How to Design a Blue Team Scenario for Beginners on the Example of Brute-Force Attacks on Authentications

TL;DR

This paper presents the design of beginner-friendly blue team scenarios focused on detecting and defending against brute-force attacks on authentication systems, emphasizing practical training for cybersecurity awareness.

Contribution

It introduces three systematically described open-source blue team scenarios centered on brute-force attacks, tailored for educational purposes and beginner training.

Findings

Three open-source scenarios for beginner training

Scenarios are designed to maximize learning effect

Focus on detection and defense against brute-force attacks

Abstract

Cyber attacks are ubiquitous and a constantly growing threat in the age of digitization. In order to protect important data, developers and system administrators must be trained and made aware of possible threats. Practical training can be used for students alike to introduce them to the topic. A constant threat to websites that require user authentication is so-called brute-force attacks, which attempt to crack a password by systematically trying every possible combination. As this is a typical threat, but comparably easy to detect, it is ideal for beginners. Therefore, three open-source blue team scenarios are designed and systematically described. They are contiguous to maximize the learning effect.