Black hat training of white hat resources: The future of security is gaming
Document Type
Conference Paper
Conference Name
2012 International Conference for Internet Technology and Secured Transactions
Conference Location
London, UK
ISBN
978-1-908320-08-7
Publication (Name of Journal)
IEEE Xplore
Department
Institute for Educational Development, East Africa
Publisher
IEEE
City
London
Abstract
It is now necessary to have a better understanding of the mindset of a hacker in order to provide better protection for your network systems. The large scale and well organized targeted attacks that have been recently uncovered, demonstrate that system administrators can ill afford to take the wait and see approach. Also it has been shown that on-the-job training is limited in how well it can prepare organization's defensive capacity. Another issue is the lack of a standardized approach on gauging the technical proficiency of staff or the robustness of the network they protect. Attacks to computer networks are on the increase as the tools used by attackers are getting more automated and easier to use for the non-technical person. Staying one step ahead of the enemy has never been more important with the rise of the number of script kiddies, the proliferation of increasingly advanced one click automated attack tools and the apparent destructive force available to hacker groups such as anonymous. Defining and profiling the enemy is a large part of this problem. Recent anonymous arrests have shown these attacks originated from stereotypical disgruntled teenagers whom lack the cause and effect understanding that adults posses. We must somehow begin to deliver effective industrial training to the system administrators. “If a system has not been compromised to-date, does it mean it will not be compromised tomorrow?” and “How do we know that the defenses of the system can withstand an attack if it has not already done so.” This paper outlines the merits of utilizing the Security Shepherd white-hat gaming framework as a mechanism for rapid up skilling of front-line computer network defensive staff to the mindset of hackers.
Recommended Citation
Flood, J.,
Denihan, M.,
Keane, A.,
Mtenzi, F.
(2012). Black hat training of white hat resources: The future of security is gaming. IEEE Xplore, 488-491.
Available at:
https://ecommons.aku.edu/book_chapters/474
Comments
This work was published before the author joined Aga Khan University.