Glossary
C2SR
The Center for Cyber Security Research (C2SR) is a dedicated research entity within the College of Engineering & Mines at the University of North Dakota. It brings together faculty, researchers, and students to advance cybersecurity research and initiatives. For more information, visit the C2SR website.
Red Team Activities:
In a cybersecurity context, the Red Team simulates real-world cyber attacks on a system or network. Their goal is to discover and exploit vulnerabilities, test defenses, and assess overall security posture. By mimicking threats—such as external hackers, malicious insiders, or other advanced adversaries—the Red Team helps an organization understand where its defenses are weakest.
Blue Team Activities:
The Blue Team is responsible for defending the system or network against attacks, whether they are simulated or real. Blue Team tasks include monitoring network traffic, detecting anomalies or intrusions, and responding to incidents. They work to contain threats, reinforce security measures, and ensure the system remains operational and secure.
Node port service
Kubernetes NodePort Service is a service which is used for to expose the nodes which are available in the cluster to the outside of the cluster. It will also expose the applications which are running in the node it also allows the traffic from the outside to reach the application with the help of NodePort. 1
Kafka Topic
A Kafka topic is a category for organizing, storing, and publishing events in Apache Kafka. 1 2 3 4 5
OpenSearch
OpenSearch is a community-driven, open source search and analytics suite. Originally derived from Elasticsearch and Kibana, it provides a distributed search engine and visualization capabilities through OpenSearch Dashboards. It enables users to perform full-text search, log analytics, and real-time data exploration, and is designed to scale for various workloads. OpenSearch is maintained by Amazon Web Services along with the open source community, ensuring it remains robust and up-to-date for modern data applications. [1]
boto3
Boto3 is the Amazon Web Services (AWS) Software Development Kit (SDK) for Python. It allows Python developers to write software that makes use of AWS services like Amazon S3, EC2, DynamoDB, and many others. With Boto3, you can easily create, configure, and manage AWS services through Python code, leveraging both high-level object-oriented APIs and low-level direct service calls. [1]
AWS Firehose
Amazon Kinesis Data Firehose is a fully managed service for reliably delivering real-time streaming data to data stores and analytics tools. It can automatically capture, transform, and load data into services like Amazon S3, Amazon Redshift, Amazon OpenSearch Service (formerly Elasticsearch Service), and Splunk. This enables you to analyze data in near real-time without having to manage the underlying infrastructure. Additionally, you can use AWS Lambda to transform the data as it passes through Firehose before it reaches its destination. [1]
On-premises
On premises means that the user is attempting to access the resourcces from the C2SR Laboratory or from within UND CEM's wired internet connection.
UND-VPN
Users that want to access the resources remotely, must be connected to the UND-VPN which will put the user on the same network, emulating an on-premise setup. How to connect to the und VPN: [1]
ADS
The Anomaly Detection System (ADS) is an autoencoder that runs on the AGX edge devices on the testbed. It is a custom auto encoder model created by the Argonne National Lab (ANL). A CI-CD system based on GitHub actions delivers the autoencoder which is wrapped by a RESTFUL API to facilitate use of the autoencoder.
IDS
The Intrusion Detection System (IDS) was desined by Argonne National Lab (ANL), implemented and delivered to the Testbed by the UND team. It is based on Suricata, and the event Logs are extracted from suricata.