Black hat training of white hat resources: The future of security is gaming

Jason Flood, Mark Denihan, Anthony Keane, Fredrick Mtenzi

    Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

    Abstract

    It is now necessary to have a better understanding of the mindset of a hacker in order to provide better protection for your network systems. The large scale and well organized targeted attacks that have been recently uncovered, demonstrate that system administrators can ill afford to take the wait and see approach. Also it has been shown that on-the-job training is limited in how well it can prepare organization's defensive capacity. Another issue is the lack of a standardized approach on gauging the technical proficiency of staff or the robustness of the network they protect. Attacks to computer networks are on the increase as the tools used by attackers are getting more automated and easier to use for the non-technical person. Staying one step ahead of the enemy has never been more important with the rise of the number of script kiddies, the proliferation of increasingly advanced one click automated attack tools and the apparent destructive force available to hacker groups such as anonymous. Defining and profiling the enemy is a large part of this problem. Recent anonymous arrests have shown these attacks originated from stereotypical disgruntled teenagers whom lack the cause and effect understanding that adults posses. We must somehow begin to deliver effective industrial training to the system administrators. If a system has not been compromised to-date, does it mean it will not be compromised tomorrow? and How do we know that the defenses of the system can withstand an attack if it has not already done so. This paper outlines the merits of utilizing the Security Shepherd white-hat gaming framework as a mechanism for rapid up skilling of front-line computer network defensive staff to the mindset of hackers.

    Original languageEnglish
    Title of host publication2012 International Conference for Internet Technology and Secured Transactions, ICITST 2012
    Pages488-491
    Number of pages4
    Publication statusPublished - 2012
    Event7th International Conference for Internet Technology and Secured Transactions, ICITST 2012 - London, United Kingdom
    Duration: 10 Dec 201212 Dec 2012

    Publication series

    Name2012 International Conference for Internet Technology and Secured Transactions, ICITST 2012

    Conference

    Conference7th International Conference for Internet Technology and Secured Transactions, ICITST 2012
    Country/TerritoryUnited Kingdom
    CityLondon
    Period10/12/1212/12/12

    Keywords

    • Anonymous
    • CTF
    • Hacker
    • Honeyn3t
    • OWASP
    • Penetration Testing
    • Script Kiddies
    • Security Shepherd

    Fingerprint

    Dive into the research topics of 'Black hat training of white hat resources: The future of security is gaming'. Together they form a unique fingerprint.

    Cite this