In this course, students will devise and deploy cyber defenses to maintain continuity of operations for a global enterprise IT environment in the face of sophisticated, persistent attackers. The IT environment will be emulated at scale (100s to 1000s of VMs) by Lincoln Laboratory's LARIAT software. Additionally, Lincoln will provide a "Red Team" of mock attackers, who will advise students during development. The course will conclude with a game in which student solutions are attacked by the Red Team in real time, and thus must be actively supported and defended.
Possible Global Enterprises
* Energy (oil or electric)
Possible Attack Scenarios
* Disrupt/Deny services. Defender must detect disruption and restore functionality quickly
* Degrade services. Defender must detect loss of quality of service and respond
* Deceive. Defender must be able to identify what data has been manipulated and when, as well as restore
Student activities will integrate investigation of both Computer Security defense but also business model impact. This course will likely involve working with faculty from both CS and Business schools.