SEED: a suite of instructional laboratories for computer SEcurity EDucation

To provide students with hands-on exercises in computer security education, we have developed a laboratory environment (SEED) for computer security education. It is based on VMware, Minix, and linux, all of which are free for educational uses. Based on this environment, we have developed ten labs, covering a wide range of security principles. We have used these labs in our three courses in the last four years. This paper presents our SEED lab environment, SEED labs, and our evaluation results.

[1]  A. One,et al.  Smashing The Stack For Fun And Profit , 1996 .

[2]  Brady R. Stevenson,et al.  An isolated, multi-platform network sandbox for teaching IT security system engineers , 2004, CITC5 '04.

[3]  Cynthia E. Irvine,et al.  Amplifying Security Education in the Laboratory , 1999 .

[4]  Amin Vahdat,et al.  A chat room assignment for teaching network security , 2001, SIGCSE '01.

[5]  Andrew S. Tanenbaum,et al.  Operating systems: design and implementation , 1987, Prentice-Hall software series.

[6]  C.E. Irvine,et al.  The Trusted Computing Exemplar project , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[7]  James Howatt Operating systems projects: Minix revisited , 2002, SGCS.

[8]  Peter J. Denning Great Principles of Computing , 2008, Wiley Encyclopedia of Computer Science and Engineering.

[9]  D. Kolb Experiential Learning: Experience as the Source of Learning and Development , 1983 .

[10]  Rayford B. Vaughn,et al.  Application of security tot he computing science classroom , 2000, SIGCSE '00.

[11]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[12]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[13]  Thomas E. Anderson,et al.  The Nachos Instructional Operating System , 1993, USENIX Winter.

[14]  Ed Crowley Experiential learning and security lab design , 2004, CITC5 '04.

[15]  Cynthia E. Irvine,et al.  Trusted Computing Exemplar , 2004 .

[16]  John R. Surdu,et al.  The IWAR range: a laboratory for undergraduate information assurance education , 2001 .

[17]  Christoph Meinel,et al.  Tele-lab IT security: an architecture for interactive lessons for security education , 2004, SIGCSE '04.

[18]  Paul J. Wagner,et al.  Designing and implementing a cyberwar laboratory exercise for a computer security course , 2004, SIGCSE '04.

[19]  Douglas E. Comer,et al.  Internetworking with TCP/IP, Volume 1: Principles, Protocols, and Architectures, Fourth Edition , 2000 .

[20]  Jean Mayo,et al.  A secure unrestricted advanced systems laboratory , 1999, SIGCSE '99.

[21]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[22]  Andrew W. Appel,et al.  Modern Compiler Implementation in Java , 1997 .

[23]  R. Felder,et al.  Learning and Teaching Styles in Engineering Education. , 1988 .

[24]  Mary Micco,et al.  Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates , 2002, SIGCSE '02.

[25]  Mike O'Leary A laboratory based capstone course in computer security for undergraduates , 2006, SIGCSE '06.

[26]  Binto George,et al.  A database security course on a shoestring , 2006, SIGCSE '06.

[27]  Michael Fry,et al.  Panel on integrating security concepts into existing computer courses , 2002, SIGCSE '02.

[28]  Andrew W. Appel,et al.  Modern Compiler Implementation in Java, 2nd edition , 2002 .

[29]  Douglas Comer,et al.  Operating system design: the XINU approach , 1984 .

[30]  胡久辉 让Fedora Core 4启动加速 , 2005 .

[31]  Matt Bishop Computer Security in Introductory Programming Classes , 1997 .

[32]  Y. Marignac,et al.  Note , 1951, Neurochemistry International.

[33]  B. Föger The FIELD study , 2006, The Lancet.

[34]  Cynthia E. Irvine,et al.  Teaching Objectives of a Simulation Game for Computer Security , 2003 .

[35]  Udo W. Pooch,et al.  Using an isolated network laboratory to teach advanced networks and security , 2001, SIGCSE '01.