Visible to the public EDU: Lightweight Environment for Network Security EducationConflict Detection Enabled

Project Details

Performance Period

Sep 01, 2014 - May 31, 2017


University of New Orleans

Award Number

Outcomes Report URL

The goal of this project is to develop a lightweight infrastructure for supporting hands-on network security education (NSE) and a compelling set of exercises that rely on the infrastructure, covering the three basic aspects of the security: attack, analysis, and defense. Historically, building realistic Cybersecurity exercises has been both a laborious and resource-intensive task. Over the course of a semester, the number of virtual machines (VM) and snapshots on the server can easily become hundreds or thousands, which imposes serious maintenance overhead on the instructor and systems administration staff Finally, once created, the VMs are relatively large and are not easily shareable across the Internet, thereby effectively limiting the exchange of materials among educators. The project proposes a solution to fundamentally change how Cybersecurity exercises are created and delivered by creating a flexible Cybersecurity education infrastructure based on lightweight virtualization containers. The Secure and Trustworthy Cyberspace (SaTC) program funds proposals that address Cybersecurity from a Trustworthy Computing Systems perspective; a Social, Behavioral and Economic Sciences perspective; and proposals focusing entirely on Cybersecurity Education.

The broader impacts of the project include vastly increasing the availability of tested, applied Cybersecurity exercises while reducing the need for complex and hard-to-manage hardware environments, allowing instructors to focus on course content and pedagogy rather than on system administration. It proposes to leverage Linux container technology and the docker tool that facilitates container use. It proposes to create two seed instances: secure programming via SQL injections; and network defense via data exfiltration. These two pre-loaded instances can be used as lab exercises or as examples of how to use this architecture.