Chicago, Illinois
June 18, 2006
June 18, 2006
June 21, 2006
2153-5965
Information Systems
8
11.110.1 - 11.110.8
10.18260/1-2--310
https://peer.asee.org/310
595
Phil Lunsford received a B.S. in Electrical Engineering and a M.S. in Electrical Engineering from Georgia Institute of Technology and a Ph.D. in Electrical Engineering from North Carolina State University. He is a registered professional engineer and is currently an Assistant Professor at East Carolina University. His research interests include system simulation, telemedicine applications, and information assurance.
Lee Toderick received a B.S. in Computer Science from East Carolina University and an MS in Computer Information Systems from Boston University. His professional certifications include CCNP/CCDP and RHCE. He currently serves as lecturer in the Department of Technology Systems at East Carolina University. Research interests include remote lab access for distance learning students and information security as it applies to computer networks.
Daniel Brooker is currently working towards a B.S in Computer and Information Technology with a concentration in Computer Networking. He is employed by the College of Technology and Computer Science as the Undergraduate ICT Online Lab Support Technician. He is involved with the campus chapters of both AITP (Association of Information Technology Professionals) and IEEE (Institute of Electrical and Electronics Engineers).
A Remotely Controlled and Isolated Computer Network Test Bed for Attack Understanding Based Information Assurance Distance Education Courses Abstract
Information assurance (IA) education has become an important topic in information technology related curriculums. Within the culture of IA educators, there are two pedagogical strategies: defense assurance and attack understanding. Defense assurance focuses on appropriate ways to build and maintain systems that are less vulnerable to attack. Attack understanding focuses on strategies for attacking and how to defend against them. Curriculums that focus more on attack understanding can use isolated test beds to provide laboratory experiences for the students to attack and defend networks. In a face-to-face environment, the test bed isolation can be accomplished by excluding wireless, infrared, and EoP (Ethernet over Power) interfaces, disabling any removable media, and by having only power cables (i.e. no network cables) extend beyond the test bed.
Unfortunately, the use of air-gap isolation is unsuitable in a distance education (DE) environment. Remote students must control equipment in the test bed and therefore must have some sort of access. Computer and networking equipment laboratories are provided in some defense-assurance-focused DE courses, but the access methodology is usually designed to only prevent external access by unauthorized machines. This can be accomplished by using a VPN concentrator or other access firewall. In the case of attack- understanding-based laboratories, the access methodologies employed must guarantee the prevention of any attack escaping the confines of the test bed.
Take the example of a demonstration of worm propagation via email attachments. The attacking machine sends an email to the victim machine that has a worm attached as an executable file. As part of the lab exercise the victim machine executes the file, installing the worm on the victim machine. The attacking machine then gains access to some resource on the victim machine. In a DE environment, the educator is responsible for ensuring that the worm cannot escape the isolated environment.
This paper discusses secure student access and network isolation techniques for DE network test beds and proposes the use of IP-based KVM switches as a mechanism for guaranteeing test bed isolation while maintaining remote access for the students. Tradeoffs of cost, capability, maintainability, and degree of isolation are also discussed.
Introduction
The Internet has provided us quick and easy access to many information technology (IT) resources, and it has also provided access to those individuals that want to compromise those resources. Thus the importance of teaching students the basics of information security and the more general information assurance topics has become a necessity in curriculum related to computer information systems. Some curricula have allowed for in-
Lunsford, P., & Toderick, L., & Brooker, D. (2006, June), A Remotely Controlled And Isolated Computer Network Test Bed For Attack Understanding Based Information Assurance Distance Education Courses Paper presented at 2006 Annual Conference & Exposition, Chicago, Illinois. 10.18260/1-2--310
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2006 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015