Live Lesson: Labtainers: A Docker-based Framework for Cybersecurity Labs

Successful lab designs are a valuable resource that should be re-used and shared among educators and between institutions. A collaborative, community-sourced design effort maximizes the benefit of the effort and expertise required to build and test an effective lab exercise. Unfortunately, infrastructure requirements, heterogeneous operating environments, and the desire to incentivize individual student work pose significant challenges that necessitate frequent updating, redesigning and retesting of assignments, creating a significant maintenance burden. To address these challenges, we present Labtainers: a container-based framework for the development, deployment and assessment of Linux-based cyber security lab exercises. Docker containers present a consistent environment that reduces the need for frequent updates, but with considerably less overhead than VMbased approaches. This enables a modest laptop to host labs consisting of multiple networked components. As such, the Labtainers framework is able to simulate a variety of security-relevant scenarios on a standalone student machine, without the need for elaborate infrastructure. Moreover, Labtainers’ scripting support allows exercises to be customized on a per-student basis, then collected and evaluated automatically on the instructor machine. This capability enables the instructor to assign exercises where each solution is unique to the student with little or no increase in complexity of lab setup or assessment.

[1]  Yang Yu Os-level virtualization and its applications , 2007 .

[2]  Vincent Nestler,et al.  Hands-on cybersecurity exercises and the rave virtual environment (abstract only) , 2013, SIGCSE '13.

[3]  Aari,et al.  Are automated assessment tools helpful in programming courses ? , 2015 .

[4]  Wenliang Du,et al.  SEED: Hands-On Lab Exercises for Computer Security Education , 2011, IEEE Security & Privacy.

[5]  Ronald C. Dodge,et al.  Creating Shareable Security Modules , 2011, World Conference on Information Security Education.

[6]  Ronald C. Dodge,et al.  Using Virtualization to Create and Deploy Computer Security Lab Exercises , 2008, SEC.

[7]  Kirsti Ala-Mutka,et al.  A Survey of Automated Assessment Approaches for Programming Assignments , 2005, Comput. Sci. Educ..

[8]  Xinli Wang,et al.  Hands-on Exercises for IT Security Education , 2015, SIGITE.

[9]  Jelena Mirkovic,et al.  Teaching Cybersecurity with DeterLab , 2012, IEEE Security & Privacy.

[10]  Petri Ihantola,et al.  Review of recent systems for automatic assessment of programming assignments , 2010, Koli Calling.

[11]  Vreda Pieterse,et al.  Automated Assessment of Programming Assignments , 2013, CSERC.

[12]  Christoph Meinel,et al.  Online assessment for hands-on cyber security training in a virtual lab , 2012, Proceedings of the 2012 IEEE Global Engineering Education Conference (EDUCON).

[13]  Wenliang Du,et al.  Enhancing Security Education with Hands-On Laboratory Exercises , 2010 .

[14]  Jens Mache,et al.  EDURange: hands-on cybersecurity exercises in the cloud , 2014 .