense, where he specializes in network defense as well as analytic automation. He has previously worked as a software engineer for embedded cryptographic systems as well as satellite systems. Outside of work, Jim develops custom network security gateways and evangelizes about software and network security.
©2015, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org