Black hat training of white hat resources: The future of security is gaming

Jason Flood, Mark Denihan, Anthony Keane, Fredrick Mtenzi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Citations (Scopus)

Abstract

It is now necessary to have a better understanding of the mindset of a hacker in order to provide better protection for your network systems. The large scale and well organized targeted attacks that have been recently uncovered, demonstrate that system administrators can ill afford to take the wait and see approach. Also it has been shown that on-the-job training is limited in how well it can prepare organization's defensive capacity. Another issue is the lack of a standardized approach on gauging the technical proficiency of staff or the robustness of the network they protect. Attacks to computer networks are on the increase as the tools used by attackers are getting more automated and easier to use for the non-technical person. Staying one step ahead of the enemy has never been more important with the rise of the number of script kiddies, the proliferation of increasingly advanced one click automated attack tools and the apparent destructive force available to hacker groups such as anonymous. Defining and profiling the enemy is a large part of this problem. Recent anonymous arrests have shown these attacks originated from stereotypical disgruntled teenagers whom lack the cause and effect understanding that adults posses. We must somehow begin to deliver effective industrial training to the system administrators. If a system has not been compromised to-date, does it mean it will not be compromised tomorrow? and How do we know that the defenses of the system can withstand an attack if it has not already done so. This paper outlines the merits of utilizing the Security Shepherd white-hat gaming framework as a mechanism for rapid up skilling of front-line computer network defensive staff to the mindset of hackers.

Original languageEnglish
Title of host publication2012 International Conference for Internet Technology and Secured Transactions, ICITST 2012
Pages488-491
Number of pages4
Publication statusPublished - 2012
Externally publishedYes
Event7th International Conference for Internet Technology and Secured Transactions, ICITST 2012 - London, United Kingdom
Duration: 10 Dec 201212 Dec 2012

Publication series

Name2012 International Conference for Internet Technology and Secured Transactions, ICITST 2012

Conference

Conference7th International Conference for Internet Technology and Secured Transactions, ICITST 2012
Country/TerritoryUnited Kingdom
CityLondon
Period10/12/1212/12/12

Keywords

  • Anonymous
  • CTF
  • Hacker
  • Honeyn3t
  • OWASP
  • Penetration Testing
  • Script Kiddies
  • Security Shepherd

Fingerprint

Dive into the research topics of 'Black hat training of white hat resources: The future of security is gaming'. Together they form a unique fingerprint.

Cite this