Georgia Cyber Range History
Background
The Georgia Cyber Range (GCR) is an implementation of the kinetic framework. The kinetic framework was originally developed at the United States Army Cyber School located on Fort Gordon, Georgia.
In 2015, the Army Cyber School observed that nearly all Cyber Range capabilities focused on traditional x86 computing platforms; while these platforms are important, they are significantly less interesting than alternate architectures (ppc, arm, mips, etc.), embedded systems, and other technological assets that cannot be accurately captured, represented, or assessed by traditional x86 virtualization solutions from a cybersecurity perspective. Thus, the project that would eventually become Kinetic was born.
Timeline
2015
It started as three servers that were out of the trash and slapped on a
desk in a classroom using MOS 8.0. We used a mix of UCA and RDO packages
depending on the project as well as source compilation if needed.
This is what they refer to as old school… |
2016
commit 122515bfa76bbff48bc242dedb262a524de90217
Establishment of the
SaltStack, and the official commit
for the Broadband Handrail Virtual Training Area (BBH VTA) code base
established on The US Army Cyber Schools hosted Gitlab Instance.
Initial Official Code Base Established! |
2018
commit ab6beee06430f92986297ecf05bda2f8d406510e
Establishment of the
Georgia Cyber Range
, and the official commit for the Kinetic code base established on GitHub
replacing Broadband Handrail Virtual Training Area (BBH VTA).
Georgia Cyber Range is established! |
2019
commit 0fecb631bb0f477760f620b18485cc6e791958e5
US Army Cyber School creates fork of Kinetic for their locally hosted
Virtual Training Area (VTA), and receives recognition for its implementation
supporting education and training.
The environment has grown to over 20,000 cores and 12PB of
raw ceph storage
|
2021
commit f95e2d0065220fbc21e8248ba720d17f5f38ae1a
The Georgia Cyber Range consolidated the Kinetic codebase to
Gitlab
and received dedicated personnel for development and maintenance of
the project.
Georgia Cyber Range gains full development staff! |
What makes a traditional cyber range?
More often than not, a Cyber Range is nothing more than a few virtual machines with freely available tools preinstalled. There might also be static 'scenarios' that tie together a handful of virtual machines and let users apply their preinstalled tools against common malware. The vast majority of the time, these Cyber Ranges can be easily re-created on your home computer with virtual box and a few ansible playbooks at almost no cost.
For larger implementations, cloud providers such as AWS, Azure, and GCE are well-suited to providing large quantities of compute, storage, and networking at the point of need in a rapid manner. The limitations with these providers are the same as running it on your own laptop - they cannot capture the technical world beyond traditional x86 computing devices, which is a critical requirement in our current era of technology. Accompanying these services are expensive licensing agreement, restrictions to the type of activities, and complex user interfaces that require extensive training to properly use.
What makes the GCR Different?
The GCR leverages QEMU and KVM acceleration (where applicable/available) to virtualize all kinds of traditional and non-traditional platforms, all the way from individual binaries to entire systems. If for some reason your platform cannot be virtualized, the GCR fully supports Hardware-in-the-Loop (HWIL) and connecting arbitrary devices to your GCR project spaces is fast and easy.
Additionally, the GCR leverages OpenStack to provide resource scheduling and orchestration on top of the qemu/kvm hypervisor, which lets users fully define custom, dynamic scenarios in code which can then be easily shared with others without having to transfer large quantities of data.
Finally, because the GCR runs on the open-source kinetic framework, you can deploy your own gcr-compatible cyber range on your own hardware at your own organization for free, and then re-use all publicly available GCR scenarios and templates internally, and vice versa.