CyberCIEGE
Encyclopedia
Serious game
A serious game is a game designed for a primary purpose other than pure entertainment. The "serious" adjective is generally prepended to refer to products used by industries like defense, education, scientific exploration, health care, emergency management, city planning, engineering, religion,...
designed to teach network security
Network security
In the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
concepts. Its development was sponsored by the U.S. Navy
United States Navy
The United States Navy is the naval warfare service branch of the United States Armed Forces and one of the seven uniformed services of the United States. The U.S. Navy is the largest in the world; its battle fleet tonnage is greater than that of the next 13 largest navies combined. The U.S...
, and it is used as a training tool by agencies of the U.S. government
Federal government of the United States
The federal government of the United States is the national government of the constitutional republic of fifty states that is the United States of America. The federal government comprises three distinct branches of government: a legislative, an executive and a judiciary. These branches and...
, universities and community colleges. The game is freely available to the U.S. Government and a no-cost license is available for educational institutions.
CyberCIEGE covers a broad range of cybersecurity topics. Players purchase and configure computers and network devices to keep demanding users happy (e.g., by providing Internet access) all while protecting assets from a variety of attacks. The game includes a number of different scenarios, some of which focus on basic training and awareness, others on more advanced network security concepts. A "Scenario Development Kit" is available for creating and customizing scenarios.
Network security components include configurable firewalls
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
, VPN gateways, VPN clients, link encryptors and authentication servers. Workstations and servers include access control lists (ACLs) may be configured with operating systems that enforce label-based mandatory access control policies. The game also includes identity management
Identity management
Identity management is a broad administrative area that deals with identifying individuals in a system and controlling access to the resources in that system by placing restrictions on the established identities of the individuals.Identity management is multidisciplinary and covers many...
devices such as biometric scanners and card readers to control access to workstations and physical areas.
The CyberCIEGE game engine consumes a “scenario development language” that describes each scenario in terms of users (and their goals), assets (and their values), the initial state of the scenario in terms of pre-existing components, and the conditions and triggers that provide flow to the scenario. The game engine is defined with enough fidelity to host scenarios ranging from e-mail attachment awareness to cyber warfare.
Game play
CyberCIEGE scenarios place the player into situations in which the player must make information assurance decisions. The interactive simulation illustrates potential consequences of player choices in terms of attacks on information assets and disruptions to authorized user access to assets. The game employs hyperbole as a means of engaging students in the scenario, and thus the simulation is not intended to always identify the actual consequences of specific choices. The game confronts the student with problems, conflicts and questions that should be considered when developing and implementing a security policy.The game is designed as a "construction and management simulation
Construction and management simulation
Construction and management simulation is a type of simulation game in which players build, expand or manage fictional communities or projects with limited resources. Strategy video games sometimes incorporate CMS aspects into their game economy, as players must manage resources while expanding...
" set in a three dimensional virtual world. Players build networks and observe virtual users and their thoughts. Each scenario is divided into multiple phases and each phase includes one or more objectives the player must achieve prior to moving on to the next phase. Players view the status of the virtual user’s success in achieving goals (i.e., accessing enterprise assets via computers and networks). Unproductive users express unhappy thoughts, utter comic book style speech bubbles and bang on their keyboards. Players see the consequences of attacks as lost money, pop-up messages, video clips and burning computers.
Game Engine
CyberCIEGE includes a sophisticated attack engine that assesses network topologies, component configurations, physical security, user training and procedural security settings. The attack engine weighs resultant vulnerabilities against the attacker motives to compromise assets on the network—and this motive may vary by asset. Thus, some assets might be defended via a firewall, while other assets might require an air gap or high assurance protection mechanisms.Attack types include Trojan horses, viruses, trap doors, denial of service, insiders (i.e., bribed users who lack background checks), un-patched flaws and physical attacks.
The attack engine is coupled with an economy engine that measures the virtual user’s ability to achieve goals (i.e., read or write assets) using computers and networks. This combination supports scenarios that illustrate real-world trade-offs such as the use of air-gaps versus the risks of cross-domain solutions when accessing assets on both classified and unclassified networks.
The game engine includes a defined set of assessable conditions and resultant triggers that allow the scenario designer to provide players with feedback, (e.g., bubble speech from characters, screen tickers, pop-up messages, etc.), and to transition the game to new phases.
CyberCIEGE Fidelity
The fidelity of the game engine is intended to be high enough for players to make meaningful choices with respect to deploying network security countermeasures, but not be so high as to engulf the player with administrative minutia. CyberCIEGE illustrates abstract functions of technical protection mechanisms and configuration-related vulnerabilities. For example, an attack might occur because a particular firewall port is left open and a specific software service is not patched. CyberCIEGE has been designed to provide a fairly consistent level of abstraction among the various network and computer components and technical countermeasures. This can be seen by considering several CyberCIEGE game components.CyberCIEGE firewalls include network filters that let players block traffic over selected application “ports” (e.g., Telnet). Players can configure these filters for different network interfaces and different traffic directions. This lets players see the consequences of leaving ports open (e.g., attacks). And this allows players to experience the need to open some ports (e.g., one of the characters might be unable to achieve a goal unless the filter is configured to allow SSH traffic).
CyberCIEGE includes VPN gateways and computer based VPN mechanisms that players configure to identify the characteristics of the protection (e.g., encryption, authentication or neither) provided to network traffic, depending on its source and destination. This allows CyberCIEGE to illustrate risks associated with providing unprotected Internet access to the same workstation that has a VPN tunnel into the corporate network.
Other network components (e.g., workstations) include configuration choices related to the type of component. CyberCIEGE lets players select consequential password policies and other procedural and configuration settings.