Development of network cyber attack training curriculum for security staff

Abstract

Recently, the frequency of cyber attacks targeting the information assets of firms or institutions is continuously increasing. Although there are measures such as reinforcement of security policies, regulations, information protection organizations and physical security in addition to replacement of security equipments for protecting the assets, the core of the cyber security is responding to the security breaches. For this reason, producing well-trained security personnel (computer emergency responders) is essential. Although there are many publications dealing with the theories of cyber security, the learning materials that can be referred by the security personnel mainly for practices are somehow in short supply. Thus, in this study, a curriculum for network cyber attack training has been developed for the security personnel. The curriculum focuses on actual implementation of network-attacking environments, simulated attacking methods, attack pattern analysis and countermeasures.