SaTC: EDU: Building an Internet Emulator for Cybersecurity Education

SaTC：EDU：构建用于网络安全教育的互联网模拟器

• 批准号: 2214916
• 负责人: Wenliang Du
• 金额: $ 39.92万
• 依托单位: Syracuse University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2025-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2214916&HistoricalAwards=false
• 关键词: SaTC; EDU; Building; Internet; Emulator

Learning by doing is very important for education. However, it is quite challenging in cybersecurity to do hands-on activities that require Internet infrastructure. There is a lack of safe and effective platforms for these activities, as many cybersecurity activities cannot be carried out directly on the Internet, or they would cause real damage. Inspired by many other fields, the project team is developing an Internet emulator and then using the emulator as the lab environment for hands-on activities. With this emulator, one can create a miniature Internet inside a personal computer with all the essential elements of the Internet. The project team aims to develop a suite of hands-on labs which will enable students to experiment with techniques to combat attacks inside the emulator without causing any harm to the real world. Moreover, many notable past attacks (e.g., the Morris Worm) can be recreated inside the emulator, so students can see study the historical events and envision how to defend against these attacks. The Internet emulator and the associated lab activities can help develop a much-needed workforce in cybersecurity, especially in improving hands-on skills. This project has two primary objectives: i) developing an Internet emulator that can serve as the basis for conducting hands-on exercises and ii) developing hands-on lab activities based on the emulator. This project fills a void in cybersecurity education since while there are existing network emulators, a low-cost Internet emulator designed explicitly for cybersecurity education does not exist. Moreover, there are few hands-on activities based on such emulators. With the solutions expected from this project, students can conduct lab activities, including attacks and defenses, on the Internet level, without worrying about causing real damage. Instructors will have a pool of lab activities they can choose from based on their education needs. They can also use the emulator to customize the lab environment. While this project focuses on cybersecurity education, the emulator can also be used as the base for designing lab activities in other fields, such as networking and other aspects of information technology applications. The emulator has the potential to become a successful, high-impact, and self-sustained open-source project.This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

边做边学对教育非常重要。然而，在网络安全方面，进行需要互联网基础设施的动手活动是相当有挑战性的。这些活动缺乏安全有效的平台，因为许多网络安全活动不能直接在互联网上进行，否则会造成真正的破坏。受许多其他领域的启发，项目组正在开发一个Internet仿真器，然后将该仿真器用作动手活动的实验室环境。有了这个仿真器，人们可以在一台个人计算机内创建一个具有互联网所有基本要素的微型互联网。该项目团队的目标是开发一套动手实验室，使学生能够在不对现实世界造成任何伤害的情况下，试验在模拟器内对抗攻击的技术。此外，许多值得注意的过去的攻击(例如，Morris蠕虫)可以在仿真器中重新创建，因此学生可以看到学习历史事件并想象如何防御这些攻击。互联网模拟器和相关的实验活动可以帮助培养网络安全方面急需的劳动力，特别是在提高动手技能方面。该项目有两个主要目标：i)开发一个互联网仿真器，作为进行动手练习的基础；ii)开发基于仿真器的动手实验室活动。该项目填补了网络安全教育的空白，因为虽然现有网络仿真器，但专门为网络安全教育设计的低成本互联网仿真器并不存在。此外，基于这种仿真器的实践活动很少。有了这个项目预期的解决方案，学生可以在互联网层面上进行包括攻击和防御在内的实验活动，而不必担心造成真正的损害。教师将拥有一系列实验活动，他们可以根据自己的教育需求进行选择。他们还可以使用模拟器来自定义实验环境。虽然该项目侧重于网络安全教育，但该仿真器也可以用作设计其他领域的实验活动的基础，如网络和信息技术应用的其他方面。该模拟器有可能成为一个成功的、高影响力的、自我维持的开源项目。该项目得到了安全和值得信赖的网络空间(SATC)计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，在这种情况下，特别是网络安全教育。SATC计划与联邦网络安全研究和发展战略计划和国家隐私研究战略保持一致，以保护和维护网络系统日益增长的社会和经济效益，同时确保安全和隐私。该奖项反映了NSF的法定使命，并通过使用基金会的智力优势和更广泛的影响审查标准进行评估，被认为值得支持。