SaTC: EDU: Building an Internet Emulator for Cybersecurity Education

SaTC：EDU：构建用于网络安全教育的互联网模拟器

• 批准号: 2214916
• 负责人: Wenliang Du
• 金额: $ 39.92万
• 依托单位: Syracuse University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-10-01 至 2025-09-30
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2214916&HistoricalAwards=false
• 关键词: SaTC; EDU; Building; Internet; Emulator

Learning by doing is very important for education. However, it is quite challenging in cybersecurity to do hands-on activities that require Internet infrastructure. There is a lack of safe and effective platforms for these activities, as many cybersecurity activities cannot be carried out directly on the Internet, or they would cause real damage. Inspired by many other fields, the project team is developing an Internet emulator and then using the emulator as the lab environment for hands-on activities. With this emulator, one can create a miniature Internet inside a personal computer with all the essential elements of the Internet. The project team aims to develop a suite of hands-on labs which will enable students to experiment with techniques to combat attacks inside the emulator without causing any harm to the real world. Moreover, many notable past attacks (e.g., the Morris Worm) can be recreated inside the emulator, so students can see study the historical events and envision how to defend against these attacks. The Internet emulator and the associated lab activities can help develop a much-needed workforce in cybersecurity, especially in improving hands-on skills. This project has two primary objectives: i) developing an Internet emulator that can serve as the basis for conducting hands-on exercises and ii) developing hands-on lab activities based on the emulator. This project fills a void in cybersecurity education since while there are existing network emulators, a low-cost Internet emulator designed explicitly for cybersecurity education does not exist. Moreover, there are few hands-on activities based on such emulators. With the solutions expected from this project, students can conduct lab activities, including attacks and defenses, on the Internet level, without worrying about causing real damage. Instructors will have a pool of lab activities they can choose from based on their education needs. They can also use the emulator to customize the lab environment. While this project focuses on cybersecurity education, the emulator can also be used as the base for designing lab activities in other fields, such as networking and other aspects of information technology applications. The emulator has the potential to become a successful, high-impact, and self-sustained open-source project.This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

边做边学对于教育来说非常重要。然而，在网络安全领域，进行需要互联网基础设施的实践活动是相当具有挑战性的。这些活动缺乏安全有效的平台，许多网络安全活动不能直接在互联网上进行，否则会造成实际损害。受到许多其他领域的启发，项目团队正在开发一个互联网模拟器，然后使用该模拟器作为实践活动的实验室环境。通过这个模拟器，人们可以在个人计算机内创建一个具有互联网所有基本元素的微型互联网。该项目团队的目标是开发一套动手实验室，使学生能够试验各种技术来对抗模拟器内部的攻击，而不会对现实世界造成任何伤害。此外，许多著名的过去攻击（例如莫里斯蠕虫）可以在模拟器内重新创建，因此学生可以研究历史事件并设想如何防御这些攻击。互联网模拟器和相关的实验室活动可以帮助培养网络安全领域急需的劳动力，特别是在提高实践技能方面。该项目有两个主要目标：i) 开发一个互联网模拟器，作为进行实践练习的基础；ii) 开发基于模拟器的实践实验室活动。该项目填补了网络安全教育的空白，因为虽然现有网络模拟器，但专门为网络安全教育设计的低成本互联网模拟器并不存在。而且，基于此类模拟器的实践活动很少。借助该项目预期的解决方案，学生可以在互联网层面上进行实验室活动，包括攻击和防御，而不必担心造成真正的损害。教师将有一系列实验室活动可供他们根据自己的教育需求进行选择。他们还可以使用模拟器来定制实验室环境。虽然该项目专注于网络安全教育，但模拟器也可以用作设计其他领域实验室活动的基础，例如网络和信息技术应用的其他方面。该模拟器有潜力成为一个成功、高影响力和自我维持的开源项目。该项目得到安全可信网络空间 (SaTC) 计划的支持，该计划为解决网络安全和隐私问题的提案提供资金，并在此项目中特别是网络安全教育。 SaTC 计划与联邦网络安全研究与发展战略计划和国家隐私研究战略相一致，旨在保护和维护网络系统不断增长的社会和经济效益，同时确保安全和隐私。该奖项反映了 NSF 的法定使命，并被认为值得获得通过使用基金会的智力优势和更广泛的影响审查标准进行评估来提供支持。