Some thoughts on the idea of “Cyber Range”

To recreate the Internet in a safe and sane environment that could realistically recreate the chaos of the Internet is a big issue. Some of the early design issues:

1) The Internet is inherently dynamic most designed systems are relatively static.
2) The environment should be able to reset back to “normal” after an attack, but that suggests there is a stable state achievable.
3) The environment should not allow for poisoning the real Internet.
4) The environment should be primarily a software solution running likely on grid or clustered servers.
5) The environment behaviors positive, malignant, and otherwise should be statistically similar to the current Internet.
6) The environment should allow for current threats, evolving threats, and created threats to be released in real time as gathered from the Internet.

All of these basic thoughts suggest a clustered, highly intensive memory solution that mimics the varying equipment of the Internet. If I understand the basic requirements of the DARPA announcement (and I’ve not read the secret information) this is going to be a training and testing ground.

Training and testing (range) suggests somebody at DOD/DARPA has figured out how to actually prosecute a cyber-war rather than simply treating the cyber terrain as an information assurance and security defensive engagement. This is an evolving idea it would have been nice to be in on it at an earlier state. I am attempting to get in on the DARPA workshop but I don’t have a champion and they do not seem to want academics to attend. If anybody has an “in” and can get a Purdue professor into the workshop leave me a comment.

UPDATE: After having attended the DARPA workshop it looks like training will NOT be a part of the future of the National Cyber Range. It looks like it will be more about a testing ground for new technologies. I am working on a full proposal, but it looks like academia is going to be a tiny part of the process. DARPA most definitely seems to have walked away from funding University research unless you are at an R1.

1 comment for “Some thoughts on the idea of “Cyber Range”

Leave a Reply