CERT Training Platform over the Event-Recordable Container
Article No.: 39, Pages 1 - 6
Abstract
The current COVID-19 pandemic has resulted in many changes in the IT systems and services of institutions, which also heightened the concerns regarding the potential increase in intrusion incidents, especially when most works in institutions are performed at home. The need for pre-training against intrusion incidents has then become extremely necessary. Unfortunately, current learning methods in existing studies are insufficient for application in the present demand because these methods were originally designed for environments that are tailored-fit for learners and not in actual environments. This paper proposes a training system, namely, computer emergency response team (CERT), that can be specifically designed for learners in an institution to provide intrusion-incident cases using a Web-based training system. CERT can easily replicate the service or system in an institution to a honeypot environment to automatically collect and classify intrusion incidents using diverse evaluation criteria so that learning can be achieved from different perspectives. Hence, the institution operating service and system can easily be replicated. Artifacts of intrusion incidents are collected using the Docker container technology and event-recordable container, which are analyzed using a Web browser without installing a separate program. Thus, optimal learning results from the analysis of actual attacks are expected.
References
[1]
Frank Adelmann and Tamas Gaidosch. 2020. Cybersecurity of Remote Work During the Pandemic. IMF COVID-19 Special Series. International Monetary Fund, Washington, D.C.
[2]
Michael Davis Camilo Viecco and Sebek Droids. 2006. Sebek. http://honeynet.onofri.org/tools/sebek/. (2006).
[3]
Lek Christopher, K-KR Choo, and Ali Dehghantanha. 2017. Honeypots for employee information security awareness and education training: a conceptual EASY training model. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications. Elsevier, 111--129.
[4]
Cisco. 2020. Snort. https://www.snort.org/. (2020).
[5]
Sarah Cohen, Werner Nutt, and Yehoshua Sagic. 2007. Deciding equivalances among conjunctive aggregate queries. J. ACM 54, 2, Article 5 (April 2007), 50 pages. https://doi.org/10.1145/1219092.1219093
[6]
Thibault Debatty and Wim Mees. 2019. Building a Cyber Range for training CyberDefense Situation Awareness. In 2019 International Conference on Military Communications and Information Systems (ICMCIS). IEEE, 1--6.
[7]
DinoTools. 2013. Dionaea - catches bugs. https://github.com/DinoTools/dionaea. (2013).
[8]
P Fanfara, M Dufala, and E Chovancová. 2013. Usage of proposed autonomous hybrid honeypot for distributed heterogeneous computer systems in education process. In 2013 IEEE 11th International Conference on Emerging eLearning Technologies and Applications (ICETA). IEEE, 83--88.
[9]
FireEye. 2012. IOC Editor. https://www.fireeye.com/services/freeware/ioc-editor.html. (2012).
[10]
Docker Inc. 2020. Docker Hub. https://hub.docker.com. (2020).
[11]
National Institute of Standards and Technology 2012. Computer Security Incident Handling Guide. National Institute of Standards and Technology.
[12]
Gordon W Romney, Jeremiah K Jones, Brandon L Rogers, and Philip MacCabe. 2005. IT security education is enhanced by analyzing Honeynet data. In 2005 6th International Conference on Information Technology Based Higher Education and Training. IEEE, F3D/10-F3D/14.
[13]
Upi Tamminen. 2009. Kippo. https://github.com/desaster/kippo. (2009).
Index Terms
- CERT Training Platform over the Event-Recordable Container
Comments
Information & Contributors
Information
Published In
December 2020
219 pages
ISBN:9781450383042
DOI:10.1145/3440943
Copyright © 2020 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 27 September 2021
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
ACM ICEA '20
Sponsor:
ACM ICEA '20: 2020 ACM International Conference on Intelligent Computing and its Emerging Applications
December 12 - 15, 2020
GangWon, Republic of Korea
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 196Total Downloads
- Downloads (Last 12 months)103
- Downloads (Last 6 weeks)5
Reflects downloads up to 15 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in