Serious Gaming Technology for Evaluation of Predictive and Adaptive Performance of Cyber Security Defense Systems
Principal Investigator: L Martucci
Technical Advisor: FL Greitzer, Predictive Defense Focus Area
The focus of the LDRD is to use a serious gaming approach to support visualization and understanding of complex infrastructures and the resources and external factors that come into play in predicting future states of these systems. Some have described the cyber threat to our national security as the possibility of an attack in the 5th dimension - beyond land, sea, air, and space. This research project encapsulates concepts that move this metaphor towards the literal - the game-based modeling of cyber attack scenarios as events in a pseudo-physical domain. Through this innovation, we will build on the growing use of low-cost game technology for visualization and training. Among the most proven and pragmatic of methods for testing the efficacy and potential for improvement of physical security safeguards is the red-blue team concept in which players form teams to enact offensive or defensive roles with respect to a protected asset. This approach implicitly captures the elements of human creativity and unpredictability which more analytic methods of security assessment often lack. We shall develop a serious red-blue team gaming environment for enacting cyber attacks, with a focus on SCADA systems. Specifically, the game will be developed with the intent of evaluating the predictive and adaptive attributes of cyber defense systems being developed under the I4 Initiative.
The means of achieving this adaptation to the cyber domain will be to establish a virtual physical space as a metaphoric representation of cyber functionalities and security systems. Attacks on cyber system functionality and the defensive responses of the system will then be played-out within the arena of this virtual domain. This gaming tool will allow researchers and administrators to model network scenarios that mirror real-world configurations. These models will be played at variable rates of simulation so that analysts have an opportunity to both examine and train the computer algorithms representing both sides of the scenario.