This website is no longer being updated. Visit Dartmouth Now for all news published after June 7, 2010.
Posted 06/16/03, by Susan Knapp
ISTS simulated network attacks and viruses
After 10 months of planning, 10 people from Dartmouth watched anxiously in early May as government officials from the state of Washington participated in their Dartmouth-developed "cyber exercise." The exercise tested local, state and federal emergency response capabilities in the event of cyber attacks. The drill was over in 18 hours.
The cyber exercise was designed and executed by researchers at Dartmouth's Institute for Security Technology Studies (ISTS). The researchers simulated a cyber attack, which consisted of carefully scripted "injections," such as network disruptions, quirky e-mail messages, and worms or viruses that required officials to take actions to limit the potential damage and minimize the impact on operations.
The exercise used the same scenario, and ran prior to the federal TOPOFF2 initiative, which took place May 12–16. TOPOFF2 helped emergency response personnel in Washington state and Illinois practice their procedures in response to simulated attacks by weapons of mass destruction.
"Our cyber exercise was an immersion experience," says Bill Brown, project manager for the Exercise and Scenario Development group at ISTS. "The players were real IT [information technology] officials, and they were required to put their communications and policy protocols to the test."
The exercise was an opportunity to train and practice, says Brown. The goal was to help facilitate coordination and communication between peers at different, but connected, organizations.
The exercise, or "game" as it was often referred to, was played by five groups of people from city, county and state departments responsible for some aspect of computer information management. The players were presented with a series of simulated cyber attacks, which came in the form of network interruptions, distributed denial of service reports (DDOS) or unusual questions e-mailed from a help desk. To address and fix the cyber problems, players were able to communicate among themselves and also with outside resources, such as experts from the University of Washington, Carnegie Mellon's CERT (Computer Emergency Response Team) or the FBI.
Two Dartmouth undergraduates, Kim Siciliano and Nicholas Ray, helped develop the cyber exercise, and they were on-site when the scenario played out.
Siciliano '03, from Oakhurst, N.J., is a computer science major. She was drawn to the project to gain practical experience using her technology skills in a working environment. She helped set up the wireless network and configured the 23 laptops that were used during the exercise. She said she was interested in learning new ways to encourage people to work together to solve network problems.
"We were looking at network problems from a higher level to help people form trust relationships with each other," says Siciliano. "Computing isn't just about the technology; it's also about the people using the technology."
Nicholas Ray '06 from Farmingville, N.Y., wanted to work with ISTS to blend his academic interest in government and politics with his hobby, network technology and security. For the cyber exercise he helped design the user interface and worked to document and capture information about how the players related to each other.
"The highlight had to be when I went into the top official area and was asked to monitor the communications," says Ray. "I had the chance to watch a fantastic extended discussion about what has been done and what needs to be done on the local, state and regional levels, while relaying messages and explaining issues to them. It was like I was playing along with them."
Now that the exercise is over, the Dartmouth team is analyzing the data it gathered. Siciliano helped create a database that captured more than 2,700 e-mail messages that were exchanged during the course of the game.
"We'll look at how the tempo of the exercise affected the message traffic," says Brown, "and we'll examine whether communications were ever discouraged during the exercise and what kinds of requests for help and information were made."
The experts want to learn how policy and protocol might be improved, such as whether or not the players were interacting with the appropriate people to address their cyber problems, or if more training and education are needed for enhanced communication. TOPOFF3, which will be held in a few years, will also incorporate cybersecurity issues, Brown says.
The ISTS team also included Physics and Astronomy Research Assistant Professor Timothy Smith, Thayer School of Engineering Research Associate and technical lead Dennis McGrath, Research Associates Brett Tofel and Mark Ryan, and ISTS staff members Jeri Tarbox, Nicole Hall Hewitt and Colleen Hurd. Andy Cutts is the technical program coordinator for the ISTS Exercise and Scenario Development group.
The cyber exercise was funded by the Office of Justice Programs, National Institute of Justice, Department of Justice.
- Susan Knapp
Dartmouth has television (satellite uplink) and radio (ISDN) studios available for domestic and international live and taped interviews. For more information, call 603-646-3661 or see our Radio, Television capability webpage.