Abstract

Testing security systems is challenging because a system's authors have to play the double role of attackers and defenders. Red team/blue team exercises are an invaluable mechanism for security testing. They partition researchers into two competing teams of attackers and defenders, enabling them to create challenging and realistic test scenarios. While such exercises provide valuable insight into vulnerabilities of security systems, they are very expensive and thus rarely performed. In this paper we describe a red team/blue team exercise, sponsored by DARPA's FTN program, and performed October 2002 --- May 2003. The goal of the exercise was to evaluate a collaborative DDoS defense, comprised of a distributed system, COSSACK, and a stand-alone defense, D-WARD. The role of the blue team was played by developers of the tested systems from USC/ISI and UCLA, the red team included researchers from …

Metadata

publication

IEEE Transactions on Computers 57 (8), 1098-1112, 2008

year

2008

publication date

2008/6/24

authors

Jelena Mirkovic, Peter Reiher, Christos Papadopoulos, Alefiya Hussain, Marla Shepard, Michael Berg, Robert Jung

link

https://ieeexplore.ieee.org/abstract/document/4479443/

resource_link

https://lasr.cs.ucla.edu/lasr-members/reiher/papers/acm_transactions_2008.pdf

journal

IEEE Transactions on Computers

volume

57

issue

8

pages

1098-1112

publisher

IEEE