Accession Number : AD1053369


Title :   Cyber Event Artifact Investigation Training in a Virtual Environment


Descriptive Note : Technical Report


Corporate Author : Naval Postgraduate School Monterey United States


Personal Author(s) : Mims,Simone M ; Wylkynsone,Tye R


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/1053369.pdf


Report Date : 01 Dec 2017


Pagination or Media Count : 119


Abstract : The Internet has created many new technology advances that make everyday life easier and more efficient. However, technology has also enabled new attack capabilities and platforms that have the potential to cripple Department of Defense (DOD) and civilian information systems and cyber infrastructure. In order to minimize damages these threats could cause, the DOD needs well-trained operators and skilled cyber incident first responders at the helm. The first portion of this research focused on identifying operating system artifacts that give first responders the best information with which to identify if a cyber incident has occurred, or is occurring, and to determine the type of incident. The second portion of this research focused on developing virtual environments where students can participate in guided training and challenge labs. These labs can train system operators to recognize incident indicators and allow first responders to focus on collecting necessary information quickly. The Training Lab focuses on leading the student through an investigation of each designated artifact, while the Challenge Lab provides less guidance in order to test the students acquired skills. This partnered learning experience should lead to more proficient cyber incident reporting and should decrease the response delay between detection and recovery


Descriptors :   Department of Defense , training , information systems , threats , SYNTHETIC ENVIRONMENT SIMULATIONS , learning , Operating Systems


Subject Categories : Computer Systems Management and Standards
      Military Forces and Organizations


Distribution Statement : APPROVED FOR PUBLIC RELEASE