GENI, Cybersecurity, and Liberal Arts Xenia Mountrouidou (Prof. X)

Outline Motivation Courses & labs Challenges Suggestions Conclusions

Challenges Predominantly undergraduate institutions have limited resources Experiential learning in cybersecurity requires sanitized labs and large investments

Solution GENI! Multidisciplinary curriculum: general education courses combined with experiential learning

Cybersecurity & Liberal Arts Colleges Limited faculty Classes in cyber security every two-three years General education is mandatory for all students Humanities Social sciences Foreign Languages Quantitative reasoning & logic Science

Necessity leads to innovation Cyber Paths: Broadening the Path to the STEM Profession through Cybersecurity Learning

Standalone Module Type Topics PUI/LIA Curriculum Legal issues in CySec Case study, essay, discussion HIPPA/FERPA, Computer Security Act, Laws and Authorities, US Patriot Act Political Science International Studies Social Science Management Strategic Plan and Management, Business Continuity / Disaster Recovery Economics Leadership Social Science Human Factors Case study, essay, discussion, hands on exercise Privacy, Passwords, Usable Security Humanities Social Science Attacks and Defense GENI experiment IDS, Traffic, Log Analysis, performance Technology Cryptography Hands on exercise Cryptograms, ciphers, encryption, decryption Network components and traffic Traffic and performance analysis, protocol introduction

General education undergraduate courses CS150 - Science Using Computation, Wofford College Mostly freshmen Satisfies the general education requirement of quantitative reasoning 20 students max First Year Experience – Chasing ghosts in the wires, College of Charleston Only freshmen Satisfies requirement for general education

GENI & Freshmen CS 150 - Wofford: three hour lab on Denial of Service FYE - CofC: two hours in class lab and homework, IT Components, Traffic analysis Developed our own “getting started” guide Windows Mac Several iterations of the lab Putty/terminal GENI desktop

Distributed Denial of Service Lab Module Pre-installed topology ping - verification iperf - performance Hping3 - DoS Hypothesis testing

Pilot Survey Conducted at Wofford College. Cohort: 15 students Self-assessment of CS knowledge: 40% novice; 40% intermediate; 20% advanced Pilot Questionnaire: I have a better understanding of CS. I understand how information is transmitted through the internet. I understand the basics of computer attacks and computer network attacks. I understand how computer and network attacks can harm me and my organization. I am considering to take another CS course.

Results

Comments Q: What did you like best about the GENI lab and why? I liked the opportunity to take part in a live experiment with real computers. Doing to the denial of service attack was really cool. I liked that we did a real world issue in a safe and controlled environment. Working with terminal and the command line I feel like the GENI lab was a good opportunity to learn about computer network attacks first hand, because the experiment was a real attack on a real network. I like that it showed how the networks work from several perspectives and how attacks can happen I liked best learning about the network attacks and being able to replicate it ourselves. It was cool to see how flooding a computer actually works rather than it just happens. I liked how we were able to simulate a real attack. This really puts it into prospective on how hackers can do this to anyone. I liked how there were images showing you what was happening. I liked being able to control remote networks through the terminal. It was interesting because it gave me a better idea of the basic / behind-the-scenes of how operating a computer works.

Comments Q: What did you like least about the GENI lab. I did not like how repetitive it was, and how some things took a very long time to do. I think that my least favorite thing about GENI was trying to get GENI to work. The GENI infrastructure seemed to be unstable and difficult to work with at times. It's also hard to have a complete understanding of how to perform the lab without already having an understanding in computer science. Q: Please give any suggestions to improve the GENI lab. Introduce the types of cyber attacks prior to the lab. Maybe doing it once before with the entire class on the projector to give us a heads up on what we are doing and to also see if we are doing it right. Then, let the groups run the tests multiple times. Before the lab and working with GENI have a day where you go over the basics of the command line and terminal

Other undergraduate courses Cryptography and Network Security Junior/Senior level Maximum 25 students In house labs: Traffic analysis SDN Snort IDS installation Create custom snort alert

Intrusion Detection Systems and Mitigation Goals: Install Snort IDS on monitor machine Duplicate all traffic to monitor Create a custom alert for Snort IDS Use mitigation script Drop malicious traffic Send Spoofed SYN Send SYN-ACK Resend SYN-ACK Attacker Server Spoofed Client

Covert Channel Communication Lab Module Goals Multiplex regular and covert storage channel traffic Analyze traffic to detect covert communication Split signal to make covert communication stealth

Cybersecurity Capstone Projects & Undergraduate Research Classroom study Identify project Project Preparation Practice lab material Fulfill class project Class Labs/Projects Define project Conduct project Capstone Projects Advisory Committee/ PIs Development Mentoring Students

Resources that we have used Train the TA GENI Summer Workshops GENI Wiki GENI google groups UNC GENI Education

Student Challenges Student comments: Difficult to download and use keys and make personal machine work GENI concept not well understood Command line Time limit 

Instructor Challenges Time consuming topology reservations GENI desktop reservation Need to have backups! Machines die… New GENI accounts – follow the instructions, always make sure you have the latest info

Benefits Expected Realized Real experimentation Excitement Better understanding of concepts Realized First class is a throw away… Excitement was achieved Need to measure more! Learning goals accomplished? Is it better to use GENI or local VMs?

If I were to start over… Update instructions sooner Spend time planning Explain in class what is GENI Not use putty/terminal with freshmen non-CS majors Plan early, revise often!

Suggestions Courses Tools Data analytics Malware analysis Network Forensics Pen testing  Tools Remote desktop Organic IP & other traffic visualization tools

Conclusions Cybersecurity workforce can be diversified with liberal arts students Experiential cybersecurity learning does not have to be expensive Realistic experiential learning attracts students to cybersecurity

Questions? Thank you!

GENI Cyber Modules & courses http://blogs.cofc.edu/cyberpaths/modules/ http://mountrouidoux.people.cofc.edu/FYE_CySec/index.html http://mountrouidoux.people.cofc.edu/CSIS490/index.html