Security Training in/with/for the meta verse

Apply

Project Description

The goal of this project is to assess the feasibility of using virtual reality for security training. Without going into the details, suffice it to say that we want to build something equivalent to a "Capture the Flag" (CTF) experience in VR. That CTF could be played by players having different levels of expertise. This could be a very simplified view of the world where the user would have "super power" to run attacks, eg in a smart city. It could also be played by an experience person to run detailed attacks against, eg PLCs. In both cases, the underlying system under test would remain the same. In the context of this project, we have limited ambitions and want to build a first proof of concept to assess the feasibility of developing such environment in VR (eg using an oculus). The development of the parts specific to the VR will be done in collaboration with an engineer who has a long expertise. The intern task will mostly be devoted to the CTF aspect, the networking elements in particular. It will be carried out in collaboration with other people. A real interest for networking security is a must, as well as a good understanding of network protocols and python programming.

Program - Computer Science

Division - Computer, Electrical and Mathematical Sciences and Engineering

Faculty Lab Link - https://cemse.kaust.edu.sa/org/serber

Center Affiliation - Resilient Computing and Cybersecurity Center

Field of Study - Penetration testing and virtual reality

About the
Researcher

Marc Dacier

Professor, Computer Science<br/>Associate Director of Resilient Computing and Cybersecurity Center

Marc Dacier is a full professor of Computer Science (CS) and a member of the Resilience Computing and Cybersecurity research Center (RC3) at King Abdullah University of Sciences and Technology, Saudi Arabia.

Dr. Dacier obtained his Ph.D. from INPT in 1994 from his work done at LAAS, CNRS, in Toulouse (France). Since then, he has had a balanced career between industry and academia. After his thesis, he worked for one year as a security consultant in Paris, France, for France Telecom and the French ministry of interior. In 1996, he joined IBM Research in Zurich (Switzerland) to create the Global Security Analysis Laboratory (GSAL). In 2002, he became a professor at Eurecom. In 2008, he joined Symantec to build its European Research Labs. Later, he spent two years in the USA to manage all the collaborative research projects, worldwide. In that role, he was in charge of teams in France, Ireland, and in the United States. He was also the university relationship manager for Symantec Research Labs, worldwide. In 2014, he became the director of the cybersecurity research group at QCRI, in Qatar, where he lived for 3 years. In October 2017, Dr. Dacier came back to EURECOM to become the head of the Digital Security department and a full professor. An internationally recognized expert in cybersecurity, Dr. Dacier has served on more than 120 program committees of all major security and dependability conferences and as a member of the editorial board of several top-tier technical peer-reviewed journals.

Desired Project Deliverables

A proof of concept running in an oculus of a simple CTF playable in a virtual environment. If successful, we would like to also share the lessons learned while doing this work in a scientific conference devoted to teaching and training cybersecurity. A study of the state of the art would thus be required and a paper written at the end of the project with the results obtained