ABSTRACT
Cyber security is not merely about securing devices and focusing on software and hardware. Staff members with skills and know-how are among the most valuable assets in the context of cyber security. Globally, there is a lack of competent cyber security experts available and cyber security skills should be educated more widely. One of the most effective practices for training cyber security experts is a cyber security exercise. During a cyber security exercise, the learning audience train their skills with a realistic scenario depicting a hectic and stressful cyber incident or cyber attack. In order to successfully implement a cyber security exercise, there must be sufficient technical infrastructure mimicking required systems and networks. The infrastructure should allow the use of realistic threat actors with realistic attack vectors and real malware without compromising any production environments. Facilities offering such infrastructure are widely known as the cyber ranges. There are two special requirements raised by modern cyber range exercises: (i) cyber range collaboration, including capabilities for sharing and pooling cyber range services, and (ii) on-line cyber security exercises without restrictions of being on-site on the exercise premises. The requirement of implementing on-line exercises has increased especially after the spread of COVID-19 pandemic. In this study, we introduce Flagship 2, a multinational state-of-the-art on-line cyber security exercise based on cyber range federation. We analyse the technical implementation of the cyber range federation and the learning outcomes of the exercise event based on a participant survey and relevant theories. The analysed results are explained with identified future research topics. © 2022 ACM.
ABSTRACT
Cyber-attacks are on the rise, and the advent of COVID-19 has changed work styles, leading to an increase in cyber-attacks targeting remote workers. This situation is the same in the world and in Japan, and the development of cyber security personnel and their training to face the attackers who can respond to the social situation is desired all over the world. The National Institute of Technology (KOSEN) is known not only in Japan but also in the world as the only institution of higher learning in the world where students can freely study engineering for five years from the age of 15. The technical framework of cybersecurity and the KOSEN education, which is based on the acquisition of practical skills, go hand in hand, and KOSEN is an important higher education institution that plays a part in the cybersecurity human resource development strategy in Japan. In 2015, KOSEN launched the KOSEN Security Educational Community (K-SEC) to initiate cybersecurity education for KOSEN students. This project has two objectives: one is to develop excellent cyber security personnel for qualitative improvement. The second is to develop a large number of KOSEN students who have systematically acquired security knowledge for the purpose of quantitative expansion. In 2019, a new project, Highly Advanced Cybersecurity for KOSEN (HACK), was launched within K-SEC to accelerate the achievement of the two objectives of K-SEC. HACK is a project based on a simple idea: to strengthen KOSEN faculty in order to develop strong students with practical cybersecurity skills. Participating faculty members will develop cyber range materials. The development of the cyber range will contribute to the understanding of both attacker and defender scenarios and the acquisition of advanced security knowledge and skills. In the previous paper, we reported on the results of the first year of HACK (2019). The faculty development plan, which mainly focused on cyber range development, contributed to the motivation and skill development of the faculty. The cyber range as a deliverable was also obtained. This paper reports on the outcomes of the second year (2020) of HACK activities. Within the faculty development plan, which mainly focused on cyber range development as in the first year, we used the deliverables of the first year to give lectures to KOSEN students to measure the educational effects. During the cyber range development, there were some knowledge and skills that the faculty intended to have the KOSEN students improve their skills. Therefore, the focus of the study was to see if the faculty members' intended skills would be improved when they gave lectures to the KOSEN students using the teaching materials. As it turned out, we were able to achieve this goal, and we were able to improve the skills of the KOSEN students as intended by the faculty. Furthermore, it was not only possible to control the skills to be improved by the content of the teaching materials, but also by the way the lectures were delivered. In addition, by selecting the theme of the cyber range development, we were able to achieve the intended skill improvement for the faculty. Through the implementation of HACK until the second year, we were able to identify many factors for skill improvement. In the third and fourth years of the program, we will continue to look for factors that can be used to further improve specific skills, and at the same time, we will explore the relationship with motivation, which is expected to contribute greatly to educational effectiveness. © 2022 IEEE.