Visible to the public Cyber Range for Research-Inspired Learning of “Attack Defense by Pretense” Principle and Practice

TitleCyber Range for Research-Inspired Learning of “Attack Defense by Pretense” Principle and Practice
Publication TypeJournal Article
Year of Publication2021
AuthorsVekaria, Komal Bhupendra, Calyam, Prasad, Wang, Songjie, Payyavula, Ramya, Rockey, Matthew, Ahmed, Nafis
JournalIEEE Transactions on Learning Technologies
Volume14
Pagination322—337
Date Publishedjun
ISSN1939-1382
KeywordsAttack defense by pretense, cloud computing, Computer crime, cryptojacking, cyber defense training, cyber range, Human Behavior, Metrics, pubcrawl, research-inspired learning, resilience, Resiliency, Scalability, Task Analysis, Tools, Training, Virtual machining
AbstractThere is an increasing trend in cloud adoption of enterprise applications in, for example, manufacturing, healthcare, and finance. Such applications are routinely subject to targeted cyberattacks, which result in significant loss of sensitive data (e.g., due to data exfiltration in advanced persistent threats) or valuable utilities (e.g., due to resource the exfiltration of power in cryptojacking). There is a critical need to train highly skilled cybersecurity professionals, who are capable of defending against such targeted attacks. In this article, we present the design, development, and evaluation of the Mizzou Cyber Range, an online platform to learn basic/advanced cyber defense concepts and perform training exercises to engender the next-generation cybersecurity workforce. Mizzou Cyber Range features flexibility, scalability, portability, and extendability in delivering cyberattack/defense learning modules to students. We detail our "research-inspired learning" and "learn-apply-create" three-phase pedagogy methodologies in the development of four learning modules that include laboratory exercises and self-study activities using realistic cloud-based application testbeds. The learning modules allow students to gain skills in using latest technologies (e.g., elastic capacity provisioning, software-defined everything infrastructure) to implement sophisticated "attack defense by pretense" techniques. Students can also use the learning modules to understand the attacker-defender game in order to create disincentives (i.e., pretense initiation) that make the attacker's tasks more difficult, costly, time consuming, and uncertain. Lastly, we show the benefits of our Mizzou Cyber Range through the evaluation of student learning using auto-grading, rank assessments with peer standing, and monitoring of students' performance via feedback from prelab evaluation surveys and postlab technical assessments.
DOI10.1109/TLT.2021.3091904
Citation Keyvekaria_cyber_2021