Cyber Innovation Lab – A Cybersecurity Testbed for the Advancement of Intrusion Detection Systems

Presenter Information

Anthony Capece IIIFollow

Panel Name

Cybersecurity, Privacy, and Artificial Intelligence

Location

Lecture Center Concourse

Start Date

3-5-2019 3:00 PM

End Date

3-5-2019 5:00 PM

Presentation Type

Poster Session

Academic Major

Business

Abstract

This work presents the development of an air gapped physical network to serve as a testbed to find innovative methods for the detection and mitigation of modern cyber threats, known as the Cyber Innovation Lab. The project involved designing a network to provide a realistic platform to launch attacks against, then installing and configuring various web applications and services on both Windows and Linux platforms. The systems were designed to be easy to reconfigure to their original state, to allow for consistency in attack outcomes. In order to build the data set to support research, an attack taxonomy was devised from both current practitioner and academic literature. Additionally, a data pre-processing framework was devised. Finally, live attacks were run against the network to allow for data collection via host and network-based sensors. This data will be used to support investigations into machine learning based intrusion detection systems and the analysis of system memory to determine attack types.

First Faculty Advisor

Sanjay Goel

First Advisor Email

goel@albany.edu

First Advisor Department

School of Business

The work you will be presenting can best be described as

Finished or mostly finished by conference date

This document is currently not available here.

Share

COinS
 
May 3rd, 3:00 PM May 3rd, 5:00 PM

Cyber Innovation Lab – A Cybersecurity Testbed for the Advancement of Intrusion Detection Systems

Lecture Center Concourse

This work presents the development of an air gapped physical network to serve as a testbed to find innovative methods for the detection and mitigation of modern cyber threats, known as the Cyber Innovation Lab. The project involved designing a network to provide a realistic platform to launch attacks against, then installing and configuring various web applications and services on both Windows and Linux platforms. The systems were designed to be easy to reconfigure to their original state, to allow for consistency in attack outcomes. In order to build the data set to support research, an attack taxonomy was devised from both current practitioner and academic literature. Additionally, a data pre-processing framework was devised. Finally, live attacks were run against the network to allow for data collection via host and network-based sensors. This data will be used to support investigations into machine learning based intrusion detection systems and the analysis of system memory to determine attack types.