Advertisement

A Live Virtual Simulator for Teaching Cybersecurity to Information Technology Students

  • Margus ErnitsEmail author
  • Kaido Kikkas
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9753)

Abstract

This paper introduces an Intelligent Training Exercise Environment (i-tee), a fully automated, open source platform for cyber defense classes and competitions. The platform allows to simulate realistic cyberattack situation in virtual and sandboxed environment to give a hands-on experience of a critical situation.

The main outcome is an open source virtual cyber simulator that enables hands-on, practical learning. The platform can be integrated into existing curricula or used to create a new subject or a competition event. A student needs only a web browser and a remote desktop protocol client to start exploring the system.

Keywords

e-learning Cyber security Simulation 

References

  1. 1.
    Adams, W.J., Gavas, E., Lacey, T., Leblanc, S.P.: Collective views of the NSA/CSS cyber defense exercise on curricula and learning objectives. In: Proceedings of the 2nd Conference on Cyber Security Experimentation and Test, CSET 2009, p. 2. USENIX Association, Berkeley (2009)Google Scholar
  2. 2.
    Cowan, C., Arnold, S., Beattie, S., Wright, C., Viega, J.: Defcon capture the flag: defending vulnerable code from intense attack. In: DARPA Information Survivability Conference and Exposition, vol. 1, p. 120 (2003)Google Scholar
  3. 3.
    Doupé, A., Egele, M., Caillat, B., Stringhini, G., Yakin, G., Zand, A., Cavedon, L., Vigna, G.: Hit ’em where it hurts: a live security exercise on cyber situational awareness. In: Proceedings of the 27th Annual Computer Security Applications Conference, ACSAC 2011, pp. 51–61. ACM, New York (2011)Google Scholar
  4. 4.
    Ernits, M., Tammekänd, J., Maennel, O.: I-tee: a fully automated cyber defense competition for students. In: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2015, pp. 113–114. ACM, New York (2015)Google Scholar
  5. 5.
    Fulton, S., Schweitzer, D., Dressler, J.: What are we teaching in cyber competitions? In: Frontiers in Education Conference (FIE 2012), pp. 1–5 (2012)Google Scholar
  6. 6.
    Furtună, A., Patriciu, V.V., Bica, I.: A structured approach for implementing cyber security exercises. In: 2010 8th International Conference on Communications (COMM), pp. 415–418, June 2010Google Scholar
  7. 7.
    Hoffman, L.J., Rosenberg, T., Dodge, R., Ragsdale, D.: Exploring a national cybersecurity exercise for universities. IEEE Secur. Priv. 3(5), 27–33 (2005)CrossRefGoogle Scholar
  8. 8.
    Louthan, G., Roberts, W., Butler, M., Hale, J.: The blunderdome: an offensive exercise for building network, systems, and web security awareness. In: CSET (2010)Google Scholar
  9. 9.
    NATO Cooperative Cyber Defence Centre of Excellence: Cyber defence exercise locked shields 2013 after action report (2013). https://ccdcoe.org/locked-shields-2015.html
  10. 10.
    Ogee, A., Gavrila, R., Trimintzios, P., Stavropoulos, V., Zacharis, A.: The 2015 report on national and international cyber security exercises survey, analysis and recommendations (2015). https://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/cce/cyber-exercises/latest-report-on-national-and-international-cyber-security-exercises/at_download/fullReport
  11. 11.
    Rowe, D.C., Lunt, B.M., Ekstrom, J.J.: The role of cyber-security in information technology education. In: Proceedings of the 2011 Conference on Information Technology Education, SIGITE 2011, pp. 113–122. ACM, New York (2011)Google Scholar
  12. 12.
    Rursch, J., Jacobson, D.: When a testbed does more than testing: the Internet-Scale Event Attack and Generation Environment (ISEAGE) - providing learning and synthesizing experiences for cyber security students. In: 2013 IEEE Frontiers in Education Conference, pp. 1267–1272, October 2013Google Scholar
  13. 13.
    SANS Institute: Sans netwars (2016). https://www.sans.org/netwars
  14. 14.
    Schepens, W.J., James, J.R.: Architecture of a cyber defense competition. In: IEEE International Conference on Systems, Man and Cybernetics, vol. 5, pp. 4300–4305, October 2003Google Scholar
  15. 15.
    Schepens, W.J., Ragsdale, D.J., Surdu, J.R., Schafer, J., New Port, R.: The cyber defense exercise: an evaluation of the effectiveness of information assurance education. J. Inf. Secur. 1(2) (2002)Google Scholar
  16. 16.
    Sroufe, P., Tate, S., Dantu, R., Cankaya, E.C.: Experiences during a collegiate cyber defense competition. J. Appl. Secur. Res. 5(3), 382–396 (2010)CrossRefGoogle Scholar
  17. 17.
    Stohr-Hunt, P.M.: An analysis of frequency of hands-on experience and science achievement. J. Res. Sci. Teach. 33(1), 101–109 (1996)CrossRefGoogle Scholar
  18. 18.
    Vigna, G., Borgolte, K., Corbetta, J., Doupé, A., Fratantonio, Y., Invernizzi, L., Kirat, D., Shoshitaishvili, Y.: Ten years of ICTF: the good, the bad, and the ugly. In: 1st USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE 2014) (2014)Google Scholar
  19. 19.
    Yurcik, W., Doss, D.: Different approaches in the teaching of information systems security. In: Proceedings of the Information Systems Education Conference, pp. 32–33 (2001)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Tallinn University of TechnologyTallinnEstonia
  2. 2.Estonian Information Technology CollegeTallinnEstonia
  3. 3.School of Digital TechnologiesTallinn UniversityTallinnEstonia

Personalised recommendations