The increasing propagation of complex IT systems and rapid growth of the internet more and more attracts notice to the importance of IT security issues. The limits of technical security solutions are set by the lacking awareness of computer users, caused by laziness, inattentiveness and missing education. In the context of awareness creation IT security training has become a topic of strong interest – as well as for companies as for individuals.
Traditional techniques of teaching (i.e. lectures or literature) have turned out to be not suitable for security training, because the trainee cannot apply the principles from the academic approach to a realistic environment within the class. In security training, gaining practical experience through exercises is indispensable for consolidating the knowledge.
Precisely the allocation of an environment for these practical exercises poses a challenge for research and development. That is, because students need privileged access rights (root/administrator-account) on the training system to perform most of the imaginable security exercises. With these privileges, students can easily destroy a training system (by mistake) or even use it to attack other computers in the local network or the internet.
The classical approach is to provide a dedicated computer lab for security training. Such labs bare different drawbacks: they are immobile, expensive to purchase and maintain and must be isolated from all other networks on the site. Of course, students can’t have internet access on the lab computers.
Figure: dedicated, isolated Security Labs are very cost-intensive and hard to maintain
Teleteaching approaches for security education mostly consist of multimedia courseware or demonstration software, which do not offer practical exercises. In simulation systems users have kind of hands on experience, but a simulator doesn’t behave like a realistic environment and simulation of complex systems is very difficult.
The Tele-Lab project provides a novel e-learning system for practical security training in the WWW and inherits the positive characteristics from offline security labs. The Tele-Lab server basically consists of a web-based tutoring system and a training environment built of virtual machines. The tutoring system offers three kinds of content: information chapters, introductions to security- and hacker tools and finally practical exercises. The concentration on hacker tools is respective to the offensive teaching paradigm realized within Tele-Lab.
Students perform those exercises on virtual machines (vm) on the server, which they use via remote desktop access. A virtual machine is a software system that provides a runtime environment for operating systems. Such software-emulated computer systems allow easy deployment and recovery in case of failure.
A learning unit on e.g. “wireless networks” introduces to different WiFi technologies like Wireless LAN or Bluetooth, explains the functionality of mechanisms and protocols for wireless security and highlights weaknesses which lead to security problems. Thereafter, the tutoring system presents wireless tools for Windows and Linux like Kismet or the Aircrack Suite. The chapter concludes with an exercise, where the student is asked to reveal a WEP encryption key from a wireless traffic dump file using aircrack.
For that exercise, the student requests a virtual machine (here: Linux or Windows). If there is a free vm on the server, the student will be assigned to that vm and a remote desktop session will be started in an applet window (see figure 1). After performing the exercise (cracking the wireless dump), the student must enter the revealed WEP key in the tutoring interface. That way he/she can prove the knowledge of the right solution for that exercise. The vm will be reclaimed and restored to its original state automatically after being abandoned by the user.
The list of learning units available at the moment can be found below. Additional chapters can be authored and integrated easily.
Features
- Accessible from Internet
- Pure web interface
- Multi-user support
- Multimedia lectures included
- Practical exercises on virtual machines (Windows and Linux)
- Privileged operations allowed
- Secure lab environment
Learning Units
The learning units are currently transferred to the new version of Tele-Lab. Therefore, not all existing learning units are available as today. We have already reeingineered the following chapters:
- Attacks on Accounts and Passwords
- Reconnaissance
- Eavesdropping on Network Traffic
- Wireless Security
- Web Service Security
- more learning units will be available soon, check back regularly.
Screenshot
People
- Principal Investigator
Prof. Dr. Christoph Meinel - Developers
Christian Willems, Wesam Dawoud - Student developers
Thomas Klingbeil - Former contributors
Dr. Michael Schmitt, Dr. Ji Hu, Dirk Cordel
Join Us
We are offering subjects for master-/bachelor-theses and seminar projects concerning Tele-Lab architecture and design of individual training exercises. Please contact Christian Willems if you are interested.
Tele-Lab in Media
- Universitäre Hackererfahrungen aus dem Labor (15.03.2007) (in German)
- Uni Trier entwickelt virtuelles Sicherheitslabor (14.03.2004) (in German)
Selected Publications
Journal papers:
- Christian Willems, Christoph Meinel
Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab (extended)
International Journal on Online Engineering (iJOE), Vol. 4 No. 2 (2008), 31-37 - Christoph Meinel, Ji Hu
Tele-Lab "IT-Security" on CD: Portable, Reliable and Safe IT Security Training
Computers & Security Journal, COSE 234, Vol. 23, Iss. 4 (2004) pp. 282-289 - Michael Schmitt, Ji Hu, Christoph Meinel
A Tutoring System for IT Security Education
Journal of Information Warfare, Vol. 2, Issue 3 (2003), 79-85
Peer-reviewed conference papers:
- Christian Willems and Christoph Meinel
Teaching Practical Network Security in an Online Virtual Laboratory
2011 (in review) - Michael Menzel, Robert Warschofsky, Ivonne Thomas, Christian Willems, and Christoph Meinel
The Service Security LAB: A Model-Driven Platform to Compose and Explore Service Security in the Cloud
Proc. SERVICES 2010, IEEE Press, Miami, USA, July, 2010, pp. 115-122, ISBN: 978-0-7695-4129-7 - Sebastian Roschke, Christian Willems, and Christoph Meinel
A Security Laboratory for CTF Scenarios and Teaching IDS
Proc. 2nd ICETC, IEEE Press, Shanghai, China, May, 2010, pp. 433-437, ISBN: 978-1-4244-6367-1 - Christian Willems, Wesam Dawoud, Thomas Klingbeil, Christoph Meinel
Security in Tele-Lab – Protecting an Online Virtual Lab for Security Training
Proc. Workshop ELS'09 (in conjunction with 4th ICITST), IEEE Press, London, UK, November, 2009, pp. 1-7, ISBN:978-1-4244-5647-5 - Dirk Cordel, Christoph Meinel, Stephan Repp, Christian Willems
Explorative Learning of Wireless Network Security with Tele-Lab IT-Security
Proc. 1st International Conference on Hybrid Learning (ICHL), Springer LNCS 5169, Hong Kong, China, August 2008, pp. 213 - 224, ISBN: 978-3-540-85169-1 - Christian Willems
Tele-Lab IT-Security: an Architecture for an online virtual IT Security Lab
Proc. 2nd International Workshop on e-Learning and virtual and remote Laboratories (VLAB), Potsdam, Germany, 2008, ISBN: 978-3-940793-17-1 - Christian Willems, Christoph Meinel
Awareness Creation mit Tele-Lab IT-Security: praktisches IT-Sicherheitstraining am Beispiel Trojanischer Pferde
Proc. GI Sicherheit 2008, GI LNI 128, Saarbrücken, Germany, April 2008, pp. 513 - 532, ISBN: 978-3-88579-222-2 - Ji Hu, Dirk Cordel, Christoph Meinel
New Media for Teaching Applied Cryptography and Network Security
Proc. EC-TEL 2006 (Crete, Greece), October 2006, pp.488-493, ISBN 3-540-45777-1, Springer-Verlag - Ji Hu, Dirk Cordel, Christoph Meinel
Virtual Machine Management for Tele-Lab "IT-Security" Server
Proc. IEEE ISCC 2005 La Manga del Mar Menor, (Cartagena, Spain), 2005 - Dirk Cordel, Ji Hu, Christoph Meinel
Tele-Lab IT-Security - IT Sicherheitstraining im Internet
Tagungsband D-A-CH Security 2005 Darmstadt (Germany), 2005, pp. 228-236 - Ji Hu, Dirk Cordel, Christoph Meinel
A Virtual Laboratory for IT Security Education
Proc. EMISA 2004 Luxembourg, 2004, pp. 60-71 - Ji Hu, Christoph Meinel
Tele-Lab IT-Security: A Means to Build Security Laboratories on the Web
Proc. IEEE AINA 2004 Fukuoka (Japan), 2004, pp. 285-288 - Ji Hu, Christoph Meinel, Michael Schmitt
Tele-Lab IT Security: An Architecture for Interactive Lessons for Security Education
Proc. ACM SIGCSE 2004 Norfolk (Virginia, USA), 2004, pp. 412-416 - Christoph Meinel, Ji Hu, Michael Schmitt, Christian Willems
A Tutoring System for IT-Security
Proc. IFIP WISE 2003, Monterey (California, USA), 2003, pp. 51-60