• et al., 2010)
  • et al., Information Security Education Journal Volume 2 Number 1 June 2015 37 2010)




    Download 347,92 Kb.
    Pdf ko'rish
    bet5/10
    Sana17.05.2024
    Hajmi347,92 Kb.
    #240858
    1   2   3   4   5   6   7   8   9   10
     et al.,


    Information Security Education Journal Volume 2 Number 1 June 2015
    37
    2010)
    . Specifically, a comparison between DoDIAA and CyberCIEGE is studied: their conclusion was that CyberCIEGE is a
    more powerful tool to train and teach students in cybersecurity concepts(Jones
     et al., 2010)
    .
    DeterLab (Mirkovic et al., 2012) is an active way of teaching cyber security concepts. DeterLab places the students in cyber
    threat real world attack where for example the student has to face a SQL injection attack, watch the consequences of this attack
    (e.g., database corruption) and then solve the problem (e.g., applying Sql store procedures) so this attack cannot happen again.
    DeterLab also helps students become the next generation cyber researchers or cyber analysts working for the government,
    military or private companies. There’s an open spirit in the DeterLab which means that if a teacher has a suggestion to improve
    DeterLab. The DeterLab community will use that idea to improve the tool. Deter lab has been evolving all these years also in the
    direction of the users of this tool, mostly cyber security specialists, constant feedback from the teachers and researches of Deter
    lab keeps the tool updating its architecture to meet the needs of the users.
    As we can see most training tools doesn’t include a series lab show to expose and deal Insider Threat attacks, but has all the
    architecture and purpose that we want to use to achieve the goal of our research project. CyberCIEGE, DeterLab and CyberProtect
    are great tools that propose interactive learning and training by letting students face simulated real world cyber threat attacks.
    In this environment by trial and error they will learn the effective methods and techniques to counteract these attacks and by
    doing this their practical cyber security skills will increase. This paper attempts to build on the foundation presented by these
    tools and apply it to specifically insider threat attacks because the fact is that there’s not a specific standard or model to deal
    with insiders in the private sector. A standard means that there’s not a coherent program or framework that can deal effectively
    with this malicious kind of threats. This paper attempts to build a module using CyberCIEGE to train cyber security professionals
    and students to deal effectively with insider threats.

    Download 347,92 Kb.
    1   2   3   4   5   6   7   8   9   10




    Download 347,92 Kb.
    Pdf ko'rish

    Bosh sahifa
    Aloqalar

        Bosh sahifa



    et al., Information Security Education Journal Volume 2 Number 1 June 2015 37 2010)

    Download 347,92 Kb.
    Pdf ko'rish