Work-in-Progress: Creating an Intrusion Detection Experimental Environment Using Cloud-based Virtualization Technology

John M. Jones; Te-shun Chou

Download Paper | Permalink

Conference: 2012 ASEE Annual Conference & Exposition
Location: San Antonio, Texas
Publication Date: June 10, 2012
Start Date: June 10, 2012
End Date: June 13, 2012
ISSN: 2153-5965
Conference Session: Computers in Education Division Poster Session
Tagged Division: Computers in Education
Page Count: 9
Page Numbers: 25.1489.1 - 25.1489.9
DOI: 10.18260/1-2--22246
Permanent URL: https://strategy.asee.org/22246
Download Count: 455

Request a correction

Paper Authors

biography

John M. Jones East Carolina University

visit author page

John Jones is currently an Instructional Technology Consultant with the Department of Technology and Computer Science at East Carolina University. He has worked in the IT industry for 18 years in varied roles such as software design, IT manager, security, infrastructure management, systems administration, webmaster, and part-time faculty.

visit author page

author page

Te-shun Chou East Carolina University

Download Paper | Permalink

Abstract

Design of an Intrusion Detection System in a Cloud-based Academic EnvironmentAn age-old concern for every educational institution is how to provide the student with the bestenvironment for learning. For teaching network security related courses, the networkenvironment could be built using a collection of physical equipment such as servers, hubs,switches, bridges, routers, and intrusion detection and prevention system (IDPS) sensors. Thisapproach provides students with an actual network to carry out experiments; however, theequipment is expensive and it is time consuming to physically set up all of the network devices. Instead of using real physical equipment, virtualization technology is employed to build anetwork with multiple virtual machines. Within a single physical host machine, multiple virtualmachines are created and operated simultaneously. In each virtual machine, applications andservices are implemented and the virtual machine executes the code just as a normal physicalmachine would. This approach eases the load of network administration as mistakes can beeasily fixed while the network stays up and running. When a network change is required toconduct desired cyber-attack experiments, it can be easily reconfigured in a virtual environment.The focus of this research is to improve the academic environment for intrusion detectioncourses by utilizing powerful virtualized environments (VEs). Attention will be focused on theconcept of utilizing web based lab automated VEs to reduce time spent by students on setting upenvironments and how VEs can provide a more cogent learning environment. In this research a VE will be set up so that a student may utilize it from day one with littleeffort. The environment emulates a typical physical network that includes one studentenvironment and one instructor environment. In the instructor environment, the instructor couldattacks. Students are required to configure a firewall or IDPS to mitigate the attacks. As a result,students can gain direct knowledge of intrusion detection and incident response. This researchwill not only provide instructors with information to deliver capable educational environmentsfor teaching future IT security professionals but also provides students with a more immersiveeducational experience which in turn will better prepare them for the real world.

Citation
Format

Jones, J. M., & Chou, T. (2012, June), Work-in-Progress: Creating an Intrusion Detection Experimental Environment Using Cloud-based Virtualization Technology Paper presented at 2012 ASEE Annual Conference & Exposition, San Antonio, Texas. 10.18260/1-2--22246

TY - CPAPER
AB - Design of an Intrusion Detection System in a Cloud-based Academic EnvironmentAn age-old concern for every educational institution is how to provide the student with the bestenvironment for learning. For teaching network security related courses, the networkenvironment could be built using a collection of physical equipment such as servers, hubs,switches, bridges, routers, and intrusion detection and prevention system (IDPS) sensors. Thisapproach provides students with an actual network to carry out experiments; however, theequipment is expensive and it is time consuming to physically set up all of the network devices. Instead of using real physical equipment, virtualization technology is employed to build anetwork with multiple virtual machines. Within a single physical host machine, multiple virtualmachines are created and operated simultaneously. In each virtual machine, applications andservices are implemented and the virtual machine executes the code just as a normal physicalmachine would. This approach eases the load of network administration as mistakes can beeasily fixed while the network stays up and running. When a network change is required toconduct desired cyber-attack experiments, it can be easily reconfigured in a virtual environment.The focus of this research is to improve the academic environment for intrusion detectioncourses by utilizing powerful virtualized environments (VEs). Attention will be focused on theconcept of utilizing web based lab automated VEs to reduce time spent by students on setting upenvironments and how VEs can provide a more cogent learning environment. In this research a VE will be set up so that a student may utilize it from day one with littleeffort. The environment emulates a typical physical network that includes one studentenvironment and one instructor environment. In the instructor environment, the instructor couldattacks. Students are required to configure a firewall or IDPS to mitigate the attacks. As a result,students can gain direct knowledge of intrusion detection and incident response. This researchwill not only provide instructors with information to deliver capable educational environmentsfor teaching future IT security professionals but also provides students with a more immersiveeducational experience which in turn will better prepare them for the real world.
AU - John M. Jones
AU - Te-shun Chou
CY - San Antonio, Texas
DA - 2012/06/10
PB - ASEE Conferences
TI - Work-in-Progress: Creating an Intrusion Detection Experimental Environment Using Cloud-based Virtualization Technology
UR - https://strategy.asee.org/22246
DO - 10.18260/1-2--22246
ER -