AUTOMATED EXECUTION AND EVALUATION OF NETWORK-BASED TRAINING EXERCISES
First Claim
1. A method comprising:
- providing a training environment that includes a control and monitoring system, an attack system, and a target system that are each executable by one or more processors;
initiating, by the control and monitoring system, a training scenario to cause the attack system to engage in an attack against the target system;
performing an action by the target system in response to the attack;
collecting monitor information associated with the attack against the target system by continuously monitoring the training scenario;
sending dynamic response data from the attack system to the target system based upon the collected monitor information to adapt the training scenario to the action performed by the target system; and
generating, by the control and monitoring system, an automated evaluation based upon the collected monitor information.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure generally relates to automated execution and evaluation of computer network training exercises, such as in a virtual machine environment. An example environment includes a control and monitoring system, an attack system, and a target system. The control and monitoring system initiates a training scenario to cause the attack system to engage in an attack against the target system. The target system then performs an action in response to the attack. Monitor information associated with the attack against the target system is collected by continuously monitoring the training scenario. The attack system is then capable of sending dynamic response data to the target system, wherein the dynamic response data is generated according to the collected monitor information to adapt the training scenario to the action performed by the target system. The control and monitoring system then generates an automated evaluation based upon the collected monitor information.
113 Citations
23 Claims
-
1. A method comprising:
-
providing a training environment that includes a control and monitoring system, an attack system, and a target system that are each executable by one or more processors; initiating, by the control and monitoring system, a training scenario to cause the attack system to engage in an attack against the target system; performing an action by the target system in response to the attack; collecting monitor information associated with the attack against the target system by continuously monitoring the training scenario; sending dynamic response data from the attack system to the target system based upon the collected monitor information to adapt the training scenario to the action performed by the target system; and generating, by the control and monitoring system, an automated evaluation based upon the collected monitor information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-readable medium comprising instructions that, when executed, cause one or more processors to:
-
provide a training environment that includes a control and monitoring system, an attack system, and a target system; initiate, by the control and monitoring system, a training scenario to cause the attack system to engage in an attack against the target system; perform an action by the target system in response to the attack; collect monitor information associated with the attack against the target system by continuously monitoring the training scenario; send dynamic response data from the attack system to the target system based upon the collected monitor information to adapt the training scenario to the action performed by the target system; and generate, by the control and monitoring system, an automated evaluation based upon the collected monitor information.
-
-
11. A system comprising:
-
one or more processors; an attack system executable by the one or more processors; a target system executable by the one or more processors; and a control and monitoring system executable by the one or more processors and configured to initiate a training scenario that causes the attack system to engage in an attack against the target system, and further configured to collect monitor information associated with the attack by continuously monitoring the training scenario, wherein the target system is configured to perform an action in response to the attack, wherein the attack system is configured to send dynamic response data to the target system based upon the collected monitor information to adapt the training scenario to the action performed by the target system, and wherein the control and monitoring system is configured to generate an automated evaluation based upon the collected monitor information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method comprising:
-
providing a training environment that includes a control and monitoring system, an attack system, and a target system each executable by one or more processors; initiating, by the control and monitoring system, a training scenario to cause the attack system to engage in an attack against the target system; sending scenario traffic for the training scenario on a first communication channel; sending out-of-band data for the training scenario on a second communication channel that is distinct from the first communication channel, wherein the out-of-band data is not visible to a trainee and does not interfere with the scenario traffic sent on the first communication channel; and monitoring the training scenario by the control and monitoring system using the out-of-band data. - View Dependent Claims (21, 22, 23)
-
Specification