Detection of IT attacks – Exercise design and collected data

Authors:

  • Kristoffer Lundholm
  • Teodor Sommestad
  • Mats Persson
  • Tommy Gustafsson
  • Amund Gudmundson Hunstad

Publish date: 2011-12-31

Report number: FOI-R--3342--SE

Pages: 19

Written in: Swedish

Keywords:

  • Detection tool
  • IT-defense exercise

Abstract

An exercise concerning detection of IT attacks was performed within the scope of the project Spaning och motmedel på informationsarenan during 2011. The purpose of the exercise was to test a detection tool developed by FOI during the year. The detection tool was constructed by integrating several open source tools. In order to perform the test of the tool, an exercise environment was created. The environment consisted of a network into which systems monitored by the detection tool, as well as systems meant to create background traffic was connected.