the iwar range: a laboratory for undergraduate information assurance education by maj. joseph...
TRANSCRIPT
The IWAR Range: a The IWAR Range: a Laboratory for Laboratory for Undergraduate Undergraduate
Information Assurance Information Assurance EducationEducationBy Maj. Joseph Schafer (Naval War By Maj. Joseph Schafer (Naval War
College), Daniel J. Ragsdale and John R. College), Daniel J. Ragsdale and John R. Surdu (Information Technology and Surdu (Information Technology and
Operations Center, USMA), and Curtis Operations Center, USMA), and Curtis A Carver (Texas A & M University)A Carver (Texas A & M University)
Presented by Allen Stone
Information WarfareInformation Warfare
““Any electronic attack intended to Any electronic attack intended to disrupt a computer system” – Panda disrupt a computer system” – Panda and Yalamanchiliand Yalamanchili
IWAR Range: Attack/Defend IWAR Range: Attack/Defend Network for Educational PurposesNetwork for Educational Purposes
Very Literal Significance: The Very Literal Significance: The Defense of the United StatesDefense of the United States
ObjectivesObjectives
Types of WarfareTypes of Warfare Analog vs. ElectronicAnalog vs. Electronic
The LabThe Lab BackgroundBackground SetupSetup Classroom UseClassroom Use Process to Create a RangeProcess to Create a Range Future WorkFuture Work
Information Warfare Example (Black Information Warfare Example (Black Hat)Hat)
Types of WarfareTypes of Warfare
MilitaryMilitary ““Nationalism”Nationalism”
CriminalCriminal IndustrialIndustrial ConvolutedConvoluted
““Idealism”Idealism” JuvenileJuvenile
IWAR rangeIWAR range
Information Warfare Analysis and Information Warfare Analysis and Research LaboratoryResearch Laboratory Isolated LaboratoryIsolated Laboratory HeterogeneousHeterogeneous Modeled After Production SystemsModeled After Production Systems
Exploits and Tools are WeaponsExploits and Tools are Weapons
BackgroundBackground
TechnologyTechnology Overly Prepared or Not Utilizing What Overly Prepared or Not Utilizing What
is Thereis There Y2KY2K
Information Assurance Course Information Assurance Course (USMA)(USMA) Future Military LeadersFuture Military Leaders Know Your EnemyKnow Your Enemy
Ethical Issues with Malicious CodingEthical Issues with Malicious Coding
Electronic “Range”Electronic “Range”
Conventional Conventional Weapon RangeWeapon Range Inside vs. OutsideInside vs. Outside
4 Networks4 Networks Gray (Attack)Gray (Attack) Gold (Target)Gold (Target)
Green (Tactical Green (Tactical Command)Command)
Black (Faculty Black (Faculty Research)Research)
The Making of IWARThe Making of IWAR Minimize MisuseMinimize Misuse
IsolationIsolation On-Hand ResourcesOn-Hand Resources
Rescued MachinesRescued Machines Search BoxesSearch Boxes
Compressed Time TableCompressed Time Table All in One LabAll in One Lab
Divided RoomDivided Room KVM SwitchesKVM Switches ServicesServices
Total Cost: $20,000Total Cost: $20,000
IWAR LiteIWAR Lite
1:10 Cost-Value 1:10 Cost-Value Ratio could have Ratio could have been even betterbeen even better Rescued SystemsRescued Systems OS CostsOS Costs Abbreviated Abbreviated
ArchitectureArchitecture
Worth the Effort?Worth the Effort?
Hands-On vs. PowerPoint and Hands-On vs. PowerPoint and WhiteboardWhiteboard
Cadets Also Must Learn DefenseCadets Also Must Learn Defense Largely Positive FeedbackLargely Positive Feedback
Future WorkFuture Work
Branching OutBranching Out Rebuilding IWARRebuilding IWAR ACM ChapterACM Chapter
Fun, Unthreatening, Un-GradedFun, Unthreatening, Un-Graded
The Middle East The Middle East Cyberwar - 2001Cyberwar - 2001
Web Defacement and Denial of ServiceWeb Defacement and Denial of Service PropagandaPropaganda
Poisoned Pen TacticsPoisoned Pen Tactics
Less than 100 Core HackersLess than 100 Core Hackers Thousands of Volunteers and ConscriptsThousands of Volunteers and Conscripts
Emotional, Ideological, Patriotic, ReligiousEmotional, Ideological, Patriotic, Religious Israel, Palestine, Iran, Lebanon, Malaysia, Israel, Palestine, Iran, Lebanon, Malaysia,
Qatar, U.A.E., U.S.Qatar, U.A.E., U.S.
SpreadSpread
ReferencesReferences ““The IWAR Range: A Laboratory for Undergraduate The IWAR Range: A Laboratory for Undergraduate
Information Assurance Education” – Schafer, Ragsdale, Information Assurance Education” – Schafer, Ragsdale, Surdu, and Carver – “Proceedings of the Sixth Annual Surdu, and Carver – “Proceedings of the Sixth Annual CCSC Northeastern Conference on the Journal of CCSC Northeastern Conference on the Journal of Computing in Small Colleges” – Consortium for Computing Computing in Small Colleges” – Consortium for Computing Sciences in CollegesSciences in Colleges
““Cyber Jihad and the Globalization of Warfare: Computer Cyber Jihad and the Globalization of Warfare: Computer Networks as a Battle Ground in the Middle East Networks as a Battle Ground in the Middle East andBeyond” – Kenneth Geers (NCIS) and Dr. Peter Feaver andBeyond” – Kenneth Geers (NCIS) and Dr. Peter Feaver (Duke University) – Black Hat USA 2004 Briefings and (Duke University) – Black Hat USA 2004 Briefings and Training, July 24-29, Las Vegas, NVTraining, July 24-29, Las Vegas, NV
““Transaction Fusion in the Wake of Information Warfare” – Transaction Fusion in the Wake of Information Warfare” – Brajendra Panda and Rajesh Yalamanchili (University of Brajendra Panda and Rajesh Yalamanchili (University of North Dakota) – Proceedings of the 2001 ACM Symposium North Dakota) – Proceedings of the 2001 ACM Symposium on Applied Computing – ACM Special Interest Group on on Applied Computing – ACM Special Interest Group on Applied ComputingApplied Computing