A game model design using test bed for Malware analysis training

Abstract

Purpose This article aims to provide an interactive model for hands on training of malware analysis. Cyberwar games are the highly stylized representation of cyber conflicts in a simulation model. Game models are helpful in understanding the phenomenon of cyber attacks as well as to evolve new techniques of detection. Cyber security trainings are generally very challenging. Cyber test beds make such trainings easy both for trainees and trainers. However, it is not feasible for each organization to build a network for the sole purpose of hands-on training for employees. Therefore, it is desirable to build an interactive environment that is interesting and free of cost as well. Design/methodology/approach After exploring existing cyberwar games and their techniques, limitation and strengths, this paper presents a design to merge the cyber attacks into a unique model of war game for detection and analysis of malware. This research designs a malware analysis testbed using online free resources. The authors have used the platform of Cyber Defense Technology Experimental Research (DETER). This study proposed model of a testbed that supports malware reverse engineering scenarios, exercise logs and analysis to develop reverse engineering tactics. Findings The proposed cyber testbed is an automated system that can be used as a platform to train cyber warriors. A few features of the proposed testbed are as follows: testbed provides real or seemingly real malware communication with the real world. It includes automated decisions for the detection of malicious behavior without human intervention. The author gives a design to develop free of cost mechanism for remote learning of highly technical cyber security areas, and this simulation is for malware analysis. Originality/value Cyberwar games are built for strengthening offensive and defensive capabilities in cyberspace. For this purpose, many simulations, as well as emulation platforms, can be found. Some are free and open-source, whereas others are commercial and quite expensive. Existing testbeds have limitations in respect of cyberwar games for creating innovative scenarios. Existing literature does not offer any attack and response scenario developed for malware detection through some existing open-source and online simulation or emulation environments. This research includes an analysis of the existing platforms as well as the design of a new model for malware analysis and training.