Virtual Lab for Online Cyber Security Education

Abstract

INTRODUCTION There has been a rapid expansion of using practical laboratory exercises to instruct information security courses using online technology in both academic and commercial settings. WebCT, Blackboard, and UMUC's internally developed WebTycho, are just some examples of learning management systems (LMS), that have been used in support of online higher education degree programs. The primary advantages of these LMS are to facilitate student learning by incorporating a variety of online technologies including web mail, chat rooms, group collaboration and discussion boards along with serving as central repository for course content. However, when it comes to instructing technology based courses, including information security courses, online educational offerings have something in common with traditional face to face instructional methods (e.g., lectures, literature review, reading assignment, etc.) in that while being essential they are not sufficient in themselves. To supplement their online degree programs, several educational institutions have implemented hands-on labs (often called virtual labs) using virtualization technology (Burd, 2009; Fuertes et al., 2009; Li et al., 2009, 2011; Rajendran et al., 2010; Tao et al., 2010; Willems & Meinel, 2008, 2012; Yen, 2010; Zenebe & Anyiwo, 2010). The use of hands on labs, in support of learning outcomes, is strongly supported by educational theory as a productive and effective pedagogical practice. Major theories that support the use of this technology include Bloom's Taxonomy and Gardener's theory of Multiple Intelligences. It is a commonly held belief that students learn more efficiently when engaged in higher order thinking. Hands-on lab exercises provide the means to challenge students with these higher order tasks. The use of virtual lab technology is focused in the analysis, synthesis, and evaluation areas of the taxonomy. This is evidenced by the use of the technology in the classroom. As the students are using the virtual lab, they are constantly forced to make very quick connections between what they know and what they are experiencing. In addition, the real-time environment provides an excellent opportunity for the students to make predictions regarding network intrusion and hacker behavior and to test assumptions without damaging an existing network infrastructure. This type of learning and experimenting is an essential element of an effective information security curriculum. In addition, a virtual lab infrastructure can provide a flexible and cost-effective platform that allow for running multiple operating systems and for sharing computing resources. University of Maryland University College (UMUC) founded in 1947, has been offering online courses since 1985. As cyber attacks are being waged all over the world the demand for cyber security professionals has never been greater, UMUC began offering its graduate level online cyber security degree program in Fall 2010 that included launching a computing laboratory based on virtualization technology. The virtual lab requirements included the following objectives: R1. Accessible, secure and seamless access must be provided to the remote virtual lab. This means students will not have to reserve a time to use a virtual resource and that online lab service must be available around the clock, 365 days a year. R2. The remote virtual server must reliably serve a significant number of concurrent users with limited resources. No significant delay should be observed with a large number of concurrent users. R3. The virtual machine (VM) must be configured with the appropriate operating system(s) and include the required security tools for each lab exercise. In order to minimize requirements for students (e.g., configuring or installing software on their own machines), a pool of virtual machines (VM)s and a cloud based network are necessary. R4. Students must have privileged access rights on the virtual machines to execute security or network tools. …