A Zero-Entry Cyber Range Environment for Future Learning Ecosystems
Sandia National Laboratories performed a 6-month effort to stand up a “zero-entry” cyber range environment for the purpose of providing self-directed practice to augment transmedia learning across diverse media and/or devices that may be part of a loosely coupled, distributed ecosystem. This 6-month effort leveraged Minimega, an open-source Emulytics™ (emulation + analytics) tool for launching and managing virtual machines in a cyber range. The proof of concept addressed a set of learning objectives for cybersecurity operations by providing three, short “zero-entry” exercises for beginner, intermediate, and advanced levels in network forensics, social engineering, penetration testing, and reverse engineering. Learners provided answers to problems they explored in networked virtual machines. The hands-on environment, Cyber Scorpion, participated in a preliminary demonstration in April 2017 at Ft. Bragg, NC. The present chapter describes the learning experience research and software development effort for a cybersecurity use case and subsequent lessons learned. It offers general recommendations for challenges which may be present in future learning ecosystems.
KeywordsCyber Scorpion Minimega Cybersecurity Transmedia learning Zero-entry Cyber range Self-directed learning
Sandia National Laboratories is a multimission laboratory managed and operated by the National Technology and Engineering Solutions of Sandia, LLC, a wholly owned subsidiary of Honeywell International, Inc., for the US Department of Energy’s National Nuclear Security Administration under contract DE-NA-0003525. This work was supported by the ADL Initiative (Contract QL6H5R66F007MP-0). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the ADL Initiative.
- 2.ADL Initiative, xAPI-Spec (2016). https://github.com/adlnet/xAPI-Spec/blob/1.0.1/xAPI.md. Accessed 28 Feb 2018
- 5.A. Tilghman, Without solid training options, mysterious cyber training command remains a work in progress. Military Times. (2016, 5 June), http://www.militarytimes.com/story/military/tech/2016/06/05/military-cyber-offensive-defensive-weapons-training/85033862
- 6.V. Urias, B. Van Leeuwen, B. Wright W. Stout, in Emulytics™ at Sandia National Laboratories. Proceedings of MODSIM (NTSA, Arlington, VA, 2015)Google Scholar
- 7.T. Bergin-Hill, R. Creekmore, J. Bornman, Designing a Serious Game for Eliciting and Measuring Simulated Taxpayer Behavior (The MITRE Corporation, McLean, VA, 2014)Google Scholar
- 8.B. Laurel, Computers as Theater (Addison-Wesley, Reading, MA, 1991)Google Scholar
- 9.E.M. Raybourn, in A Metaphor for Immersive Environments: Learning Experience Design Challenges and Opportunities. Proceedings of MODSIM (NTSA, Arlington, VA, 2016)Google Scholar
- 10.E. Hutchins, Cognition in the Wild (The MIT Press, Cambridge, MA, 1995)Google Scholar
- 12.W. Newhouse, S. Keith, B. Scribner, G. Witte, National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. NIST Special Publication 800-181 (2017). https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-181.pdf. Accessed 28 Feb 2018
- 13.Folsom-Kovarik, J.T. & Raybourn, E.M., in Total Learning Architecture (TLA) Enables Next-Generation Learning Via Meta-Adaptation. Proceedings of the I/ITSEC (NTSA, Arlington, VA, 2016)Google Scholar
- 14.P.S. Gallagher, J.T. Folsom-Kovarik, S. Schatz, A. Barr, S. Turkaly, in Total Learning Architecture Development: A Design-Based Research Approach. Proceedings of the I/ITSEC (NTSA, Arlington, VA, 2017)Google Scholar
- 15.Raybourn, E.M., Fabian, N., Davis, W., Parks, R.C., McClain, J., Trumbo, D., Regan, D., Durlach, P., in Data Privacy and Security Considerations for Personal Assistants for Learning (PAL). Proceedings of the 20th International Conference on Intelligent User Interfaces Companion (2015), pp. 69–72Google Scholar