article

Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates

Authors:

Mary Micco,

Hart RossmanAuthors Info & Claims

ACM SIGCSE Bulletin, Volume 34, Issue 1

Pages 23 - 27

https://doi.org/10.1145/563517.563349

Published: 27 February 2002 Publication History

Get Access

Abstract

With funding from NSF the Department has set up a stand alone lab for students to learn penetration testing techniques(attack), to harden their networks against these attacks (defense), and also to gather enough evidence to through careful logging and audit controls to convict a hacker (convict). Linux RedHat 7.1 was used and all the machines were set up as standalone servers in three different subdomains, with 2 perimeter routers and 2 firewalls to allow experimentation with various configurations. In all over 50 software tools were downloaded and tested. Students were screened and asked to sign a disclaimer. They should also have been required to have networking experience. An initial mistake was to run a very minimal server with no services and practically no users. This was not realistic. It made it quick to rebuild systems but much harder to attack.The attacks need to be carefully planned and structured in a specific sequence one at a time, otherwise it becomes very difficult to follow what is going on.

References

[1]

CERT Coordination Center: Information Security for Technical Staff: Networked Systems Survivability Program. Sponsored by the US. Dept. of Defense. Pittaburgh: Carnegie Mellon University, 2001. 47-49.

Google Scholar

[2]

Cybersecurity Education and Research Center for Western Pennsylvania, West Virginia and Ohio. NSF-Grant-01-11:Federal Cyber Service: Scholarships for Service: Capacity building-Institutional Development Track.

Google Scholar

[3]

McClure, Stuart, Joel Scambray, and George Kurtz. Hacking Linux Exposed: Network Security Secrets and Solutions, Boston: Osborne/McGraw Hill, 2001.

Digital Library

Google Scholar

[4]

Schafer, Joseph et al. The Iwar range: A Laboratory for Undergraduate Information Assurance Education. Journal of Computing in Small Colleges. 16: 4. May (2001), 223-232.

Digital Library

Google Scholar

[5]

Wenstrom, Michael. Managing Cisco Network Security. Indianapolis, IN: CISCO Press, 2001.

Digital Library

Google Scholar

Cited By

View all

Basu DKumar HLohani VBarnette NBack GMcPherson DRibbens CPlassmann PZhang JSherriff MHeckman SCutter PMonge A(2020)Integration and Evaluation of Spiral Theory based Cybersecurity Modules into core Computer Science and Engineering CoursesProceedings of the 51st ACM Technical Symposium on Computer Science Education10.1145/3328778.3366798(9-15)Online publication date: 26-Feb-2020
https://dl.acm.org/doi/10.1145/3328778.3366798
Turner CYan JRichards DO'Brien POdubiyi JBrown Q(2015)LUCIDACM Inroads10.1145/27464086:2(70-76)Online publication date: 29-May-2015
https://dl.acm.org/doi/10.1145/2746408
Bullers WBurd SSeazzu A(2006)Virtual machines - an idea whose time has returnedACM SIGCSE Bulletin10.1145/1124706.112137538:1(102-106)Online publication date: 3-Mar-2006
https://dl.acm.org/doi/10.1145/1124706.1121375
Show More Cited By

Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates
1. Social and professional topics
  1. Computing / technology policy

Recommendations

Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates
SIGCSE '02: Proceedings of the 33rd SIGCSE technical symposium on Computer science education

With funding from NSF the Department has set up a stand alone lab for students to learn penetration testing techniques(attack), to harden their networks against these attacks (defense) , and also to gather enough evidence to through careful logging and ...
Surviving Cyberwar
Surviving Cyberwar

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

ACM SIGCSE Bulletin Volume 34, Issue 1

Inroads: paving the way towards excellence in computing education

March 2002

417 pages

ISSN:0097-8418

DOI:10.1145/563517

Issue’s Table of Contents

SIGCSE '02: Proceedings of the 33rd SIGCSE technical symposium on Computer science education
February 2002
471 pages
ISBN:1581134738
DOI:10.1145/563340
Conference Chairs:
Judith Gersting
University of Hawaii at Hilo
,
Henry M. Walker
Grinnell College
,
Program Chair:
Scott Grissom
Grand Valley State University

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 27 February 2002

Published in SIGCSE Volume 34, Issue 1

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

25
Total Citations
View Citations
1,205
Total Downloads

Downloads (Last 12 months)13
Downloads (Last 6 weeks)0

Reflects downloads up to 30 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Basu DKumar HLohani VBarnette NBack GMcPherson DRibbens CPlassmann PZhang JSherriff MHeckman SCutter PMonge A(2020)Integration and Evaluation of Spiral Theory based Cybersecurity Modules into core Computer Science and Engineering CoursesProceedings of the 51st ACM Technical Symposium on Computer Science Education10.1145/3328778.3366798(9-15)Online publication date: 26-Feb-2020
https://dl.acm.org/doi/10.1145/3328778.3366798
Turner CYan JRichards DO'Brien POdubiyi JBrown Q(2015)LUCIDACM Inroads10.1145/27464086:2(70-76)Online publication date: 29-May-2015
https://dl.acm.org/doi/10.1145/2746408
Bullers WBurd SSeazzu A(2006)Virtual machines - an idea whose time has returnedACM SIGCSE Bulletin10.1145/1124706.112137538:1(102-106)Online publication date: 3-Mar-2006
https://dl.acm.org/doi/10.1145/1124706.1121375
Bullers WBurd SSeazzu ABaldwin DTymann PHaller SRussell I(2006)Virtual machines - an idea whose time has returnedProceedings of the 37th SIGCSE technical symposium on Computer science education10.1145/1121341.1121375(102-106)Online publication date: 3-Mar-2006
https://dl.acm.org/doi/10.1145/1121341.1121375
Alexander CMa LCai ZCheng W(2021)Eureka Labs: Enhancing Cybersecurity Education through Inquiry-based Hands-on Activities2021 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/IOP/SCI)10.1109/SWC50871.2021.00082(552-557)Online publication date: Oct-2021
https://doi.org/10.1109/SWC50871.2021.00082
Trabelsi Z(2020)Teaching Network Covert Channels using a Hands-on Approach2020 IEEE Global Engineering Education Conference (EDUCON)10.1109/EDUCON45650.2020.9125094(323-328)Online publication date: Apr-2020
https://doi.org/10.1109/EDUCON45650.2020.9125094
Østby GKowalski S(2020)Preparing for Cyber Crisis Management ExercisesAugmented Cognition. Human Cognition and Behavior10.1007/978-3-030-50439-7_19(279-290)Online publication date: 10-Jul-2020
https://doi.org/10.1007/978-3-030-50439-7_19
Nodeland BBelshaw S(2020)Establishing a criminal justice cyber lab to develop and enhance professional and educational opportunitiesSECURITY AND PRIVACY10.1002/spy2.1233:5Online publication date: 21-Jul-2020
https://doi.org/10.1002/spy2.123
Liu DLeung AAu MLuo XChiu PIm SLam W(2019)Virtual Laboratory: Facilitating Teaching and Learning in Cybersecurity for Students with Diverse Disciplines2019 IEEE International Conference on Engineering, Technology and Education (TALE)10.1109/TALE48000.2019.9225863(1-6)Online publication date: Dec-2019
https://doi.org/10.1109/TALE48000.2019.9225863
Zseby TIglesias Vazquez FBernhardt VFrkat DAnnessi R(2016)A Network Steganography Lab on Detecting TCP/IP Covert ChannelsIEEE Transactions on Education10.1109/TE.2016.252040059:3(224-232)Online publication date: Aug-2016
https://doi.org/10.1109/TE.2016.2520400
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Recommendations

Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates

Surviving Cyberwar

Surviving Cyberwar