Date of Award
Spring 5-27-2020
Degree Type
Thesis
Degree Name
Master of Science (MS)
School
School of Computing
First Advisor
Filipo Sharevski, PhD
Second Advisor
Greg Brewster, PhD
Third Advisor
Jacob Furst, PhD
Abstract
The cybersecurity gaming platform is named the Cyber Operations RangE (project CORE). This platform supports capture-the-flag (CTF) competitions, war games, blue/red team activities, and forensic challenges. These game modes can either be used simultaneously or interchangeably within the CORE platform. There are existing VM-based cybersecurity gaming platforms, such as the Collegiate Cyber Defense Competitions (CCDC) and the US Cyber Patriots competition, which support these game modes. A few key issues with CCDC is that scoring is not real-time, it requires a large amount of resources to run, and is not easy to manage. When scoring is not conducted in real-time it becomes problematic when identifying the skill differences between teams. The use of open-source Docker containers and the Kubernetes container orchestrator solve the resource and management issues present within CCDC and the US Cyber Patriots gaming platforms. Neither the game modes or use of containers are a novel addition to cybersecurity competitions.
Many existing cybersecurity gaming competitions are beginning to offer container-based platforms and support a large majority of the functionality that CORE supports. The novel contribution which CORE provides is the ability to score users via challenge-response (CTF style) and real-time scenarios. The real-time scoring will perform a series of checks against a competitors virtualized host(s) every second. This allows an attacker and defender to be immediately (within one second) awarded points for completing objectives. Depending on the number of competitors and number of checks present, the scoring engine will require greater resources. Due to the capabilities of the scoring engine, this platform can accurately identify the skill differences between competitors by monitoring activity in real-time. Additionally, competitors receive real-time feedback on whether their actions produced the desired outcome.
To test my thesis, I will be hosting competitions and labs on DePaul’s CORE platform for the CPS Students. I will be able to measure the value provided by CORE through post-lab and post-competition surveys. These surveys will ask the students whether the activities hosted on the CORE platform were more engaging than competitions or labs they have competed in the past. I will test the skill differences between competitors by holding a competition with CPS students. To test the performance of the scoring engine and the platform I will be collecting metrics on memory and CPU on all hosts in use during the labs and competitions hosted for the CPS students.
Recommended Citation
Vieth, Michael Peter, "Cyber operations range [CORE]: a lightweight and scalable platform for cybersecurity education through gamification" (2020). College of Computing and Digital Media Dissertations. 21.
https://via.library.depaul.edu/cdm_etd/21