Tutorial M1 – Educating Computer Security Professionals with the CyberCIEGE Video Game

Mr. Michael Thompson, Naval Postgraduate School

Monday, December 6th, Half Day

CyberCIEGE is a 3D video game that enhances computer network security education and training through constructive resource management techniques such as those employed in the Tycoon© games. In the CyberCIEGE world, players spend virtual money to operate and defend networks, and can watch the consequences of their choices, while under attack. CyberCIEGE scenarios cover network management and defense including the use of network filters, VPNs, e-mail encryption, access control mechanisms, biometrics, and PKI. Players balance budget, productivity, and security by keeping the virtual world's personnel happy (e.g., by providing Internet access) while protecting assets from vandals and professional attacks. The tutorial will cover the use of the game for education and training, and will include hands on scenario play for the audience. In addition, the tutorial will cover use of the Scenario Development Kit for creating and customizing scenarios.

While CyberCIEGE includes a set of "training and awareness" scenarios for general audiences (such as those of other computer security games like "Anti-phishing Phil"), the primary purpose of the game is broader computer security education. CyberCIEGE is built around the fundamental concepts of information security policies. Attacks are fueled by attacker motives. And motives vary by asset and scenario. The fidelity of CyberCIEGE attacks is high enough to illustrate functions of technical protection mechanisms and configuration-related vulnerabilities. For example, an attack might occur because a particular firewall port is left open and a specific component lacks a suitable patch management policy. This attack engine is coupled with an economy engine that measures the virtual user's ability to achieve goals (i.e., read or write assets). This combination enables scenarios that illustrate real-world trade-offs such as the use of air-gaps vs. the risks of cross domain solutions when accessing assets on both sensitive and unclassified networks.

CyberCIEGE was created by the Naval Postgraduate School in partnership with Rivermind Inc., and it is deployed around the world in universities, community colleges and government organizations. The US Government has unlimited use of the game, and a no-cost license to use CyberCIEGE is available to educational institutions, and hundreds of such institutions have requested the game. The target audience of the tutorial is computer security instructors and those developing security training and education programs.

Outline

  1. Overview, purpose and intended audience of the game. Introductory video. Training scenarios vs Educational scenarios. Online encyclopedia and tutorial movies. Example training scenario
  2. Scenarios illustrating basic network security concepts. Introductory tutorial scenario. Examples of game engine triggers, conditions and attacks. Basic game mechanics. Information security policy and physical security. Hands on play by attendees of introduction scenario.
  3. Intermediate computer security concepts. Network filters and their limitations (Network filters Scenario). Access control policies and assurance (Genes R Us scenario). User identification. Encryption, VPNs, Email protection. Hands on play by attendees of filters scenario.
  4. Deploying the game for training and education. Mechanics of distribution and deployment. Use of the game to augment case studies, directed group play. Student assessment tool.
  5. Creating and customizing scenarios. Game engine: Attack models, Game economy, Triggers and conditions. Use of the Scenario Development Tool (SDT).
  6. Hands on supervised scenario play by the attendees.
  7. Example of scenario construction. SDT mechanics. Scenario testing.

Prerequisites

Attendees will each need access to a computer (e.g. laptop) having a Windows operating system. Those with Mac computers can run the game using VMWare Fusion and a Windows guest operating system. Most relatively modern laptops and notebooks will run the game. Test the game on your laptop using the free evaluation version available at http://cisr.nps.edu/cyberciege/downloads/setup-demo.exe.

About the Instructor

Mr. Michael Thompson is a Research Associate in the Center for Information Systems Security Studies and Research at the Naval Postgraduate School in Monterey, California. He is the lead engineer for CyberCIEGE and is responsible for its ongoing development and maintenance. He holds a B.S. in Electrical Engineering from Marquette University. His research interests include security engineering and high assurance computer security, and he has over twenty years experience in the field of computer security.