Build resilient systems at scale
October 12–14, 2015 • New York, NY

Robust, scalable architecture for remote monitoring and control in a hostile environment

Derek Yap (Dept of Defense), James Elliott (Dept of Defense)
1:15pm–1:55pm Tuesday, 10/13/2015
Location: Beekman Parlor
Average rating: ***..
(3.28, 18 ratings)
Slides:   1-PDF 

Prerequisite Knowledge

- Familiarity with tools like RabbitMQ, Kibana, ElasticSearch, Selenium - Basic IT security knowledge

Description

Have you ever had to remotely monitor a network where the owners/defenders of that network were actively making the network unstable? Have you ever tried to operate in an environment where the network was under siege by skilled attackers? This is the environment that we have developed our remote monitoring and tasking system for. As the referees for this simulated battle, it was our job to ensure a fair battle could be waged.

The Cyber Defense Exercise (CDX) pits multiple defending teams, Blue cells, from U.S. and Canadian service academies against a team of professional industry and military attackers, the Red cell, on the same network in order to provide realistic training and evaluate skills learned by students. The winner of the exercise is the school whose students can best defend their network while maintaining a required standard of functionality. In order to create a realistic and fair environment, it is necessary to both generate simulated traffic on the network as well as ensure that the participants are following the rules of the exercise. With both Red and Blue cells operating in the environment independently and simultaneously, the networks can rapidly become both hostile and unstable. This is the environment in which our system must operate.

Adapting simulation and remote control software to such a contested and changing environment requires re-evaluating the typical way one thinks about distributed network monitoring and control. In this talk we will describe the unique challenges this environment created operationally, and the unique solutions our team has developed to make the simulated environment more realistic and easier to manage.

Photo of Derek Yap

Derek Yap

Dept of Defense

Derek Yap is an engineer for the Department of Defense, where he specializes in network and mobile security as well as large scale analytical platforms. He has also worked on automation systems for State Farm, and advanced edge router testing automation at Laurel Networks (now ECI Telecom). In his free time, Derek hacks on Raspberry Pi, Arduino, and other electronics projects to support his home automation habit.

Photo of James Elliott

James Elliott

Dept of Defense

Jim Elliott is a software engineer for the Department of Defense, where he specializes in network defense as well as analytic automation. He has previously worked as a software engineer for embedded cryptographic systems as well as satellite systems. Outside of work, Jim develops custom network security gateways and evangelizes about software and network security.

Stay Connected

Follow Velocity on Twitter Facebook Group Google+ LinkedIn Group

Videos

More Videos »

O’Reilly Media

Tech insight, analysis, and research