Asee peer logo

Work-in-Progress: Creating an Intrusion Detection Experimental Environment Using Cloud-based Virtualization Technology

Download Paper |

Conference

2012 ASEE Annual Conference & Exposition

Location

San Antonio, Texas

Publication Date

June 10, 2012

Start Date

June 10, 2012

End Date

June 13, 2012

ISSN

2153-5965

Conference Session

Computers in Education Division Poster Session

Tagged Division

Computers in Education

Page Count

9

Page Numbers

25.1489.1 - 25.1489.9

DOI

10.18260/1-2--22246

Permanent URL

https://strategy.asee.org/22246

Download Count

134

Request a correction

Paper Authors

biography

John M. Jones East Carolina University

visit author page

John Jones is currently an Instructional Technology Consultant with the Department of Technology and Computer Science at East Carolina University. He has worked in the IT industry for 18 years in varied roles such as software design, IT manager, security, infrastructure management, systems administration, webmaster, and part-time faculty.

visit author page

author page

Te-Shun Chou East Carolina University

Download Paper |

Abstract

Design of an Intrusion Detection System in a Cloud-based Academic EnvironmentAn age-old concern for every educational institution is how to provide the student with the bestenvironment for learning. For teaching network security related courses, the networkenvironment could be built using a collection of physical equipment such as servers, hubs,switches, bridges, routers, and intrusion detection and prevention system (IDPS) sensors. Thisapproach provides students with an actual network to carry out experiments; however, theequipment is expensive and it is time consuming to physically set up all of the network devices. Instead of using real physical equipment, virtualization technology is employed to build anetwork with multiple virtual machines. Within a single physical host machine, multiple virtualmachines are created and operated simultaneously. In each virtual machine, applications andservices are implemented and the virtual machine executes the code just as a normal physicalmachine would. This approach eases the load of network administration as mistakes can beeasily fixed while the network stays up and running. When a network change is required toconduct desired cyber-attack experiments, it can be easily reconfigured in a virtual environment.The focus of this research is to improve the academic environment for intrusion detectioncourses by utilizing powerful virtualized environments (VEs). Attention will be focused on theconcept of utilizing web based lab automated VEs to reduce time spent by students on setting upenvironments and how VEs can provide a more cogent learning environment. In this research a VE will be set up so that a student may utilize it from day one with littleeffort. The environment emulates a typical physical network that includes one studentenvironment and one instructor environment. In the instructor environment, the instructor couldattacks. Students are required to configure a firewall or IDPS to mitigate the attacks. As a result,students can gain direct knowledge of intrusion detection and incident response. This researchwill not only provide instructors with information to deliver capable educational environmentsfor teaching future IT security professionals but also provides students with a more immersiveeducational experience which in turn will better prepare them for the real world.

Jones, J. M., & Chou, T. (2012, June), Work-in-Progress: Creating an Intrusion Detection Experimental Environment Using Cloud-based Virtualization Technology Paper presented at 2012 ASEE Annual Conference & Exposition, San Antonio, Texas. 10.18260/1-2--22246

ASEE holds the copyright on this document. It may be read by the public free of charge. Authors may archive their work on personal websites or in institutional repositories with the following citation: © 2012 American Society for Engineering Education. Other scholars may excerpt or quote from these materials with the same citation. When excerpting or quoting from Conference Proceedings, authors should, in addition to noting the ASEE copyright, list all the original authors and their institutions and name the host city of the conference. - Last updated April 1, 2015