Forensics

Study real-world data, not example data sets.

Real World Attack Artifacts

The Arizona Cyber Warfare Range hosts ongoing cyber warfare activities at all levels of experience. This affords the opportunity for students interested in developing and expanding their forensic skills to evaluate the results of cyber attacks, because a key part of defense is understanding prior failures and uncovering details of cyber attacks and subsequent breaches.

The forensic cases developed at the Arizona Cyber Warfare Range are from actual events, not a canned forensic image. Therefore, while most cases have been created by an aggressor following a process, there is always variance in the actual forensic data created. This variance ensures the best possible experience for the forensic technician because no two cases are exactly the same.

AZCWR offers the following benefits to the forensic technician:

  • Real world forensic cases at all knowledge levels
  • Hands on training with real-world tools
  • Foreknowledge for beginner and intermediate students
  • Diversity of forensic cases
  • Forensic images from bleeding edge aggressors for advanced and real-world students
  • Forensic images containing the complete life cycle of a cyber attack
Students

Due to the nature of most of the cyber warfare exercises ongoing at the AZCWR, students have the opportunity to compare their conclusions with the process of the cyber attack itself. This ability to compare what is suspected to the actual exercise procedures themselves allows the student to understand exactly what was right and wrong about their conclusions, affording the student an unparalleled opportunity to fine tune their forensic skills.

For advanced students, the forensic cases developed in the real-world cyber warfare exercises expose the student to a number and variance of cyber attacks that are not easily obtained through employment. By concentrating the resources and knowledge resulting from the real world cyber warfare exercises, the Arizona Cyber Warfare Range accelerates the student from beginner to expert with practical knowledge that can be subsequently utilized in the real world.

Researchers

Due to the vast amount of malicious cyber activity constantly taking place on our ranges, a constantly up to date and growing dataset is available. This allows for training of machine learning models as well as other statistical and analytical techniques.

Vendors

For those seeking to design and develop forensic tools, or existing vendors of forensic technologies, we encourage your donation and educational materials to the AZCWR. The AZCWR offers the opportunity for forensic vendors to obtain practical feedback and comparative data on their technologies. It also allows vendors to work directly with students and future clients.