1. Home
  2. Cybertraining

Cybertraining Material

The Cyberinfrastructure Lab at the University of South Carolina (CI Lab @ USC) is a virtual platform deployed for cybertraining purposes. Current training labs include network tools and protocols (e.g., Mininet, Netem, TCP congestion control), perfSONAR, Zeek / Bro, and others.

To access the virtual laboratory:
1. Fill out the form requesting access to CI Lab [form] (you will receive a username and password within 24 hours). 
2. For any issues accessing your Netlab account, feel free to contact choueiri@email.sc.edu.
3. Access the CI Lab at https://netlab.cec.sc.edu. For a CI Lab user guide, click here [PDF].

 

P4-DPDK Security Lab Series

These labs provide a hands-on experience on implementing cybersecurity applications on P4-DPDK. The lab library explains topics that include the basics of P4, implementing stateful packet filters, devising in-network mitigation schemes for TCP SYN flood, and others.

Lab 1 Introduction to P4-DPDK
Lab 2 P4 Program Building Blocks with the PNA Architecture
Lab 3 PNA Parser Implementation
Lab 4 Introduction to Match-action Tables
Lab 5 Calculating Packets Interarrival Times using Hashes and Registers
Lab 6 Limiting the Impact of SYN Flood by Probabilistically Dropping Packets
Lab 7 Identifying Heavy Hitters using Count-min Sketches (CMS)
Lab 8 Implementing Stateful Packet Filtering with P4-DPDK
Lab Manuals P4-DPDK Security Lab Series [PDF

P4-perfSONAR Lab Series

The P4-perfSONAR lab series teaches the learner how to collect traffic measurements using P4 programmable data plane (PDP) switches, and to visualize the measurements in perfSONAR. The proposed P4-perfSONAR enables perfSONAR to passively receive aggregate traffic measurements and statistics from P4 PDP switches in real time. This approach ensures real-time per-flow monitoring and detailed insights, assisting administrators in understanding network traffic patterns.

Lab 1 Introduction to Mininet
Lab 2 P4 Program Building Blocks 
Lab 3 Measuring Flow's Throughput
Lab 4 Monitoring the RTT of TCP Flows using P4
Lab 5 Configuring Regular Tests Using pSchedular CLI
Lab 6 Connecting perfSONAR to Grafana Dashboard
Lab 7 Retrieving Per-flow Statistics from the Data Plane
Lab 8 Collecting P4 Measurements using perfSONAR's Archiver
Lab Manuals P4-perfSONAR Lab Series [PDF

Introduction to P4-DPDK

Network packet processing faces significant performance challenges due to kernel overheads. These issues have become more pronounced with the rapid growth of network traffic. To address these challenges, the Data Plane Development Kit (DPDK) was developed. DPDK bypasses the kernel and operates directly in user space, offering significant improvements in performance and latency for packet processing tasks. However, DPDK's steep learning curve presents a barrier to entry for developers and network administrators. In recent years, P4 has emerged as a language specifically designed for expressing packet processing data paths. Building on this development, P4-DPDK has been introduced as a new technology that bridges P4 and DPDK. It allows developers to create P4 code which is then translated into a DPDK pipeline, combining the expressiveness of P4 with the performance benefits of DPDK. This lab series offers a hands-on experience on the basics of P4-DPDK.

Lab 1 Introduction to P4-DPDK
Lab 2 P4 Program Building Blocks with the PNA Architecture
Lab 3 PNA Parser Implementation
Lab 4 Introduction to Match-action Tables (Part 1)
Lab 5 Introduction to Match-action Tables (Part 2)
Lab 6 Populating and Managing Match-action Tables at Runtime
Lab 7 Checksum Recalculation and Packet Deparsing
Lab Manuals Introduction to P4-DPDK Lab Series [PDF

Introduction to IPv6

This lab series is an introduction to IPv6 networking using Mininet and the Free-Range Routing (FRR) software router. The lab activities cover static and dynamic IPv6 routing, Stateless Address Autoconfiguration (SLAAC), DHCPv6, OSPFv3, BGP, and IPv6 configurations for DNS and web servers. Each lab provides hands-on activities to understand IPv6 network management and configuration, from fundamental setups to advanced routing and services.

Lab 1 Introduction to Mininet
Lab 2 Introduction to FRR
Lab 3 IPv6 Address Configuration
Lab 4 Enabling Stateless Address Autoconfiguration (SLAAC) in IPv6 Routers
Lab 5 Configuring SLAAC and Stateless DHCPv6 Server
Lab 6 Configuring Stateful Dynamic Host Configuration Protocol version 6 (DHCPv6)
Lab 7 IPv6 Static Routing Configuration
Lab 8 Configuring Single Area OSPFv3 using IPv6
Lab 9 Interdomain Routing (BGP) with IPv6
Lab 10 DNS and Web Server IPv6 Configuration
Lab 11 Transitioning from IPv4 to IPv6
Lab 12 Configuring Stateless NAT64
Lab 13 Enabling IPv4 and IPv6 Coexistence with DN64 
Lab 14 Configuring IPSec Tunnel on IPv6
Lab 15 Monitoring IPv6 networks using Zeek
Lab Manuals Introduction to IPv6 Lab Series [PDF]

 Introduction to perfSONAR 5
 

This lab series offers an introductory experience with perfSONAR 5 by providing hands-on activities. These labs utilize Mininet, a network emulator that employs real network traffic. Within this series, participants will explore the fundamental elements of perfSONAR 5, including pScheduler, pSConfig templates, and the Grafana dashboard. They will also delve into various use cases where perfSONAR is used as a debugging tool.

Lab 1 Introduction to Mininet
Lab 2 Setting Administrative Information using perfSONAR Toolkit GUI
Lab 3 Scheduling Regular Tests Using perfSONAR GUI
Lab 4 Configuring Regular Tests Using pScheduler CLI Part I
Lab 5 Configuring Regular Tests Using pScheduler CLI Part II
Lab 6 Defining Regular Tests with a pSConfig Template
Lab 7 Configuring pScheduler Limits
Lab 8 Visualizing pScheduler Measurements using Grafana
Lab 9 Observing the impact of TCP window scaling and small TCP Buffer Sizes
Lab 10 Investigating the Effects of MTU mismatch
Lab 11 Running Regular pScheduler Tests over IPv6 Networks
Lab Manuals Introduction to perfSONAR 5 Lab Series [PDF]

Virtual Labs on Cybersecurity Applications on P4 Programmable Data Planes

 

These labs provide a hands-on experience on implementing cybersecurity applications on P4 programmable data planes using the BMv2 software switch. The lab library explains topics that include the basics of P4, implementing stateful packet filters, devising in-network mitigation schemes for TCP SYN flood, DNS amplification, slow DDoS, and others.

Lab 1 Introduction to Mininet
Lab 2 Introduction to P4 and BMv2
Lab 3 P4 Program Building Blocks
Lab 4 Parser Implementation
Lab 5 Introduction to Match-action Tables
Lab 6 Implementing a Stateful Packet Filter for the ICMP Protocol
Lab 7 Implementing a Stateful Packet Filter for the TCP Protocol
Lab 8 Detecting and Mitigating the DNS Amplification Attack
Lab 9 Identifying Heavy Hitters using Count-min Sketches (CMS)
Lab 10 Limiting the Impact of SYN Flood by Probabilistically Dropping Packets
Lab 11 Blocking Application Layer Slow DDoS Attack (Slowloris)
Lab Manuals P4 Cybersecurity Lab Series [PDF]

Virtual Labs on Cybersecurity Tools and Applications

 

The labs provide a hands-on experience on cybersecurity tools and applications. The lab series explains topics that include malware, social engineering, SQL injection, Cross-site scripting, cryptography, and others.

Lab 1 Reconnaissance: Scanning with NMAP, Vulnerability Assessment with OpenVAS
Lab 2 Remote Access Trojan (RAT) using Reverse TCP Meterpreter
Lab 3 Escalating Privileges and Installing a Backdoor
Lab 4 Collecting Information with Spyware: Screen Captures and Keyloggers
Lab 5 Social Engineering Attack: Credentials Harvesting and Remote Access through Phishing Emails
Lab 6 SQL Injection Attack on a Web Application
Lab 7 Cross-site Scripting (XSS) Attack on a Web Application
Lab 8 Denial of Service (DoS) Attacks: SYN/FIN/RST Flood, Smurf attack, and SlowLoris
Lab 9 Cryptographic Hashing and Symmetric Encryption
Lab 10 Asymmetric Encryption: RSA, Digital Signatures, Diffie-Hellman
Lab 11 Public Key Infrastructure: Certificate Authority, Digital Certificate
Lab 12 Configuring a Stateful Packet Filter using iptables
Lab 13 Online Dictionary Attack against a Login Webpage
Lab 14 Intrusion Detection and Prevention using Suricata
Lab 15 Packet Sniffing and Relay Attack
Lab 16 DNS Cache Poisoning
Lab 17 Man in the Middle Attack using ARP Spoofing
Lab 18 Understanding Buffer Overflow Attacks in a Vulnerable Application
Lab 19 Conducting Offline Password Attacks
Lab Manuals Cybersecurity Lab Series [PDF]

 

Virtual Labs on P4 Programmable Data Planes: Applications, Stateful Elements, and Custom Packet Processing

 

The labs provide a hands-on experience on P4 programmable data plane advanced topics using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include metadata, registers, counters, meters, advanced parsing, and others.

         

Lab 1 Introduction to Mininet
Lab 2 Introduction to P4 and BMv2
Lab 3 P4 Program Building Blocks
Lab 4 Defining and Processing Custom Headers
Lab 5 Monitoring the Switchs Queue using Standard Metadata
Lab 6 Collecting Queueing Statistics using a Header Stack
Lab 7 Measuring Flow Statistics using Direct and Indirect Counters
Lab 8 Rerouting Traffic using Meters
Lab 9 Storing Arbitrary Data using Registers
Lab 10 Calculating Packets Interarrival Times using Hashes and Registers
Lab 11 Generating Notification Messages using Digests
Lab Manuals P4 (BMv2) Advanced Lab Series [PDF]

 

Virtual Labs on P4 Programmable Data Plane Switches (BMv2)

 

The labs provide a hands-on experience on P4 programmable data plane switches using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include parsing, match-action tables, checksum verification, and others.

Lab 1 Introduction to Mininet
Exercise 1 Building a Basic Topology
Lab 2 Introduction to P4 and BMv2
Exercise 2 Compiling and Running a P4 Program
Lab 3 P4 Program Building Blocks
Lab 4 Parser Implementation
Exercise 3 Parsing UDP and RTP
Lab 5 Introduction to Match-action Tables (Part 1)
Lab 6 Introduction to Match-action Tables (Part 2)
Exercise 4 Implementing NAT using Match-action Tables
Lab 7 Populating and Managing Match-action Tables at Runtime
Exercise 5 Configuring Match-action Tables at Runtime
Lab 8 Checksum Recalculation and Packet Deparsing
Exercise 6 Building a Packet Reflector
Lab Manual P4 (BMv2) Lab Series [PDF]

 

Virtual Labs on Network Management

 

The labs provide a hands-on experience on network management and monitoring tools and protocols. Topics include monitoring using NetFlow, sFlow, IPFIX, and visualization using Grafana.

Lab 1 Introduction to Mininet
Lab 2 Introduction to NetFlow
Lab 3 Introduction to IPFIX
Lab 4 Introduction to sFlow
Lab 5 Collecting and processing NetFlow, IPFIX and sFlow data using Nfdump
Lab 6 Filtering and formatting data using Nfdump
Lab 7 Collecting and Visualizing sFlow data using GoFlow and Grafana
Lab 8 Collecting and Visualizing NetFlow data using GoFlow and Grafana
Lab Manuals Network Management Series [PDF]

 

Virtual Labs on Network Tools and Protocols (NTP)

 

The NTP labs provide detailed, hands-on experience with tools and protocols needed for emulation of wide area networks (WANs), performance measuring, configuring congestion control protocols, enhancement of TCP throughput using pacing, and other topics.

 

Lab 1 Introduction to Mininet
Exercise 1 Building a Basic Topology
Lab 2 Introduction to Iperf3
Lab 3 Emulating WAN with NETEM I: Latency, Jitter
Lab 4 Emulating WAN with NETEM II: Packet Loss, Duplication, Reordering, and Corruption
Lab 5 Setting WAN Bandwidth with Token Bucket Filter (TBF)
Exercise 2 Emulating a Wide Area Network (WAN)
Problem 1 Troubleshooting a WAN
Lab 6 Understanding Traditional TCP Congestion Control (HTCP, Cubic, Reno)
Lab 7 Understanding Rate-based TCP Congestion Control (BBR)
Lab 8 Bandwidth-delay Product and TCP Buffer Size
Exercise 3 Tuning TCP and Switch’s Buffer Size
Exercise 4 Running tests with Competing TCP Flows and Different Congestion Control Algorithms
Lab 9 Enhancing TCP Throughput with Parallel Streams
Exercise 5 Enhancing the Aggregate TCP Throughput with Parallel Streams
Problem 2 Enhancing TCP Throughput
Lab 10 Measuring TCP Fairness
Exercise 6 RTT Unfairness
Problem 3 Minimizing the Unfairness
Lab 11 Router's Buffer Size
Lab 12 TCP Rate Control with Pacing
Exercise 7 Setting the Pacing Rate
Lab 13 Impact of MSS on Throughput
Lab 14 Router's Bufferbloat
Exercise 8 Router’s Bufferbloat
Lab 15 Analyzing the Impact of Hardware Offloading on TCP Performance
Lab 16 Random Early Detection
Lab 17 Stochastic Fair Queueing
Lab 18 Controlled Delay (CoDel) Active Queue Management
Lab 19 Proportional Integral Controller-Enhanced (PIE)
Lab 20 Classifying TCP traffic using Hierarchical Token Bucket (HTB)
Lab 21 Enabling Large Data Transfers across a Science DMZ
Lab 22 Understanding UDP Abuses
Lab Manuals NTP Lab Series [PDF], [Slides]

 

Virtual Labs on Software Defined Networking (SDN)

 

This lab series provides a detailed, hands-on experience to the new emerging networking paradigm, Software Defined Networking (SDN). The manual provides a thorough understanding for administering SDN networks using ONOS controller, demonstrating the available applications supported by ONOS, as well as leveraging their full capabilities.

 

Lab 1 Introduction to Mininet
Lab 2 Legacy Networks: BGP Example as a Distributed System and Autonomous Forwarding Decisions
Lab 3 Early efforts of SDN: MPLS Example of a Control Plane that Establishes Semi-static Forwarding Paths
Lab 4 Introduction to SDN
Exercise 1 SDN Network Configuration
Lab 5 Configuring VXLAN to Provide Network Traffic Isolation
Exercise 2 Configuring VXLAN
Lab 6 Introduction to OpenFlow
Exercise 3 OpenFlow Protocol Management
Lab 7 Routing within an SDN network
Lab 8 Interconnection between Legacy Networks and SDN Networks
Exercise 4 Incremental Deployment of SDN Networks within Legacy Networks
Lab 9 Configuring Virtual Private LAN Service (VPLS)
Lab 10 Applying Equal-cost Multi-path Protocol (ECMP) within SDN networks
Lab Manual SDN Lab Series [PDF]

 

Virtual Labs on OSPF

 

This lab series is an introduction to the Open Shortest Path First (OSPF) routing protocol. The labs provide an overview of OSPF behavior and configuration through hands-on activities and exercises.

 

Lab 1 Introduction to Mininet
Lab 2 Introduction to FRR
Lab 3 Configuring Single-Area OSPFv2
Lab 4 Configuring Multi-Area OSPFv2
Exercise 1 Configuring Multi-Area OSPFv2
Lab 5 Configuring OSPFv2 with Default Route
Lab 6 OSPFv2 Virtual Link
Exercise 2 Configuring OSPFv2 Virtual Link
Lab 7 OSPFv2 Authentication
Lab 8 Setting OSPFv2 Route Cost
Lab 9 Configuring Multi-Area OSPFv3
Exercise 3 Configuring Multi-Area OSPFv3
Lab 10 Configuring Dual Stack OSPF Routing
Lab Manuals Open Shortest Path First (OSPF) Lab Series [PDF]

 

Virtual Labs on Introduction to BGP

 

This lab series provides a detailed, hands-on experience to understand and configure Border Gateway Protocol (BGP), adjust its attributes, and control network traffic on the Internet.

 

Lab 1 Introduction to Mininet
Lab 2 Introduction to Free Range Routing (FRR)
Lab 3 Introduction to BGP
Lab 4 Configure and Verify EBGP
Exercise 1 BGP Configuration
Lab 5 BGP Authentication
Lab 6 Configure BGP with Default Route
Lab 7 Using AS_PATH BGP Attribute
Exercise 2 Controlling Traffic using BGP AS_PATH Attribute
Lab 8 Configuring IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.1 Configuring OSPF, IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.2 Configuring IBGP and EBGP Sessions, Local Preference, and MED
Exercise 3 Steering Traffic using BGP Local Preference Attribute
Lab 9 IBGP, Next Hop and Full Mesh Topology
Lab 10 BGP Route Reflection
Lab 11 Configuring Local Preference and AS_PATH prepending
Lab 11.1 Configuring Local Preference and AS_PATH prepending
Lab 12 Hot Potato Routing and BGP LOCAL_PREF Attribute
Lab 13 Configuring Local Preferences on a Per Route Basis
Exercise 4 BGP Next Hop Attribute and Route Reflection
Lab Manuals Introduction to BGP Lab Series [PDF]

 

Virtual Labs on MPLS and Advanced BGP Topics

 

This lab series provides a detailed hands-on experience to understand advanced BGP features such as multiprotocol BGP. The labs also cover attacks that exploit BGP vulnerabilities such as BGP hijacking, IP spoofing, and their mitigation technique. Additionally, the lab series cover topics that include Label Distribution Protocol (LDP), Multiprotocol Label Switching (MPLS), Virtual Routing Forwarding (VRF), and Ethernet VPN.

 

Lab 1 Configuring Multiprotocol BGP
Lab 2 IP Spoofing and Mitigation Techniques
Lab 3 BGP Hijacking
Lab 4 Introduction to MPLS
Lab 5 Label Distribution Protocol (LDP)
Lab 6 Virtual Routing and Forwarding (VRF)
Lab 7 MPLS Layer 3 VPN using MP-BGP
Lab 8 Ethernet VPN (EVPN) using MP-BGP
Lab 9 Introduction to Segment Routing over IPv6 (SRv6)
Exercise 1 MPLS Layer 3 VPN using MP-BGP
Exercise 2 Configuring Segment Routing over IPv6 (SRv6)
Lab Manuals  MPLS and Advanced BGP Topics Lab Series [PDF]

 

Virtual Labs on Open Virtual Switch (OVS)

 

This lab series provides a detailed, hands-on experience to understand and configure Open Virtual Switch (OVS).

 

Lab 1 Introduction to Linux Namespaces and Open vSwitch
Lab 2 Introduction to Mininet
Lab 3 Introduction to Open vSwitch
Lab 4 Open vSwitch Flow Table
Exercise 1 OpenFlow Basic Operations
Lab 5 Implementing Routing in Open vSwitch
Lab 6 Implementing Routing using Multiple Flow Tables
Exercise 2 Implement Routing using Multiple Flow Tables
Lab 7 Configuring Stateless Firewall using ACLs
Lab 8 Configuring Stateful Firewall using Connection Tracking
Exercise 3 Configuring Stateless and Stateful Firewalls in Open vSwitch
Lab 9 Quality of Service (QoS)
Exercise 4 Configuring Quality of Service (QoS)
Lab 10 Open vSwitch Database Management Protocol (OVSDB)
Lab 11 Open vSwitch Kernel Datapath
Lab 12 Implementing Virtual Local Area Network (VLANs) in Open vSwitch
Lab 13 VLAN trunking in Open vSwitch
Exercise 5 Configuring Virtual Local Area Network (VLAN)
Lab 14 Configuring GRE Tunnel
Lab 15 Configuring IPsec Tunnel
Lab Manual OVS Lab Series [PDF]

Virtual Labs on perfSONAR

 

The perfSONAR labs provide hands-on lab experience using emulated multi-domain networks. Labs include configuration details required for accurate performance measurement, regular testing, monitoring, and debugging using a dashboard, limiting access and testing against perfSONAR nodes, web administration, and others.

Lab 1 Configuring Administrative Information Using perfSONAR Toolkit GUI
Lab 2 PerfSONAR Metrics and Tools
Lab 3 Configuring Regular Tests Using perfSONAR GUI
Lab 4 Configuring Regular Tests Using pScheduler CLI Part I
Lab 5 Configuring Regular Tests Using pScheduler CLI Part II
Lab 6 Bandwidth-delay Product and TCP Buffer Size
Lab 7 Configuring Regular Tests Using a pSConfig Template
Lab 8 perfSONAR Monitoring and Debugging Dashboard
Lab 9 pSConfig Web Administrator
Lab 10 Configuring pScheduler Limits
Lab Manuals perfSONAR Lab Series [PDF]

 

Virtual Labs on Zeek/Bro

 

The Zeek / Bro labs provide hands-on lab experience on Intrusion Detection Systems (IDS). Labs demonstrate Bro capabilities such as parsing Zeek files, capturing and analyzing network attacks such as scanner traffic, DoS and DDoS, and more.

Lab 1 Introduction to the Capabilities of Zeek
Lab 2 An Overview of Zeek Logs
Lab 3 Parsing, Reading and Organizing Zeek Log Files
Lab 4 Generating, Capturing and Analyzing Network Scanner Traffic
Lab 5 Generating, Capturing and Analyzing DoS and DDoS-centric Network Traffic
Lab 6 Introduction to Zeek Scripting
Lab 7 Introduction to Zeek Signatures
Lab 8 Advanced Zeek Scripting for Anomaly and Malicious Event Detection
Lab 9 Profiling and Performance Metrics of Zeek
Lab 10 Application of the Zeek IDS for Real-Time Network Protection
Lab 11 Preprocessing of Zeek Output Logs for Machine Learning
Lab 12 Developing Machine Learning Classifiers for Anomaly Inference and Classification
Lab Manual Zeek/Bro Lab Series [PDF]