Cyber Defense

Cyber Defense

Fall 2014 – Spring 2015
Course TBD
Students build prototype advanced cyber defenses and test them in an emulated global enterprise IT environment.  Lincoln specifies and runs emulated environment as well as provides Red Teaming to challenge student-devised defenses.

In this course, students will devise and deploy cyber defenses to maintain continuity of operations for a global enterprise IT environment in the face of sophisticated, persistent attackers.  The IT environment will be emulated at scale (100s to 1000s of VMs) by Lincoln Laboratory's LARIAT software.  Additionally, Lincoln will provide a "Red Team" of mock attackers, who will advise students during development.  The course will conclude with a game in which student solutions are attacked by the Red Team in real time, and thus must be actively supported and defended.  

Possible Global Enterprises
* Financial
* Energy (oil or electric)
* Transportation

Possible Attack Scenarios
* Disrupt/Deny services.  Defender must detect disruption and restore functionality quickly
* Degrade services.  Defender must detect loss of quality of service and respond
* Deceive.  Defender must be able to identify what data has been manipulated and when, as well as restore
 
Student activities will integrate investigation of both Computer Security defense but also business model impact.  This course will likely involve working with faculty from both CS and Business schools.