The Conception of EDURange: Difference between revisions
Jwgranville (talk | contribs) Created page with "Category:Project History and Roadmaps Conceptually, EDURange started around 2011 when Jens, Michael Locasto, and Richard started talking about creating exercises for cybersecurity courses. The idea was generated at a dinner with Michael, Sergey Bratus, Brian Fite, and Richard. Brian was packet master for a competition called PacketWars, and he was looking for a way to be a player and not the one running the competition. He had a number of innovative ideas. He wanted..." |
Jwgranville (talk | contribs) No edit summary |
||
| Line 4: | Line 4: | ||
Michael was interested in the question of what makes a great cybersecurity expert. Someone who not only knows the tools but also how to apply them in innovative ways. For Michael, this was captured by the concept of analysis skills. It is the ability to see patterns in large complex data or systems. There were only a few frameworks available at the time: SEED labs, The Rave, and DeterLab. In our view, their exercises did not emphasize analysis, and the problem was that we could not modify them to create ones that did. A vision we had was that analysis takes time and doesn’t fit into a 2 hour slot. Sometimes you need to think about a problem for days before a breakthrough happens. Our idea was that you needed repeatable exercises that students could come back to. The closest we have come to that is the last challenge in SSH Inception, where as soon as bash runs, it logs the user out. The tension is that students want something that they can complete in a fixed short amount of time. Perhaps we need that for introductory exercises but can move away from that in the more advanced ones. Also, there are different ways to implement such an open-ended approach. It could be that the scenario can be suspended and re-started, or there would be multiple levels within the scenario, or there would be multiple versions of the scenario that require the same type of analysis. | Michael was interested in the question of what makes a great cybersecurity expert. Someone who not only knows the tools but also how to apply them in innovative ways. For Michael, this was captured by the concept of analysis skills. It is the ability to see patterns in large complex data or systems. There were only a few frameworks available at the time: SEED labs, The Rave, and DeterLab. In our view, their exercises did not emphasize analysis, and the problem was that we could not modify them to create ones that did. A vision we had was that analysis takes time and doesn’t fit into a 2 hour slot. Sometimes you need to think about a problem for days before a breakthrough happens. Our idea was that you needed repeatable exercises that students could come back to. The closest we have come to that is the last challenge in SSH Inception, where as soon as bash runs, it logs the user out. The tension is that students want something that they can complete in a fixed short amount of time. Perhaps we need that for introductory exercises but can move away from that in the more advanced ones. Also, there are different ways to implement such an open-ended approach. It could be that the scenario can be suspended and re-started, or there would be multiple levels within the scenario, or there would be multiple versions of the scenario that require the same type of analysis. | ||
- Richard | |||
2025-06-29 | |||
Latest revision as of 16:43, 30 June 2025
Conceptually, EDURange started around 2011 when Jens, Michael Locasto, and Richard started talking about creating exercises for cybersecurity courses. The idea was generated at a dinner with Michael, Sergey Bratus, Brian Fite, and Richard. Brian was packet master for a competition called PacketWars, and he was looking for a way to be a player and not the one running the competition. He had a number of innovative ideas. He wanted a way to specify competition environments, so that they could be replicated in different frameworks and they would be comparable, i.e. a standardization methodology for attack-defense competitions.
Michael was interested in the question of what makes a great cybersecurity expert. Someone who not only knows the tools but also how to apply them in innovative ways. For Michael, this was captured by the concept of analysis skills. It is the ability to see patterns in large complex data or systems. There were only a few frameworks available at the time: SEED labs, The Rave, and DeterLab. In our view, their exercises did not emphasize analysis, and the problem was that we could not modify them to create ones that did. A vision we had was that analysis takes time and doesn’t fit into a 2 hour slot. Sometimes you need to think about a problem for days before a breakthrough happens. Our idea was that you needed repeatable exercises that students could come back to. The closest we have come to that is the last challenge in SSH Inception, where as soon as bash runs, it logs the user out. The tension is that students want something that they can complete in a fixed short amount of time. Perhaps we need that for introductory exercises but can move away from that in the more advanced ones. Also, there are different ways to implement such an open-ended approach. It could be that the scenario can be suspended and re-started, or there would be multiple levels within the scenario, or there would be multiple versions of the scenario that require the same type of analysis.
- Richard
2025-06-29
