Cybertraining Material

The Cyberinfrastructure Lab at the University of South Carolina (CI Lab @ USC) is a virtual platform deployed for cybertraining purposes. Current training labs include network tools and protocols (e.g., Mininet, Netem, TCP congestion control), perfSONAR, Zeek / Bro, and others.

To access the virtual laboratory:
1. Fill out the form requesting access to CI Lab [form] (you will receive a username and password within 24 hours).
2. For any issues accessing your Netlab account, feel free to contact choueiri@email.sc.edu.
3. Access the CI Lab at https://netlab.cec.sc.edu. For a CI Lab user guide, click here [PDF].

Introduction to Intrusion Detection Using Zeek

This lab series equips learners with the skills to detect and analyze both Layer 2 and Layer 3 network attacks using the Zeek framework in an emulated environment. Through hands-on exercises, participants explore how to identify data link–layer threats such as ARP spoofing, DHCP starvation, and CAM table overflow, alongside network-layer attacks including DNS amplification, TCP SYN floods, and BGP hijacking. By leveraging Zeek’s event-driven scripting and custom logging capabilities, learners gain the ability to monitor traffic patterns, detect anomalies across multiple protocol layers, and develop comprehensive detection strategies that enhance network visibility and security across the full stack.

Lab 1	Introduction to CORE
Lab 2	Introduction to Zeek
Lab 3	Introduction to Zeek Scripting and Events
Lab 4	Zeek Data Types and Custom Logging
Lab 5	ARP Protocol Spoofing Detection
Lab 6	DNS Amplification Detection
Lab Manuals	Introduction to Intrusion Detection Using Zeek [PDF]

DPU Programming using P4

This lab series provides a comprehensive introduction to programmable data plane development on NVIDIA BlueField DPUs using the DOCA Pipeline Language (DPL), a P4 domain-specific language. Through a sequence of practical, hands-on exercises, the series guides learners from foundational concepts of P4 and DPL syntax to advanced data plane programming techniques on SmartNIC architectures. Participants will gain experience in defining custom headers and parsers, implementing packet mirroring and forwarding applications, configuring match-action tables, and managing runtime control through P4Runtime.

Lab 1	Introduction to P4 and DPL
Lab 2	Implementing a Custom Header and Parser
Lab 3	Implementing a Packet Mirroring Application
Lab 4	Introduction to Match-action Tables
Lab 5	Implementing Match-action Rules Using P4 Runtime
Lab 6	Implementing Direct and Indirect Counters
Lab 7	Performing Packet Statistics Monitoring using DOCA Nspect
Lab Manuals	DPU Programming using P4 Lab Series [PDF]

DPU Programming using DOCA

This lab series provides an introduction to DPU programming using the NVIDIA DOCA framework. Through a sequence of hands-on labs, the lab series provides practical experience with DOCA APIs and infrastructure for accelerating data center applications on BlueField DPUs. The series covers DPU initialization, device and memory management, task execution using the DOCA progress engine, and the use of hardware accelerators for offloading compute-intensive functions.

Lab 1	Initializing and Configuring DOCA Environment
Lab 2	Device Subsystem
Lab 3	Memory Management
Lab 4	Progress Engine and Execution Model
Lab 5	Accelerator Invocation
Lab Manuals	DPU Programming using DOCA Lab Series [PDF]

P4-DPDK Security Lab Series

These labs provide a hands-on experience on implementing cybersecurity applications on P4-DPDK. The lab library explains topics that include the basics of P4, implementing stateful packet filters, devising in-network mitigation schemes for TCP SYN flood, and others.

Lab 1	Introduction to P4-DPDK
Lab 2	P4 Program Building Blocks with the PNA Architecture
Lab 3	PNA Parser Implementation
Lab 4	Introduction to Match-action Tables
Lab 5	Calculating Packets Interarrival Times using Hashes and Registers
Lab 6	Limiting the Impact of SYN Flood by Probabilistically Dropping Packets
Lab 7	Identifying Heavy Hitters using Count-min Sketches (CMS)
Lab 8	Implementing Stateful Packet Filtering with P4-DPDK
Lab Manuals	P4-DPDK Security Lab Series [PDF]

P4-perfSONAR Lab Series

The P4-perfSONAR lab series teaches the learner how to collect traffic measurements using P4 programmable data plane (PDP) switches, and to visualize the measurements in perfSONAR. The proposed P4-perfSONAR enables perfSONAR to passively receive aggregate traffic measurements and statistics from P4 PDP switches in real time. This approach ensures real-time per-flow monitoring and detailed insights, assisting administrators in understanding network traffic patterns.

Lab 1	Introduction to Mininet
Lab 2	P4 Program Building Blocks
Lab 3	Measuring Flow's Throughput
Lab 4	Monitoring the RTT of TCP Flows using P4
Lab 5	Configuring Regular Tests Using pSchedular CLI
Lab 6	Connecting perfSONAR to Grafana Dashboard
Lab 7	Retrieving Per-flow Statistics from the Data Plane
Lab 8	Collecting P4 Measurements using perfSONAR's Archiver
Lab Manuals	P4-perfSONAR Lab Series [PDF]

Introduction to P4-DPDK

Network packet processing faces significant performance challenges due to kernel overheads. These issues have become more pronounced with the rapid growth of network traffic. To address these challenges, the Data Plane Development Kit (DPDK) was developed. DPDK bypasses the kernel and operates directly in user space, offering significant improvements in performance and latency for packet processing tasks. However, DPDK's steep learning curve presents a barrier to entry for developers and network administrators. In recent years, P4 has emerged as a language specifically designed for expressing packet processing data paths. Building on this development, P4-DPDK has been introduced as a new technology that bridges P4 and DPDK. It allows developers to create P4 code which is then translated into a DPDK pipeline, combining the expressiveness of P4 with the performance benefits of DPDK. This lab series offers a hands-on experience on the basics of P4-DPDK.

Lab 1	Introduction to P4-DPDK
Lab 2	P4 Program Building Blocks with the PNA Architecture
Lab 3	PNA Parser Implementation
Lab 4	Introduction to Match-action Tables (Part 1)
Lab 5	Introduction to Match-action Tables (Part 2)
Lab 6	Populating and Managing Match-action Tables at Runtime
Lab 7	Checksum Recalculation and Packet Deparsing
Lab Manuals	Introduction to P4-DPDK Lab Series [PDF]

Introduction to IPv6

This lab series is an introduction to IPv6 networking using Mininet and the Free-Range Routing (FRR) software router. The lab activities cover static and dynamic IPv6 routing, Stateless Address Autoconfiguration (SLAAC), DHCPv6, OSPFv3, BGP, and IPv6 configurations for DNS and web servers. Each lab provides hands-on activities to understand IPv6 network management and configuration, from fundamental setups to advanced routing and services.

Lab 1	Introduction to Mininet
Lab 2	Introduction to FRR
Lab 3	IPv6 Address Configuration
Lab 4	Enabling Stateless Address Autoconfiguration (SLAAC) in IPv6 Routers
Lab 5	Configuring SLAAC and Stateless DHCPv6 Server
Lab 6	Configuring Stateful Dynamic Host Configuration Protocol version 6 (DHCPv6)
Lab 7	IPv6 Static Routing Configuration
Lab 8	Configuring Single Area OSPFv3 using IPv6
Lab 9	Interdomain Routing (BGP) with IPv6
Lab 10	DNS and Web Server IPv6 Configuration
Lab 11	Transitioning from IPv4 to IPv6
Lab 12	Configuring Stateless NAT64
Lab 13	Enabling IPv4 and IPv6 Coexistence with DN64
Lab 14	Configuring IPSec Tunnel on IPv6
Lab 15	Monitoring IPv6 networks using Zeek
Lab Manuals	Introduction to IPv6 Lab Series [PDF]

Introduction to perfSONAR 5

This lab series offers an introductory experience with perfSONAR 5 by providing hands-on activities. These labs utilize Mininet, a network emulator that employs real network traffic. Within this series, participants will explore the fundamental elements of perfSONAR 5, including pScheduler, pSConfig templates, and the Grafana dashboard. They will also delve into various use cases where perfSONAR is used as a debugging tool.

Lab 1	Introduction to Mininet
Lab 2	Setting Administrative Information using perfSONAR Toolkit GUI
Lab 3	Scheduling Regular Tests Using perfSONAR GUI
Lab 4	Configuring Regular Tests Using pScheduler CLI Part I
Lab 5	Configuring Regular Tests Using pScheduler CLI Part II
Lab 6	Defining Regular Tests with a pSConfig Template
Lab 7	Configuring pScheduler Limits
Lab 8	Visualizing pScheduler Measurements using Grafana
Lab 9	Observing the impact of TCP window scaling and small TCP Buffer Sizes
Lab 10	Investigating the Effects of MTU mismatch
Lab 11	Running Regular pScheduler Tests over IPv6 Networks
Lab Manuals	Introduction to perfSONAR 5 Lab Series [PDF]

Virtual Labs on Cybersecurity Applications on P4 Programmable Data Planes

These labs provide a hands-on experience on implementing cybersecurity applications on P4 programmable data planes using the BMv2 software switch. The lab library explains topics that include the basics of P4, implementing stateful packet filters, devising in-network mitigation schemes for TCP SYN flood, DNS amplification, slow DDoS, and others.

Lab 1	Introduction to Mininet
Lab 2	Introduction to P4 and BMv2
Lab 3	P4 Program Building Blocks
Lab 4	Parser Implementation
Lab 5	Introduction to Match-action Tables
Lab 6	Implementing a Stateful Packet Filter for the ICMP Protocol
Lab 7	Implementing a Stateful Packet Filter for the TCP Protocol
Lab 8	Detecting and Mitigating the DNS Amplification Attack
Lab 9	Identifying Heavy Hitters using Count-min Sketches (CMS)
Lab 10	Limiting the Impact of SYN Flood by Probabilistically Dropping Packets
Lab 11	Blocking Application Layer Slow DDoS Attack (Slowloris)
Lab Manuals	P4 Cybersecurity Lab Series [PDF]

Virtual Labs on Cybersecurity Tools and Applications

The labs provide a hands-on experience on cybersecurity tools and applications. The lab series explains topics that include malware, social engineering, SQL injection, Cross-site scripting, cryptography, and others.

Lab 1	Reconnaissance: Scanning with NMAP, Vulnerability Assessment with OpenVAS
Lab 2	Remote Access Trojan (RAT) using Reverse TCP Meterpreter
Lab 3	Escalating Privileges and Installing a Backdoor
Lab 4	Collecting Information with Spyware: Screen Captures and Keyloggers
Lab 5	Social Engineering Attack: Credentials Harvesting and Remote Access through Phishing Emails
Lab 6	SQL Injection Attack on a Web Application
Lab 7	Cross-site Scripting (XSS) Attack on a Web Application
Lab 8	Denial of Service (DoS) Attacks: SYN/FIN/RST Flood, Smurf attack, and SlowLoris
Lab 9	Cryptographic Hashing and Symmetric Encryption
Lab 10	Asymmetric Encryption: RSA, Digital Signatures, Diffie-Hellman
Lab 11	Public Key Infrastructure: Certificate Authority, Digital Certificate
Lab 12	Configuring a Stateful Packet Filter using iptables
Lab 13	Online Dictionary Attack against a Login Webpage
Lab 14	Intrusion Detection and Prevention using Suricata
Lab 15	Packet Sniffing and Relay Attack
Lab 16	DNS Cache Poisoning
Lab 17	Man in the Middle Attack using ARP Spoofing
Lab 18	Understanding Buffer Overflow Attacks in a Vulnerable Application
Lab 19	Conducting Offline Password Attacks
Lab Manuals	Cybersecurity Lab Series [PDF]

Virtual Labs on P4 Programmable Data Planes: Applications, Stateful Elements, and Custom Packet Processing

The labs provide a hands-on experience on P4 programmable data plane advanced topics using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include metadata, registers, counters, meters, advanced parsing, and others.

Lab 1	Introduction to Mininet
Lab 2	Introduction to P4 and BMv2
Lab 3	P4 Program Building Blocks
Lab 4	Defining and Processing Custom Headers
Lab 5	Monitoring the Switchs Queue using Standard Metadata
Lab 6	Collecting Queueing Statistics using a Header Stack
Lab 7	Measuring Flow Statistics using Direct and Indirect Counters
Lab 8	Rerouting Traffic using Meters
Lab 9	Storing Arbitrary Data using Registers
Lab 10	Calculating Packets Interarrival Times using Hashes and Registers
Lab 11	Generating Notification Messages using Digests
Lab Manuals	P4 (BMv2) Advanced Lab Series [PDF]

Virtual Labs on P4 Programmable Data Plane Switches (BMv2)

The labs provide a hands-on experience on P4 programmable data plane switches using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include parsing, match-action tables, checksum verification, and others.

Lab 1	Introduction to Mininet
Exercise 1	Building a Basic Topology
Lab 2	Introduction to P4 and BMv2
Exercise 2	Compiling and Running a P4 Program
Lab 3	P4 Program Building Blocks
Lab 4	Parser Implementation
Exercise 3	Parsing UDP and RTP
Lab 5	Introduction to Match-action Tables (Part 1)
Lab 6	Introduction to Match-action Tables (Part 2)
Exercise 4	Implementing NAT using Match-action Tables
Lab 7	Populating and Managing Match-action Tables at Runtime
Exercise 5	Configuring Match-action Tables at Runtime
Lab 8	Checksum Recalculation and Packet Deparsing
Exercise 6	Building a Packet Reflector
Lab Manual	P4 (BMv2) Lab Series [PDF]

Virtual Labs on Network Management

The labs provide a hands-on experience on network management and monitoring tools and protocols. Topics include monitoring using NetFlow, sFlow, IPFIX, and visualization using Grafana.

Lab 1	Introduction to Mininet
Lab 2	Introduction to NetFlow
Lab 3	Introduction to IPFIX
Lab 4	Introduction to sFlow
Lab 5	Collecting and processing NetFlow, IPFIX and sFlow data using Nfdump
Lab 6	Filtering and formatting data using Nfdump
Lab 7	Collecting and Visualizing sFlow data using GoFlow and Grafana
Lab 8	Collecting and Visualizing NetFlow data using GoFlow and Grafana
Lab Manuals	Network Management Series [PDF]

Virtual Labs on Network Tools and Protocols (NTP)

The NTP labs provide detailed, hands-on experience with tools and protocols needed for emulation of wide area networks (WANs), performance measuring, configuring congestion control protocols, enhancement of TCP throughput using pacing, and other topics.

Lab 1	Introduction to Mininet
Exercise 1	Building a Basic Topology
Lab 2	Introduction to Iperf3
Lab 3	Emulating WAN with NETEM I: Latency, Jitter
Lab 4	Emulating WAN with NETEM II: Packet Loss, Duplication, Reordering, and Corruption
Lab 5	Setting WAN Bandwidth with Token Bucket Filter (TBF)
Exercise 2	Emulating a Wide Area Network (WAN)
Problem 1	Troubleshooting a WAN
Lab 6	Understanding Traditional TCP Congestion Control (HTCP, Cubic, Reno)
Lab 7	Understanding Rate-based TCP Congestion Control (BBR)
Lab 8	Bandwidth-delay Product and TCP Buffer Size
Exercise 3	Tuning TCP and Switch’s Buffer Size
Exercise 4	Running tests with Competing TCP Flows and Different Congestion Control Algorithms
Lab 9	Enhancing TCP Throughput with Parallel Streams
Exercise 5	Enhancing the Aggregate TCP Throughput with Parallel Streams
Problem 2	Enhancing TCP Throughput
Lab 10	Measuring TCP Fairness
Exercise 6	RTT Unfairness
Problem 3	Minimizing the Unfairness
Lab 11	Router's Buffer Size
Lab 12	TCP Rate Control with Pacing
Exercise 7	Setting the Pacing Rate
Lab 13	Impact of MSS on Throughput
Lab 14	Router's Bufferbloat
Exercise 8	Router’s Bufferbloat
Lab 15	Analyzing the Impact of Hardware Offloading on TCP Performance
Lab 16	Random Early Detection
Lab 17	Stochastic Fair Queueing
Lab 18	Controlled Delay (CoDel) Active Queue Management
Lab 19	Proportional Integral Controller-Enhanced (PIE)
Lab 20	Classifying TCP traffic using Hierarchical Token Bucket (HTB)
Lab 21	Enabling Large Data Transfers across a Science DMZ
Lab 22	Understanding UDP Abuses
Lab Manuals	NTP Lab Series [PDF], [Slides]

Virtual Labs on Software Defined Networking (SDN)

This lab series provides a detailed, hands-on experience to the new emerging networking paradigm, Software Defined Networking (SDN). The manual provides a thorough understanding for administering SDN networks using ONOS controller, demonstrating the available applications supported by ONOS, as well as leveraging their full capabilities.

Lab 1	Introduction to Mininet
Lab 2	Legacy Networks: BGP Example as a Distributed System and Autonomous Forwarding Decisions
Lab 3	Early efforts of SDN: MPLS Example of a Control Plane that Establishes Semi-static Forwarding Paths
Lab 4	Introduction to SDN
Exercise 1	SDN Network Configuration
Lab 5	Configuring VXLAN to Provide Network Traffic Isolation
Exercise 2	Configuring VXLAN
Lab 6	Introduction to OpenFlow
Exercise 3	OpenFlow Protocol Management
Lab 7	Routing within an SDN network
Lab 8	Interconnection between Legacy Networks and SDN Networks
Exercise 4	Incremental Deployment of SDN Networks within Legacy Networks
Lab 9	Configuring Virtual Private LAN Service (VPLS)
Lab 10	Applying Equal-cost Multi-path Protocol (ECMP) within SDN networks
Lab Manual	SDN Lab Series [PDF]

Virtual Labs on OSPF

This lab series is an introduction to the Open Shortest Path First (OSPF) routing protocol. The labs provide an overview of OSPF behavior and configuration through hands-on activities and exercises.

Lab 1	Introduction to Mininet
Lab 2	Introduction to FRR
Lab 3	Configuring Single-Area OSPFv2
Lab 4	Configuring Multi-Area OSPFv2
Exercise 1	Configuring Multi-Area OSPFv2
Lab 5	Configuring OSPFv2 with Default Route
Lab 6	OSPFv2 Virtual Link
Exercise 2	Configuring OSPFv2 Virtual Link
Lab 7	OSPFv2 Authentication
Lab 8	Setting OSPFv2 Route Cost
Lab 9	Configuring Multi-Area OSPFv3
Exercise 3	Configuring Multi-Area OSPFv3
Lab 10	Configuring Dual Stack OSPF Routing
Lab Manuals	Open Shortest Path First (OSPF) Lab Series [PDF]

Virtual Labs on Introduction to BGP

This lab series provides a detailed, hands-on experience to understand and configure Border Gateway Protocol (BGP), adjust its attributes, and control network traffic on the Internet.

Lab 1	Introduction to Mininet
Lab 2	Introduction to Free Range Routing (FRR)
Lab 3	Introduction to BGP
Lab 4	Configure and Verify EBGP
Exercise 1	BGP Configuration
Lab 5	BGP Authentication
Lab 6	Configure BGP with Default Route
Lab 7	Using AS_PATH BGP Attribute
Exercise 2	Controlling Traffic using BGP AS_PATH Attribute
Lab 8	Configuring IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.1	Configuring OSPF, IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.2	Configuring IBGP and EBGP Sessions, Local Preference, and MED
Exercise 3	Steering Traffic using BGP Local Preference Attribute
Lab 9	IBGP, Next Hop and Full Mesh Topology
Lab 10	BGP Route Reflection
Lab 11	Configuring Local Preference and AS_PATH prepending
Lab 11.1	Configuring Local Preference and AS_PATH prepending
Lab 12	Hot Potato Routing and BGP LOCAL_PREF Attribute
Lab 13	Configuring Local Preferences on a Per Route Basis
Exercise 4	BGP Next Hop Attribute and Route Reflection
Lab Manuals	Introduction to BGP Lab Series [PDF]

Virtual Labs on MPLS and Advanced BGP Topics

This lab series provides a detailed hands-on experience to understand advanced BGP features such as multiprotocol BGP. The labs also cover attacks that exploit BGP vulnerabilities such as BGP hijacking, IP spoofing, and their mitigation technique. Additionally, the lab series cover topics that include Label Distribution Protocol (LDP), Multiprotocol Label Switching (MPLS), Virtual Routing Forwarding (VRF), and Ethernet VPN.

Lab 1	Configuring Multiprotocol BGP
Lab 2	IP Spoofing and Mitigation Techniques
Lab 3	BGP Hijacking
Lab 4	Introduction to MPLS
Lab 5	Label Distribution Protocol (LDP)
Lab 6	Virtual Routing and Forwarding (VRF)
Lab 7	MPLS Layer 3 VPN using MP-BGP
Lab 8	Ethernet VPN (EVPN) using MP-BGP
Lab 9	Introduction to Segment Routing over IPv6 (SRv6)
Exercise 1	MPLS Layer 3 VPN using MP-BGP
Exercise 2	Configuring Segment Routing over IPv6 (SRv6)
Lab Manuals	MPLS and Advanced BGP Topics Lab Series [PDF]

Virtual Labs on Open Virtual Switch (OVS)

This lab series provides a detailed, hands-on experience to understand and configure Open Virtual Switch (OVS).

Lab 1	Introduction to Linux Namespaces and Open vSwitch
Lab 2	Introduction to Mininet
Lab 3	Introduction to Open vSwitch
Lab 4	Open vSwitch Flow Table
Exercise 1	OpenFlow Basic Operations
Lab 5	Implementing Routing in Open vSwitch
Lab 6	Implementing Routing using Multiple Flow Tables
Exercise 2	Implement Routing using Multiple Flow Tables
Lab 7	Configuring Stateless Firewall using ACLs
Lab 8	Configuring Stateful Firewall using Connection Tracking
Exercise 3	Configuring Stateless and Stateful Firewalls in Open vSwitch
Lab 9	Quality of Service (QoS)
Exercise 4	Configuring Quality of Service (QoS)
Lab 10	Open vSwitch Database Management Protocol (OVSDB)
Lab 11	Open vSwitch Kernel Datapath
Lab 12	Implementing Virtual Local Area Network (VLANs) in Open vSwitch
Lab 13	VLAN trunking in Open vSwitch
Exercise 5	Configuring Virtual Local Area Network (VLAN)
Lab 14	Configuring GRE Tunnel
Lab 15	Configuring IPsec Tunnel
Lab Manual	OVS Lab Series [PDF]

Virtual Labs on perfSONAR

The perfSONAR labs provide hands-on lab experience using emulated multi-domain networks. Labs include configuration details required for accurate performance measurement, regular testing, monitoring, and debugging using a dashboard, limiting access and testing against perfSONAR nodes, web administration, and others.

Lab 1	Configuring Administrative Information Using perfSONAR Toolkit GUI
Lab 2	PerfSONAR Metrics and Tools
Lab 3	Configuring Regular Tests Using perfSONAR GUI
Lab 4	Configuring Regular Tests Using pScheduler CLI Part I
Lab 5	Configuring Regular Tests Using pScheduler CLI Part II
Lab 6	Bandwidth-delay Product and TCP Buffer Size
Lab 7	Configuring Regular Tests Using a pSConfig Template
Lab 8	perfSONAR Monitoring and Debugging Dashboard
Lab 9	pSConfig Web Administrator
Lab 10	Configuring pScheduler Limits
Lab Manuals	perfSONAR Lab Series [PDF]

Virtual Labs on Zeek/Bro

The Zeek / Bro labs provide hands-on lab experience on Intrusion Detection Systems (IDS). Labs demonstrate Bro capabilities such as parsing Zeek files, capturing and analyzing network attacks such as scanner traffic, DoS and DDoS, and more.

Lab 1	Introduction to the Capabilities of Zeek
Lab 2	An Overview of Zeek Logs
Lab 3	Parsing, Reading and Organizing Zeek Log Files
Lab 4	Generating, Capturing and Analyzing Network Scanner Traffic
Lab 5	Generating, Capturing and Analyzing DoS and DDoS-centric Network Traffic
Lab 6	Introduction to Zeek Scripting
Lab 7	Introduction to Zeek Signatures
Lab 8	Advanced Zeek Scripting for Anomaly and Malicious Event Detection
Lab 9	Profiling and Performance Metrics of Zeek
Lab 10	Application of the Zeek IDS for Real-Time Network Protection
Lab 11	Preprocessing of Zeek Output Logs for Machine Learning
Lab 12	Developing Machine Learning Classifiers for Anomaly Inference and Classification
Lab Manual	Zeek/Bro Lab Series [PDF]