KYPOLab: Seminar on Cyber Attack Simulation
In our seminar group, we are going to introduce you to the reality of current network attacks in the same way as university security team CSIRT-MU encounters them on a daily basis. You will find out how hackers attack computers in a network, we'll show you the ways of detecting such attacks and how to mitigate them. In a team project, you will create a security game for the KYPO Cyber Exercise & Research Platform. You will get hands-on experience with cyber attacks and learn how to explain cyber security topics to common users or novice security analysts.
In the seminar, you will learn and practically try yourself:
- Real life cyber security experience from CSIRT-MU experts.
- Techniques of networks attack that are currently used in the wild.
- Ways how to detect, mitigate and suppress network attacks.
- How to create a security game in the KYPO Cyber Exercise & Research Platform.
- How to explain cyber security topics to common users or novice security analysts.
Games and tutorials created in this course
- Aliens Do Not Exist, Do They?
A former NACA employee wants to find the proof of aliens. To do so, he has to exploit a specific vulnerability in the Linux OS.
- A Student Who Almost Failed His Exam
A student cracks his teacher's password, logs into the teacher's computer, and improves his grades.
- You Shall Not Pass!
A student uses SQL injection to exploit a university website and steals the questions for an upcoming exam. Then, a new Administrator has to configure the server to prevent this for the future.
- Rigging the Election
An investigator wants to gain proof that a presidential candidate has evaded paying taxes. Unfortunately for the candidate, his website does not sanitize user input.
- Security Expert Got Fired
A former security expert who was fired learns of a new vulnerability in the company's website and wants to exploit it to take revenge.
- Firewall and Monitoring
This tutorial practices searching for causes of network attacks by packet analysis in Wireshark. Then, the player configures a firewall to prevent these attacks.
- Cyber Warzone
An attack-defense CTF, in which the players defend their machines and attack the others to exercise penetration testing skills and Linux administration. Includes supporting materials.
- Apache Hardening
This tutorial practices securing a default installation of an Apache server. Setting up the countermeasures is followed by automated attacks against the infrastructure.