Prototype Implementation of Cybersecurity Techniques for Practical Education

doi: 10.32567/hm.2023.3.9

Copyright (c) 2024 Debreceniné Deák Veronika

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

Abstract

The aim of cyber security practices is to prepare employees to execute cybersecurity strategies actively and effectively. However, the use of several currently available platforms and educational materials requires deeper IT knowledge, hence mostly IT security experts are capable of performing these tasks effectively. The ultimate goal is to develop educational materials that can be used to train employees without deeper IT background, either in various organizations of the public service, such as
public administration or defence, or even in the private sector. The aim of the present paper is to define the operation of a simulation framework implemented in the framework of public service cybersecurity training, in which students can acquire the skills, abilities and knowledge necessary to execute defence mechanisms in case of cyberattacks.

Keywords:

cybersecurity practical education simulation environment cyber attack

How to Cite

Debreceniné Deák, V. (2024). Prototype Implementation of Cybersecurity Techniques for Practical Education. Military Engineer, 18(3), 121–144. https://doi.org/10.32567/hm.2023.3.9

References

Beuran, Razvan et al. (2017): CyTrONE: An Integrated Cybersecurity Training Framework. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy, Porto, Portugal, 157–166. Online https://doi. org/10.5220/0006206401570166

Cartwright, General James (2011): Memorandum for Chiefs of the Military Servs., Commanders of the Combatant Commands, Dirs.of the Joint Staff Directories on Joint Terminology for Cyberspace Operations 5. Washington, D.C.: Department of Defense.

Čeleda, Pavel et al. (2015): KYPO – A Platform for Cyber Defence Exercises.M&S Support to Operational Tasks Including War Gaming, Logistics, Cyber Defence. NATO Science and Technology Organization. Online: http://dx.doi.org/10.14339/ STO-MP-MSG-133-08-doc

Conklin, Arthur – Cline, Raymond – Roosa, Tiffany (2014): Re-engineering Cybersecurity Education in the US: An Analysis of the Critical Factors. In 47th Hawaii International Conference on System Sciences, 2006–2014. Online: https://doi. org/10.1109/HICSS.2014.254

Deák Veronika (2019): Kártékony programok terjedése social engineering technikákon keresztül. Hadmérnök, 14(2), 256–271. Online: https://doi.org/10.32567/ hm.2019.2.21

Deák Veronika (2020a): A közszolgálati kiberbiztonsági képzés helye nemzetközi viszonylatban. Hadmérnök, 15(4), 159–177. Online: hhttps://doi.org/10.32567/ hm.2020.4.11

Deák Veronika. (2020b): A közszolgálati kiberbiztonsági képzés lehetősége Magyarországon. Hadmérnök, 15(3), 157–178. Online: hhttps://doi.org/10.32567/hm.2020.3.9

Fehér Krisztián (2016): Kezdő hackerek kézikönyve.Budapest: BBS-INFO Könyvkiadó és Informatikai Kft.

Ficco, Massimo – Palmieri, Francesco (2019): Leaf: An Open-source Cybersecurity Training Platform for Realistic Edge-IoT Scenarios. Journal of Systems Architecture, 97, 107–129. Online: https://doi.org/10.1016/j.sysarc.2019.04.004

Garrels, Machtelt (2004): Bash Guide for Beginners.United Kingdom: Fultus Corporation.

Gyányi Sándor (2007): DDOS támadások veszélyei és az ellenük való védekezés. Hadmérnök, Különszám. Online: http://hadmernok.hu/kulonszamok/robothad-viseles7/gyanyi_rw7.html

Hart, Stephen et al. (2020): Riskio: A Serious Game for Cyber Security Awareness and Education. Computers & Security, 95. Online: https://doi.org/10.1016/j. cose.2020.101827

Hathaway, Oona et al. (2012): The Law of Cyber-attack. California Law Review, 100(4), 817–885. Online: https://doi.org/10.15779/Z38CR6N

Heckman, Kristin et al. (2013): Active Cyber Defense with Denial and Deception: A Cyber-Wargame Experiment. Computers & Security, 37, 72–77. Online: https:// doi.org/10.1016/j.cose.2013.03.015

Herring, Michael – Willett, Keith (2014): Active Cyber Defense: A Vision for Real-time Cyber Defense. Journal of Information Warfare, 13(2), 46–55. Online: https://www. jstor.org/stable/26487121

Hong, Junho et al. (2015): Cyber-physical Security Test Bed: A Platform for Enabling Collaborative Cyber Defense Methods.PACWorld Americas Conference.

Jin, Ge et al. (2018) Game Based Cybersecurity Training for High School Students. In Proceedings of the 49th ACM Technical Symposium on Computer Science Education, Baltimore, 68–73. Online: https://doi.org/10.1145/3159450.3159591

Kennedy, David et al. (2011): Metasploit: The Penetration Tester’s Guide. San Francisco: No Starch Press.

Kuo, Cheng-Chung et al. (2018): Cyber Attack and Defense Training: Using EMULAB as a Platform. International Journal of Innovative Computing, Information and Control, 14, 2245–2258. Online: https://doi.org/10.24507/ijicic.14.06.2245

Muha Lajos – Krasznay Csaba (2018): Az elektronikus információs rendszerek biztonságának menedzselése.Budapest: Nemzeti Közszolgálati Egyetem. Online: http://hdl.handle.net/11410/11173

Owens, William – Dam, Kenneth E. – Lin, Herbert S. (2009): Technology, Policy, Law, and Ethics Regarding US Acquisition and Use of Cyberattack Capabilities.Washington, D.C.: The National Academies Press. Online: https://doi.org/10.17226/12651

Schepens, Wayne – James, John (2003): Architecture of a Cyber Defense Competition. In 2003 IEEE International Conference on Systems, Man and Cybernetics, Washington, 4300–4305. Online: https://doi.org/10.1109/ICSMC.2003.1245660

Szabó András (2018): Technikai kiberbiztonsági gyakorlatok – Nemzetközi kitekintés. Hadmérnök, 13(1), 286–301.

Uma, M. – Padmavathi, Ganapathi (2013): A Survey on Various Cyber Attacks and Their Classification. International Journal of Network Security, 15(5), 390–396. Online: https://doi.org/10.6633/IJNS.201309.15(5).09

Varga Máté (2010): Számítógépes virtualizáció. Online: https://docplayer. hu/2946347-Szamitogepes-virtualizacio.html