article

A real-time information warfare exercise on a virtual network

Author:

James WaldenAuthors Info & Claims

ACM SIGCSE Bulletin, Volume 37, Issue 1

Pages 86 - 90

https://doi.org/10.1145/1047124.1047386

Published: 23 February 2005 Publication History

Abstract

Information warfare exercises, such as "Capture the Flag," serve as a capstone experience for a computer security class, giving students the opportunity to apply and integrate the security skills they learned during the class. However, many information security classes don't offer such exercises, because they can be difficult, expensive, time-consuming, and risky to organize and implement. This paper describes a real-time "Capture the Flag" exercise, implemented using a virtual network with free, open-source software to reduce the risk and effort of conducting such an exercise.

References

[1]

Defcon IV announcement. http://www.defcon.org/html/defcon-4/, 1996.

[2]

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the art of virtualization. In Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 164--177. ACM Press, 2003.

Digital Library

[3]

Bochs. http://bochs.sourceforge.net/.

[4]

C. Cowan, S. Arnold, S. Beattie, C. Wright, and J. Viega. Defcon capture the flag: Defending vulnerable code from intense attack. In Proceedings of the DARPA DISCEX III Conference, pages 120--129. IEEE CS Press, 2003.

[5]

D.Cannings. Networking UML using bridging. http://edeca.net/articles/bridging/index.html, 2004.

[6]

J. Dike. A user-mode port of the Linux kernel. In Proceedings of the 4th Annual Linux Showcase and Conference (Usenix 2000), 2000.

Digital Library

[7]

Ghetto-Hackers. Root-fu. http://www.ghettohackers.net/rootfu/, 2004.

[8]

S. Hemminger. Bridge-utils. http://bridge.sourceforge.net/.

[9]

J. M. D. Hill, C. A. Carver, Jr., J. W. Humphries, and U. W. Pooch. Using an isolated network laboratory to teach advanced networks and security. In Proceedings of the thirty-second SIGCSE technical symposium on Computer Science Education, pages 36--40. ACM Press, 2001.

Digital Library

[10]

J.Walden. Capture the flag. http://www.eecs.utoledo.edu/ jwalden/ctf.html, 2004.

[11]

M. Krasnyansky and M. Yevmenkin. Universal TUN/TAP driver. http://vtun.sourceforge.net/tun/, 2001.

[12]

P. Mateti. A laboratory-based course on internet security. In Proceedings of the 34th SIGCSE technical symposium on Computer science education, pages 252--256. ACM Press, 2003.

Digital Library

[13]

M. Micco and H. Rossman. Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates. In Proceedings of the 33rd SIGCSE technical symposium on Computer science education, pages 23--27. ACM Press, 2002.

Digital Library

[14]

J. Schafer, D. J. Ragsdale, J. R. Surdu, and C. A. Carver. The iwar range: a laboratory for undergraduate information assurance education. In Proceedings of the sixth annual CCSC northeastern conference on The journal of computing in small colleges, pages 223--232. The Consortium for Computing in Small Colleges, 2001.

Digital Library

[15]

G. Vigna. Teaching Hands-On Network Security: Testbeds and Live Exercises. Journal of Information Warfare, 3(2):8--25, 2003.

[16]

G. Vigna. Teaching Network Security Through Live Exercises. In C. Irvine and H. Armstrong, editors, Proceedings of the 3rd Annual World Conference on Information Security Education (WISE 3), pages 3--18, Monterey, CA, June 2003. Kluwer Academic Publishers.

Digital Library

[17]

VMware. http://www.vmware.com/.

[18]

P. J. Wagner and J. M. Wudi. Designing and implementing a cyberwar laboratory exercise for a computer security course. In Proceedings of the 35th SIGCSE technical symposium on Computer science education, pages 402--406. ACM Press, 2004.

Digital Library

[19]

T. Wulf. Implementing a minimal lab for an undergraduate network security course. J. Comput. Small Coll., 19(1):94--98, 2003.

Digital Library

Cited By

Malatras ASanchez IBeslay LCoisel IVakalis ID'Acquisto GSanchez MGrall MHansen MZorkadis V(2017)Pan-European personal data breaches: Mapping of current practices and recommendations to facilitate cooperation among Data Protection AuthoritiesComputer Law & Security Review10.1016/j.clsr.2017.03.01333:4(458-469)Online publication date: Aug-2017
https://doi.org/10.1016/j.clsr.2017.03.013
Louthan GRoberts WButler MHale JBenzel T(2010)The blunderdomeProceedings of the 3rd international conference on Cyber security experimentation and test10.5555/1924551.1924556(1-7)Online publication date: 9-Aug-2010
https://dl.acm.org/doi/10.5555/1924551.1924556
Wein JKourtchikov KCheng YGutierez RKhmelichek RTopol MSherman C(2009)Virtualized games for teaching about distributed systemsACM SIGCSE Bulletin10.1145/1539024.150895541:1(246-250)Online publication date: 4-Mar-2009
https://dl.acm.org/doi/10.1145/1539024.1508955
Show More Cited By

Index Terms

A real-time information warfare exercise on a virtual network
1. Social and professional topics
  1. Professional topics
    1. Computing education
      1. Computing education programs
        Computer science education

Recommendations

A real-time information warfare exercise on a virtual network
SIGCSE '05: Proceedings of the 36th SIGCSE technical symposium on Computer science education

Information warfare exercises, such as "Capture the Flag," serve as a capstone experience for a computer security class, giving students the opportunity to apply and integrate the security skills they learned during the class. However, many information ...
A Trusted Virtual Machine in an Untrusted Management Environment

Virtualization is a rapidly evolving technology that can be used to provide a range of benefits to computing systems, including improved resource utilization, software portability, and reliability. Virtualization also has the potential to enhance ...
Management of information warfare: emerging paradigm

Dramatic developments in technologies pertaining to information systems have made profound impact on developed and developing nations and societies. Besides the changes in the social dialectic, the concept and conduct of war fighting have also changed. ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCSE Bulletin

ACM SIGCSE Bulletin Volume 37, Issue 1

2005

562 pages

ISSN:0097-8418

DOI:10.1145/1047124

Issue’s Table of Contents

SIGCSE '05: Proceedings of the 36th SIGCSE technical symposium on Computer science education
February 2005
610 pages
ISBN:1581139977
DOI:10.1145/1047344
Conference Chairs:
Wanda Dann
Ithaca College
,
Tom Naps
University of Wisconsin - Oshkosh
,
Program Chairs:
Paul Tymann
Rochester Institute of Technology
,
Doug Baldwin
SUNY Geneseo

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 February 2005

Published in SIGCSE Volume 37, Issue 1

Check for updates

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
1,046
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Malatras ASanchez IBeslay LCoisel IVakalis ID'Acquisto GSanchez MGrall MHansen MZorkadis V(2017)Pan-European personal data breaches: Mapping of current practices and recommendations to facilitate cooperation among Data Protection AuthoritiesComputer Law & Security Review10.1016/j.clsr.2017.03.01333:4(458-469)Online publication date: Aug-2017
https://doi.org/10.1016/j.clsr.2017.03.013
Louthan GRoberts WButler MHale JBenzel T(2010)The blunderdomeProceedings of the 3rd international conference on Cyber security experimentation and test10.5555/1924551.1924556(1-7)Online publication date: 9-Aug-2010
https://dl.acm.org/doi/10.5555/1924551.1924556
Wein JKourtchikov KCheng YGutierez RKhmelichek RTopol MSherman C(2009)Virtualized games for teaching about distributed systemsACM SIGCSE Bulletin10.1145/1539024.150895541:1(246-250)Online publication date: 4-Mar-2009
https://dl.acm.org/doi/10.1145/1539024.1508955
Wein JKourtchikov KCheng YGutierez RKhmelichek RTopol MSherman CFitzgerald SGuzdial MLewandowski GWolfman S(2009)Virtualized games for teaching about distributed systemsProceedings of the 40th ACM technical symposium on Computer science education10.1145/1508865.1508955(246-250)Online publication date: 4-Mar-2009
https://dl.acm.org/doi/10.1145/1508865.1508955
Aycock JCrawford HdeGraaf R(2008)SpamulatorACM SIGCSE Bulletin10.1145/1597849.138431140:3(142-147)Online publication date: 30-Jun-2008
https://dl.acm.org/doi/10.1145/1597849.1384311
Aycock JCrawford HdeGraaf RAmillo JLaxer CMenasalvas EYoung A(2008)SpamulatorProceedings of the 13th annual conference on Innovation and technology in computer science education10.1145/1384271.1384311(142-147)Online publication date: 30-Jun-2008
https://dl.acm.org/doi/10.1145/1384271.1384311
Chu BAhn GBlanchard SDeese JKelly RYu HYoung A(2007)Collegiate Cyber Game Design Criteria and Participation6th IEEE/ACIS International Conference on Computer and Information Science (ICIS 2007)10.1109/ICIS.2007.80(1036-1041)Online publication date: Jul-2007
https://doi.org/10.1109/ICIS.2007.80
Schweitzer DHumphries JBaird L(2006)Meeting the criteria for a Center of Academic Excellence (CAE) in information assurance educationJournal of Computing Sciences in Colleges10.5555/1181811.118183322:1(151-160)Online publication date: 1-Oct-2006
https://dl.acm.org/doi/10.5555/1181811.1181833
Wagner PPhillips A(2006)A portable computer security workshopJournal on Educational Resources in Computing10.1145/1248453.12484566:4(3-es)Online publication date: 1-Dec-2006
https://dl.acm.org/doi/10.1145/1248453.1248456
O'Leary M(2006)A laboratory based capstone course in computer security for undergraduatesACM SIGCSE Bulletin10.1145/1124706.112134638:1(2-6)Online publication date: 3-Mar-2006
https://dl.acm.org/doi/10.1145/1124706.1121346
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Issue’s Table of Contents