Lessons Learned in Leveraging Existing Simulations for Cybersecurity Training,Evaluation,and Research

Abstract

We provide lessons learned in leveraging existing simulations to conduct human-subjects cybersecurity experiments and develop training for cybersecurity professionals. First, we provide criteria for the evaluation and categorization of existing simulation tools into four categories (competitions, testbeds, tabletop exercises, and simulations used in published research). Following this, eight criteria are offered to evaluate simulations on their suitability for use in experiments. We evaluated one representative product in each category. This paper serves as a resource for practitioners who use simulation as a method of training or evaluation. Further, this work is a starting point for researchers to efficiently find and leverage simulations to conduct cybersecurity research.

Get full access to this article

View all access options for this article.

References

Chadha

Bowen

Chiang

C. Y. J.

Gottlieb

Y. M.

Poylisher

Sapello

… Newcomb

E. A.

(2016, November). Cybervan: A cyber security virtual assured network testbed. In MILCOM 2016- 2016 IEEE Military Communications Conference (pp. 1125-1130). IEEE.

Crumpler

Lewis

J. A.

(2019). The cybersecurity workforce gap. Center for Strategic and International Studies, Washington, DC.

Cyber Seek. (2020, February). Cybersecurity supply/demand heat map. https://www.cyberseek.org/heatmap.html

Forero

C. A. M.

(2016). Tabletop exercise for cybersecurity educational training; Theoretical grounding and development (Doctoral dissertation, Master’s Thesis).

Franke

Brynielsson

(2014). Cyber situational awareness–a systematic review of the literature. Computers & security, 46, 18-31.

Frost

Sullivan

(2017). Benchmarking workforce capacity and response to cyber risk. 2017 Global Information Security Workforce Study.

Gavas

Memon

Britton

(2012). Winning cybersecurity one challenge at a time. IEEE Security & Privacy, 10(4), 75 79.

Gutzwiller

R. S.

Hunt

S. M.

Lange

D. S.

(2016, March). A task analysis toward characterizing cyber- cognitive situation awareness (CCSA) in cyber defense analysts. In 2016 IEEE International Multi- Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA) (pp. 14-20). IEEE.

Hahn

Ashok

Sridhar

Govindarasu

(2013). Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid. IEEE Transactions on Smart Grid, 4(2), 847-855.

10.

Kovar

(2017, September 6). What you need to know about Boss of the SOC. Splunk. https://www.splunk.com/en_us/blog/security/what-you-need-to-know-about-boss-of-the-soc.html

11.

Miller

R. B.

(1954). Psychological considerations in the design of training equipment. American institutes for research, Pittsburgh, PA.

12.

Newhouse

Keith

Scribner

Witte

(2017). National initiative for cybersecurity education (NICE) cybersecurity workforce framework. NIST Special Publication, 800, 181.

13.

Pusey

Gondree

Peterson

(2016). The outcomes of cybersecurity competitions and implications for underrepresented populations. IEEE Security & Privacy, 14(6), 90-95.

14.

Sommestad

Hallberg

(2012, October). Cyber security exercises and competitions as a platform for cyber security experiments. In Nordic Conference on Secure IT Systems (pp. 47-60). Springer, Berlin, Heidelberg.

15.

Stern

Sisler

Briggs

(2017, April) TAGITM Cyber tabletop exercise demonstration. Demonstration presented at the annual Texas Association of Governmental Information Technology Managers Conference, San Antonio, TX.

16.

Weaver

S. J.

Salas

Lyons

Lazzara

E. H.

Rosen

M. A.

DiazGranados

… King

(2010). Simulation-based team training at the sharp end: A qualitative study of simulation-based team training design, implementation, and evaluation in healthcare. Journal of Emergencies, Trauma and Shock, 3(4), 369.