Work conducted within ÖvExCND during 2020
Publish date: 2020-12-31
Report number: FOI-R--5079--SE
Pages: 43
Written in: Swedish
Keywords:
- IT security
- Cyber defence exercises
- red teaming
- automation
- machine learning
Abstract
This report describes the work conducted within the project Övning och Experiment för Computer Network Defense-förmåga (ÖvExCND) during 2020. Most work was spent on the further development of the tool Lore, which can be used to automate the technical acitivities of human threat agents during cyber defence exercises. Work was spent on three overall tracks: (1) development of new software functionality for Lore and it's supporting tools, (2) comparisons of Lore to the activities that simulated threat agents conduct during cyber defense exercises to examine similarities and differences, and (3) development and application of an action reward system to improve the accuracy of Loreäs decisions. Progress was done in all three tracks, but alot of work still remain for Lore to completely satisfy the requirements of most cyber defense exercises.