3rd International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities (TridentCom)

Research Article

Configuring a Lab to Support Community-Based Security Audit Projects

Download555 downloads
  • @INPROCEEDINGS{10.1109/TRIDENTCOM.2007.4444679,
        author={Andrew Holland and Susan J. Lincke},
        title={Configuring a Lab to Support Community-Based Security Audit Projects},
        proceedings={3rd International ICST Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities (TridentCom)},
        proceedings_a={TRIDENTCOM},
        year={2010},
        month={5},
        keywords={Security education laboratory security audit},
        doi={10.1109/TRIDENTCOM.2007.4444679}
    }
    
  • Andrew Holland
    Susan J. Lincke
    Year: 2010
    Configuring a Lab to Support Community-Based Security Audit Projects
    TRIDENTCOM
    IEEE
    DOI: 10.1109/TRIDENTCOM.2007.4444679
Andrew Holland1,*, Susan J. Lincke1,*
  • 1: University of Wisconsin – Parkside Kenosha, Wisconsin, USA
*Contact email: syclops@ehollands.net, susan@lincke.org

Abstract

The University of Wisconsin-Parkside cyber-security lab is designed to emphasize training in network security, with a focus on auditing. Audits require extensive security knowledge, including how to configure network equipment, analyze OS configurations, recognize hacks, and compare audit results on a variety of systems. The audits are taught using active learning labs, but implemented via community-based learning. This paper outlines the education plan and describes lab network configuration, including server and workstation implementations, and security software. Diverse operating systems, implemented with VMware, allow for students to simultaneously run, observe, and audit different types of systems. The lab is sufficiently isolated not to allow harm, but sufficiently available so that learning is not restricted, and audit tools can be ported to a customer site.