Systems and methods for implementing and scoring computer network defense exercises
First Claim
Patent Images
1. A process for facilitating a client system defense training exercise implemented over a client-server architecture comprising:
- sending a protocol version identification message by a client system including at least one computer to a first server for determining a the protocol version common to both the client computer and the first server;
sending a registration request message by the client system to a first server for registering the client computer with the first server;
sending a system identification message by the client system to a first server for tracking the client identity;
sending a profile message by the first server to the client system in response to successful registration by the client system, the profile message including a list of vulnerabilities with associated vulnerability identifiers (IDs) that the client is to monitor;
sending a health message by the client system to the first server at predetermined intervals, the health message including information regarding at least one of client system CPU, memory, hard disk, network and interfaces;
sending a vulnerability fixed message by the client system to the first server each time one of the vulnerabilities on the list of vulnerabilities has been fixed, the vulnerability fixed messages including the associated vulnerability ID for each fixed vulnerability;
sending a list vulnerabilities message by the first server to the client system, requesting a listing of all current client system vulnerabilities by associated vulnerability ID;
sending a list of current vulnerabilities message by the client system to the first server in response to the list vulnerabilities message from the first server;
storing details from the profile message, one or more health messages, one or more vulnerability fixed messages and one or more list of current vulnerabilities messages in at least one database associated with the first server;
accessing the details stored in the at least one database by a second server;
applying a set of scoring rules to the accessed details by the second server to determine an objective score for a client system administrator that is indicative of the client system administrator'"'"'s ability to defend the client system against vulnerabilities.
6 Assignments
0 Petitions
Accused Products
Abstract
A process for facilitating a client system defense training exercise implemented over a client-server architecture includes designated modules and hardware for protocol version identification message; registration; profiling; health reporting; vulnerability status messaging; storage; access and scoring. More particularly, the server identifies a rule-based vulnerability profile to the client and scores client responses in accordance with established scoring rules for various defensive and offensive asset training scenarios.
101 Citations
10 Claims
-
1. A process for facilitating a client system defense training exercise implemented over a client-server architecture comprising:
-
sending a protocol version identification message by a client system including at least one computer to a first server for determining a the protocol version common to both the client computer and the first server; sending a registration request message by the client system to a first server for registering the client computer with the first server; sending a system identification message by the client system to a first server for tracking the client identity; sending a profile message by the first server to the client system in response to successful registration by the client system, the profile message including a list of vulnerabilities with associated vulnerability identifiers (IDs) that the client is to monitor; sending a health message by the client system to the first server at predetermined intervals, the health message including information regarding at least one of client system CPU, memory, hard disk, network and interfaces; sending a vulnerability fixed message by the client system to the first server each time one of the vulnerabilities on the list of vulnerabilities has been fixed, the vulnerability fixed messages including the associated vulnerability ID for each fixed vulnerability; sending a list vulnerabilities message by the first server to the client system, requesting a listing of all current client system vulnerabilities by associated vulnerability ID; sending a list of current vulnerabilities message by the client system to the first server in response to the list vulnerabilities message from the first server; storing details from the profile message, one or more health messages, one or more vulnerability fixed messages and one or more list of current vulnerabilities messages in at least one database associated with the first server; accessing the details stored in the at least one database by a second server; applying a set of scoring rules to the accessed details by the second server to determine an objective score for a client system administrator that is indicative of the client system administrator'"'"'s ability to defend the client system against vulnerabilities. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A process for scoring a client system defense training exercise implemented over a client-server architecture comprising:
-
sending a profile message by a first server to a client system including at least one computer, the profile message including a list of client system vulnerabilities with associated vulnerability identifiers (IDs); performing at least one of the following by an administrator of the client system; identifying client system vulnerabilities; exploiting client system vulnerabilities; fixing exploited client system vulnerabilities; generating a vulnerability fixed message by the administrator and sending to the first server each time one of the vulnerabilities on the list of vulnerabilities has been fixed, the vulnerability fixed messages including the associated vulnerability ID for each fixed vulnerability; sending a list vulnerabilities message by the first server to the client system, requesting a listing of all current client system vulnerabilities by associated vulnerability ID; sending a list of current vulnerabilities message by the client system to the first server in response to the list vulnerabilities message from the first server; storing details from the profile message, one or more vulnerability fixed messages, and one or more list of current vulnerabilities messages in at least one database associated with the first server; accessing the details stored in the at least one database by a second server; and applying a set of scoring rules to the accessed details by the second server to determine an objective score for the administrator that is indicative of the administrator'"'"'s ability to identify, exploit or fix client system vulnerabilities.
-
Specification