A Definitive Interoperability Test Methodology for the Malicious Activity Simulation Tool (MAST)

Hayes, Nathaniel J.

A Definitive Interoperability Test Methodology for the Malicious Activity Simulation Tool (MAST)

Active / Technical Report | Accession Number: ADA580497 |

Open PDF

Abstract:

The threat of degradation or disruption from cyber infiltration, espionage, and theft to militarily and nationally critical information and network systems poses a significant challenge to DoD and DON. To mitigate this challenge, network administrators must be trained to properly recognize and defend against malicious activity. The Malicious Activity Simulation Tool MAST, a software program under development at NPS, mimics the behavior and impact of network-based malware in an effort to train the administrators of operational DoD networks both to respond to the threats such materials present to their networks and to assess their competence in recognizing and responding to such threats. In order for MAST to achieve its potential as an acceptable assessment and training tool, it must first be shown to present no new threat to the environment for which it was designed. This thesis develops a step-by-step testing procedure, the execution of which will demonstrate that MAST can perform at a level commensurate with current criteria for operating securely on DoD networks. Additionally, this thesis discusses the quantitative testing environment and current testing and implementation methods and criteria for new cyber hardware and software programs of record in the DoD.

Author(s):

Hayes, Nathaniel J.

Author Organization(s):

NAVAL POSTGRADUATE SCHOOL MONTEREY CA

Descriptive Note:

Master's thesis

Pagination:

0119

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:

Approved For Public Release

Distribution Statement:

Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR

Identifying Numbers

Monitor Series:

NPS

Subject Terms

Joint Capability Areas:

JCA_6_Net Centric; JCA_5_Command and Control; JCA_6.1.3_Switching and Routing; JCA_5.3_Planning; JCA_6.1.1_Wired Transmission; JCA_6.1_Information Transport; JCA_6.4.1_Secure Information Exchange; JCA_6.4.2_Protect Data and Networks; JCA_6.4_Information Assurance; JCA_7.1.2_Prevent Non-kinetic Attack; JCA_7.1_Prevent; JCA_7_Protection; JCA_3.2_Engagement; JCA_3_Force Application; JCA_3.2.2_Non-Kinetic Means; JCA_1_Force Support; JCA_6.2.3_Core Enterprise Services; JCA_8_Building Partnerships; JCA_1.2_Force Preparation; JCA_4.7.2_Installation Services; JCA_4.7_Base and Installations Support

Modernization Areas:

Cyber

Communities of Interest:

Cyber

Descriptor(s):

*COMPUTER NETWORK SECURITY, *HACKING(COMPUTER SECURITY), ADMINISTRATIVE PERSONNEL, COMPUTER PROGRAMS, COMPUTERIZED SIMULATION, CYBERNETICS, INTEROPERABILITY, SOFTWARE TOOLS, THEFT, THESES, TRAINING DEVICES

Field(s)/Group(s):

Computer Programming and Software, Computer Systems Management and Standards, Protective Equipment

Report Date:

2013 Mar 01

Creation Date:

2013 Jul 31