Security Service Challenge (SSC3-9.02) Evaluation Form

The Scores are based on the following formula

 \ $ Score = Min\left( 100, DONE \times 100 \times \frac{Target\ Time}{Actual\ Time}\right)$\ \

where:

  • 100 is the max. score obtainable for full filling the objective.
  • DONE is 0 if no relevant report for the subject has been filed within the over-all deadline -168 hours (1 week).
  • DONE is 1 otherwise.
  • Target Time is the time within the relevant reports should be filed after the alert to the sites CSIRT was submitted.
  • Actual Time is the elapsed time it took to file the relevant report. The counting of Actual Time starts with sending the alert mail to the site CSIRT.

Bonus Points:

Bonus Points can be achieved if the tasks are completed before the Target Time is over and/or for the relevance of the reports, i.e.

Bonus for Preliminary/Intermediate status report: 1

Bonus for finding Identity String: 2

The time dependent bonus is calculated with the following formula, BF is a Bonus Faktor (= 5):

 \ $ Bonus = Max\left(0, DONE \times BF \times \left(1-\frac{Actual\ Time}{Target\ Time}\right)\right)$\ \

Evaluation Template

  \begin{tabular}{|l|c|c|c|c|c|c|}  \hline                            \multicolumn{7}{|c|}{}\\          \multicolumn{7}{|l|}{{\bf ROC:} } \\  \multicolumn{7}{|l|}{{\bf Site:} } \\  \multicolumn{7}{|l|}{{\bf Alert Date:} } \\  \multicolumn{7}{|c|}{}\\                                   \hline                                                     \multicolumn{7}{|c|}{} \\                                  \multicolumn{7}{|c|}{{\large\bf Communication} } \\        \multicolumn{7}{|c|}{}\\                                   \hline                                                     & Done & Target & Actual & Site Score & Bonus Score & Note \\  & 0/1 & {\it hours} & {\it hours} & {\it Points} & {\it Points} & \\  \hline Acknowledge/Heads-up report to CSIRT list & - & 4 & - & - &  - & - \\  \hline Alert to VO Manager & - & 24 & - & - & - & - \\                        \hline Verify notification of the responsible CA & - & 144 & - & - & - & - \\  \hline Final report to CSIRT list & & 144 & & & & \\                           \hline                                                                  \multicolumn{7}{|l|}{{\bf AVERAGE SCORE Communication} }\\              \hline                                                                  \multicolumn{7}{|l|}{{\bf Bonus Points} }\\                             \hline                                                                  \hline                                                                  \multicolumn{7}{|c|}{}\\                                                \hline                                                                  \multicolumn{7}{|c|}{}\\                                                \multicolumn{7}{|c|}{{\large\bf Containment} } \\                       \multicolumn{7}{|c|}{}\\                                                \hline                                                                  & Done & Target & Actual & Site Score & Bonus Score & Note \\           & 0/1 & {\it hours} & {\it hours} & {\it Points} & {\it Points} & \\    \hline Found Jobs and killed them &  - &  4 & - & - & - & - \\                 \hline Suspended the user at the Site & - & 4 & - & - & - & - \\               \hline                                                                  \multicolumn{7}{|l|}{{\bf AVERAGE SCORE Containment} }\\                \hline                                                                  \multicolumn{7}{|l|}{{\bf Bonus Points} }\\                             \hline                                                                  \hline                                                                  \multicolumn{7}{|c|}{}\\ \hline \multicolumn{7}{|c|}{}\\ \multicolumn{7}{|c|}{{\large\bf Forensics} } \\ \multicolumn{7}{|c|}{}\\ \hline & Done & Target & Actual & Site Score & Bonus Score & Note \\ & 0/1 & {\it hours} & {\it hours} & {\it Points} & {\it Points} & \\ \hline Discovery of initiating site (UI) and contact with that Site's CERT & - & 24 & - & - & - & - \\ \hline Analysis of network traffic & - & 48 & - & - & - & - \\ \hline Analysis of the submitted binaries & - & 48 & - & - & - & - \\ \hline \multicolumn{7}{|l|}{{\bf AVERAGE SCORE Forensics} }\\ \hline \multicolumn{7}{|l|}{{\bf Bonus Points} }\\ \hline \multicolumn{7}{c}{}\\ \hline \multicolumn{7}{|c|}{}\\ \multicolumn{7}{|l|}{\large\bf OVERALL TOTAL: }\\ \multicolumn{7}{|c|}{}\\ \hline \end{tabular}

Results from SSC-3 run 2009

* ssc-3-9.02-final-report.pdf: Evaluation of the 2008 and 2009 Tier-1 SSC_3 Security Service Challenge

Results from SSC-3 run 2008

ssc-3-final-report.gif https://twiki.cern.ch/twiki/pub/LCG/NorthernEuropessc-3-final-report.pdf

-- SvenGabriel - 19 Feb 2009

Topic attachments
I Attachment History Action Size Date Who Comment
GIFgif ssc-3-final-report.gif r1 manage 28.4 K 2009-02-20 - 13:13 SvenGabriel SSC-3 run 2008 Evaluation graph, extracted from PSAs SSC_3_evaluationForm_v2.04.xls
Edit | Attach | Watch | Print version | History: r12 < r11 < r10 < r9 < r8 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r12 - 2010-03-09 - unknown
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback