Architecture of a cyber defense competition

This paper describes the effort involve in executing a Cyber Defense Exercise while focusing on the White Cell and Red Forces activities during the 2003 Inter-Academy Cyber Defense Exercise (CDX). These exercise components were led by the National Security Agency and were comprised of security professionals from Carnegie Mellon University’s CERT, the United States Air Force, and the United States Army. This handson exercise provided the capstone educational experience for information assurance students at the U. S. service academies. The White Cell developed the scenarios and anomalies, established the scoring criteria, refereed the exercise, and determined the winner based on the effectiveness of each academy to minimize the impact to their networks from the Red Forces network intelligence gathering, intrusion, attack and evaluation. To understand better all that is involved this paper takes advantage of the authors three years of experience in directing the activities associated with the planning and execution of the 2003 exercise. ∗ U.S. Government work not protected by U.S. copyright Ι This work was partially supported by an endowment establishing the Adam Chair in Information Technology. The views expressed herein are those of the authors and do not purport to reflect the position of the United States Military Academy, the Department of the Army, or the Department of Defense.