June 18, 2006
June 18, 2006
June 21, 2006
11.110.1 - 11.110.8
A Remotely Controlled and Isolated Computer Network Test Bed for Attack Understanding Based Information Assurance Distance Education Courses Abstract
Information assurance (IA) education has become an important topic in information technology related curriculums. Within the culture of IA educators, there are two pedagogical strategies: defense assurance and attack understanding. Defense assurance focuses on appropriate ways to build and maintain systems that are less vulnerable to attack. Attack understanding focuses on strategies for attacking and how to defend against them. Curriculums that focus more on attack understanding can use isolated test beds to provide laboratory experiences for the students to attack and defend networks. In a face-to-face environment, the test bed isolation can be accomplished by excluding wireless, infrared, and EoP (Ethernet over Power) interfaces, disabling any removable media, and by having only power cables (i.e. no network cables) extend beyond the test bed.
Unfortunately, the use of air-gap isolation is unsuitable in a distance education (DE) environment. Remote students must control equipment in the test bed and therefore must have some sort of access. Computer and networking equipment laboratories are provided in some defense-assurance-focused DE courses, but the access methodology is usually designed to only prevent external access by unauthorized machines. This can be accomplished by using a VPN concentrator or other access firewall. In the case of attack- understanding-based laboratories, the access methodologies employed must guarantee the prevention of any attack escaping the confines of the test bed.
Take the example of a demonstration of worm propagation via email attachments. The attacking machine sends an email to the victim machine that has a worm attached as an executable file. As part of the lab exercise the victim machine executes the file, installing the worm on the victim machine. The attacking machine then gains access to some resource on the victim machine. In a DE environment, the educator is responsible for ensuring that the worm cannot escape the isolated environment.
This paper discusses secure student access and network isolation techniques for DE network test beds and proposes the use of IP-based KVM switches as a mechanism for guaranteeing test bed isolation while maintaining remote access for the students. Tradeoffs of cost, capability, maintainability, and degree of isolation are also discussed.
The Internet has provided us quick and easy access to many information technology (IT) resources, and it has also provided access to those individuals that want to compromise those resources. Thus the importance of teaching students the basics of information security and the more general information assurance topics has become a necessity in curriculum related to computer information systems. Some curricula have allowed for in-
Lunsford, P., & Toderick, L., & Brooker, D. (2006, June), A Remotely Controlled And Isolated Computer Network Test Bed For Attack Understanding Based Information Assurance Distance Education Courses Paper presented at 2006 Annual Conference & Exposition, Chicago, Illinois. https://peer.asee.org/310
ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2006 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015