1. Home
  2. Cybertraining

Cybertraining Material

nsf_logo

The Cyberinfrastructure Lab at the University of South Carolina (CI Lab @ USC) is a virtual platform deployed for cybertraining purposes. Current training labs include network tools and protocols (e.g., Mininet, Netem, TCP congestion control), perfSONAR, Zeek / Bro, and others.

To access the virtual laboratory:
1. Fill out the form requesting access to CI Lab [docx] (you will receive a username and password within 24 hours). Send the form to gomezgaj@email.sc.edu
2. Access the CI Lab at https://netlab.cec.sc.edu. For a CI Lab user guide, click here [PDF].

Introduction to IPv6

This lab series is an introduction to IPv6 networking using Mininet and the Free-Range Routing (FRR) software router. The lab activities cover static and dynamic IPv6 routing, Stateless Address Autoconfiguration (SLAAC), DHCPv6, OSPFv3, BGP, and IPv6 configurations for DNS and web servers. Each lab provides hands-on activities to understand IPv6 network management and configuration, from fundamental setups to advanced routing and services.

ipv6_logo

Lab 1 Introduction to Mininet
Lab 2 Introduction to FRR
Lab 3 IPv6 Address Configuration
Lab 4 Enabling Stateless Address Autoconfiguration (SLAAC) in IPv6 Routers
Lab 5 Configuring SLAAC and Stateless DHCPv6 Server
Lab 6 Configuring Stateful Dynamic Host Configuration Protocol version 6 (DHCPv6)
Lab 7 IPv6 Static Routing Configuration
Lab 8 Configuring Single Area OSPFv3 using IPv6
Lab 9 Interdomain Routing (BGP) with IPv6
Lab 10 DNS and Web Server IPv6 Configuration
Lab 11 Configuring IPv6 over IPv4 GRE tunnel
Lab 12 Configuring Stateless NAT64
Lab 13 Enabling IPv4 and IPv6 Coexistence with DN64 
Lab Manuals Introduction to IPv6 Lab Series [PDF

 Introduction to perfSONAR 5

 

This lab series offers an introductory experience with perfSONAR 5 by providing hands-on activities. These labs utilize Mininet, a network emulator that employs real network traffic. Within this series, participants will explore the fundamental elements of perfSONAR 5, including pScheduler, pSConfig templates, and the Grafana dashboard. They will also delve into various use cases where perfSONAR is used as a debugging tool.

perfsonar5_topo

Lab 1 Introduction to Mininet
Lab 2 Setting Administrative Information using perfSONAR Toolkit GUI
Lab 3 Scheduling Regular Tests Using perfSONAR GUI
Lab 4 Configuring Regular Tests Using pScheduler CLI Part I
Lab 5 Configuring Regular Tests Using pScheduler CLI Part II
Lab 6 Defining Regular Tests with a pSConfig Template
Lab 7 Configuring pScheduler Limits
Lab 8 Visualizing pScheduler Measurements using Grafana
Lab 9 Observing the impact of TCP window scaling and small TCP Buffer Sizes
Lab 10 Investigating the Effects of MTU mismatch
Lab 11 Running Regular pScheduler Tests over IPv6 Networks
Lab Manuals Introduction to perfSONAR 5 Lab Series [PDF]

Virtual Labs on Cybersecurity Applications on P4 Programmable Data Planes

 

These labs provide a hands-on experience on implementing cybersecurity applications on P4 programmable data planes using the BMv2 software switch. The lab library explains topics that include the basics of P4, implementing stateful packet filters, devising in-network mitigation schemes for TCP SYN flood, DNS amplification, slow DDoS, and others.

p4sec

Lab 1 Introduction to Mininet
Lab 2 Introduction to P4 and BMv2
Lab 3 P4 Program Building Blocks
Lab 4 Parser Implementation
Lab 5 Introduction to Match-action Tables
Lab 6 Implementing a Stateful Packet Filter for the ICMP Protocol
Lab 7 Implementing a Stateful Packet Filter for the TCP Protocol
Lab 8 Detecting and Mitigating the DNS Amplification Attack
Lab 9 Identifying Heavy Hitters using Count-min Sketches (CMS)
Lab 10 Limiting the Impact of SYN Flood by Probabilistically Dropping Packets
Lab 11 Blocking Application Layer Slow DDoS Attack (Slowloris)
Lab Manuals P4 Cybersecurity Lab Series [PDF]

Virtual Labs on Cybersecurity Tools and Applications

 

The labs provide a hands-on experience on cybersecurity tools and applications. The lab series explains topics that include malware, social engineering, SQL injection, Cross-site scripting, cryptography, and others.

cybersecurity fundamentals

Lab 1 Reconnaissance: Scanning with NMAP, Vulnerability Assessment with OpenVAS
Lab 2 Remote Access Trojan (RAT) using Reverse TCP Meterpreter
Lab 3 Escalating Privileges and Installing a Backdoor
Lab 4 Collecting Information with Spyware: Screen Captures and Keyloggers
Lab 5 Social Engineering Attack: Credentials Harvesting and Remote Access through Phishing Emails
Lab 6 SQL Injection Attack on a Web Application
Lab 7 Cross-site Scripting (XSS) Attack on a Web Application
Lab 8 Denial of Service (DoS) Attacks: SYN/FIN/RST Flood, Smurf attack, and SlowLoris
Lab 9 Cryptographic Hashing and Symmetric Encryption
Lab 10 Asymmetric Encryption: RSA, Digital Signatures, Diffie-Hellman
Lab 11 Public Key Infrastructure: Certificate Authority, Digital Certificate
Lab 12 Configuring a Stateful Packet Filter using iptables
Lab 13 Online Dictionary Attack against a Login Webpage
Lab 14 Intrusion Detection and Prevention using Suricata
Lab 15 Packet Sniffing and Relay Attack
Lab 16 DNS Cache Poisoning
Lab 17 Man in the Middle Attack using ARP Spoofing
Lab 18 Understanding Buffer Overflow Attacks in a Vulnerable Application
Lab 19 Conducting Offline Password Attacks
Lab Manuals Cybersecurity Lab Series [PDF]

 

Virtual Labs on P4 Programmable Data Planes: Applications, Stateful Elements, and Custom Packet Processing

 

The labs provide a hands-on experience on P4 programmable data plane advanced topics using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include metadata, registers, counters, meters, advanced parsing, and others.

p4apps

         

Lab 1 Introduction to Mininet
Lab 2 Introduction to P4 and BMv2
Lab 3 P4 Program Building Blocks
Lab 4 Defining and Processing Custom Headers
Lab 5 Monitoring the Switchs Queue using Standard Metadata
Lab 6 Collecting Queueing Statistics using a Header Stack
Lab 7 Measuring Flow Statistics using Direct and Indirect Counters
Lab 8 Rerouting Traffic using Meters
Lab 9 Storing Arbitrary Data using Registers
Lab 10 Calculating Packets Interarrival Times using Hashes and Registers
Lab 11 Generating Notification Messages using Digests
Lab Manuals P4 (BMv2) Advanced Lab Series [PDF]

 

Virtual Labs on P4 Programmable Data Plane Switches (BMv2)

 

The labs provide a hands-on experience on P4 programmable data plane switches using the Behavioral Model version 2 (BMv2) software switch. The lab series explains topics that include parsing, match-action tables, checksum verification, and others.

intro_p4

Lab 1 Introduction to Mininet
Exercise 1 Building a Basic Topology
Lab 2 Introduction to P4 and BMv2
Exercise 2 Compiling and Running a P4 Program
Lab 3 P4 Program Building Blocks
Lab 4 Parser Implementation
Exercise 3 Parsing UDP and RTP
Lab 5 Introduction to Match-action Tables (Part 1)
Lab 6 Introduction to Match-action Tables (Part 2)
Exercise 4 Implementing NAT using Match-action Tables
Lab 7 Populating and Managing Match-action Tables at Runtime
Exercise 5 Configuring Match-action Tables at Runtime
Lab 8 Checksum Recalculation and Packet Deparsing
Exercise 6 Building a Packet Reflector
Lab Manual P4 (BMv2) Lab Series [PDF]

 

Virtual Labs on Network Tools and Protocols (NTP)

 

The NTP labs provide detailed, hands-on experience with tools and protocols needed for emulation of wide area networks (WANs), performance measuring, configuring congestion control protocols, enhancement of TCP throughput using pacing, and other topics.

 

ntp_labs

Lab 1 Introduction to Mininet
Exercise 1 Building a Basic Topology
Lab 2 Introduction to Iperf3
Lab 3 Emulating WAN with NETEM I: Latency, Jitte
Lab 4 Emulating WAN with NETEM II: Packet Loss, Duplication, Reordering, and Corruption
Lab 5 Setting WAN Bandwidth with Token Bucket Filter (TBF)
Exercise 2 Emulating a Wide Area Network (WAN)
Problem 1 Troubleshooting a WAN
Lab 6 Understanding Traditional TCP Congestion Control (HTCP, Cubic, Reno)
Lab 7 Understanding Rate-based TCP Congestion Control (BBR)
Lab 8 Bandwidth-delay Product and TCP Buffer Size
Exercise 3 Tuning TCP and Switch’s Buffer Size
Exercise 4 Running tests with Competing TCP Flows and Different Congestion Control Algorithms
Lab 9 Enhancing TCP Throughput with Parallel Streams
Exercise 5 Enhancing the Aggregate TCP Throughput with Parallel Streams
Problem 2 Enhancing TCP Throughput
Lab 10 Measuring TCP Fairness
Exercise 6 RTT Unfairness
Problem 3 Minimizing the Unfairness
Lab 11 Router's Buffer Size
Lab 12 TCP Rate Control with Pacing
Exercise 7 Setting the Pacing Rate
Lab 13 Impact of MSS on Throughput
Lab 14 Router's Bufferbloat
Exercise 8 Router’s Bufferbloat
Lab 15 Analyzing the Impact of Hardware Offloading on TCP Performance
Lab 16 Random Early Detection
Lab 17 Stochastic Fair Queueing
Lab 18 Controlled Delay (CoDel) Active Queue Management
Lab 19 Proportional Integral Controller-Enhanced (PIE)
Lab 20 Classifying TCP traffic using Hierarchical Token Bucket (HTB)
Lab Manuals NTP Lab Series [PDF]

 

Virtual Labs on Network Management

 

The labs provide a hands-on experience on network management and monitoring tools and protocols. Topics include monitoring using NetFlow, sFlow, IPFIX, and visualization using Grafana.

network_management

Lab 1 Introduction to Mininet
Lab 2 Introduction to NetFlow
Lab 3 Introduction to IPFIX
Lab 4 Introduction to sFlow
Lab 5 Collecting and processing NetFlow, IPFIX and sFlow data using Nfdump
Lab 6 Filtering and formatting data using Nfdump
Lab 7 Collecting and Visualizing sFlow data using GoFlow and Grafana
Lab 8 Collecting and Visualizing NetFlow data using GoFlow and Grafana
Lab Manuals Network Management Series [PDF]

 

Virtual Labs on Software Defined Networking (SDN)

 

This lab series provides a detailed, hands-on experience to the new emerging networking paradigm, Software Defined Networking (SDN). The manual provides a thorough understanding for administering SDN networks using ONOS controller, demonstrating the available applications supported by ONOS, as well as leveraging their full capabilities.

sdn

 

Lab 1 Introduction to Mininet
Lab 2 Legacy Networks: BGP Example as a Distributed System and Autonomous Forwarding Decisions
Lab 3 Early efforts of SDN: MPLS Example of a Control Plane that Establishes Semi-static Forwarding Paths
Lab 4 Introduction to SDN
Exercise 1 SDN Network Configuration
Lab 5 Configuring VXLAN to Provide Network Traffic Isolation
Exercise 2 Configuring VXLAN
Lab 6 Introduction to OpenFlow
Exercise 3 OpenFlow Protocol Management
Lab 7 Routing within an SDN network
Lab 8 Interconnection between Legacy Networks and SDN Networks
Exercise 4 Incremental Deployment of SDN Networks within Legacy Networks
Lab 9 Configuring Virtual Private LAN Service (VPLS)
Lab 10 Applying Equal-cost Multi-path Protocol (ECMP) within SDN networks
Lab Manual SDN Lab Series [PDF]

 

Virtual Labs on OSPF

 

This lab series is an introduction to the Open Shortest Path First (OSPF) routing protocol. The labs provide an overview of OSPF behavior and configuration through hands-on activities and exercises.

ospf_fig

 

Lab 1 Introduction to Mininet
Lab 2 Introduction to FRR
Lab 3 Configuring Single-Area OSPFv2
Lab 4 Configuring Multi-Area OSPFv2
Exercise 1 Configuring Multi-Area OSPFv2
Lab 5 Configuring OSPFv2 with Default Route
Lab 6 OSPFv2 Virtual Link
Exercise 2 Configuring OSPFv2 Virtual Link
Lab 7 OSPFv2 Authentication
Lab 8 Setting OSPFv2 Route Cost
Lab 9 Configuring Multi-Area OSPFv3
Exercise 3 Configuring Multi-Area OSPFv3
Lab 10 Configuring Dual Stack OSPF Routing
Lab Manuals Open Shortest Path First (OSPF) Lab Series [PDF]

 

Virtual Labs on Introduction to BGP

 

This lab series provides a detailed, hands-on experience to understand and configure Border Gateway Protocol (BGP), adjust its attributes, and control network traffic on the Internet.

bgp_fig

 

Lab 1 Introduction to Mininet
Lab 2 Introduction to Free Range Routing (FRR)
Lab 3 Introduction to BGP
Lab 4 Configure and Verify EBGP
Exercise 1 BGP Configuration
Lab 5 BGP Authentication
Lab 6 Configure BGP with Default Route
Lab 7 Using AS_PATH BGP Attribute
Exercise 2 Controlling Traffic using BGP AS_PATH Attribute
Lab 8 Configuring IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.1 Configuring OSPF, IBGP and EBGP Sessions, Local Preference, and MED
Lab 8.2 Configuring IBGP and EBGP Sessions, Local Preference, and MED
Exercise 3 Steering Traffic using BGP Local Preference Attribute
Lab 9 IBGP, Next Hop and Full Mesh Topology
Lab 10 BGP Route Reflection
Lab 11 Configuring Local Preference and AS_PATH prepending
Lab 11.1 Configuring Local Preference and AS_PATH prepending
Lab 12 Hot Potato Routing and BGP LOCAL_PREF Attribute
Lab 13 Configuring Local Preferences on a Per Route Basis
Exercise 4 BGP Next Hop Attribute and Route Reflection
Lab Manuals Introduction to BGP Lab Series [PDF]

 

Virtual Labs on MPLS and Advanced BGP Topics

 

This lab series provides a detailed hands-on experience to understand advanced BGP features such as multiprotocol BGP. The labs also cover attacks that exploit BGP vulnerabilities such as BGP hijacking, IP spoofing, and their mitigation technique. Additionally, the lab series cover topics that include Label Distribution Protocol (LDP), Multiprotocol Label Switching (MPLS), Virtual Routing Forwarding (VRF), and Ethernet VPN.

 

mpls_fig

Lab 1 Configuring Multiprotocol BGP
Lab 2 IP Spoofing and Mitigation Techniques
Lab 3 BGP Hijacking
Lab 4 Introduction to MPLS
Lab 5 Label Distribution Protocol (LDP)
Lab 6 Virtual Routing and Forwarding (VRF)
Lab 7 MPLS Layer 3 VPN using MP-BGP
Lab 8 Ethernet VPN (EVPN) using MP-BGP
Lab 9 Introduction to Segment Routing over IPv6 (SRv6)
Exercise 1 MPLS Layer 3 VPN using MP-BGP
Exercise 2 Configuring Segment Routing over IPv6 (SRv6)
Lab Manuals  MPLS and Advanced BGP Topics Lab Series [PDF]

 

Virtual Labs on Open Virtual Switch (OVS)

 

This lab series provides a detailed, hands-on experience to understand and configure Open Virtual Switch (OVS).

 

ovs_fig_w

Lab 1 Introduction to Linux Namespaces and Open vSwitch
Lab 2 Introduction to Mininet
Lab 3 Introduction to Open vSwitch
Lab 4 Open vSwitch Flow Table
Exercise 1 OpenFlow Basic Operations
Lab 5 Implementing Routing in Open vSwitch
Lab 6 Implementing Routing using Multiple Flow Tables
Exercise 2 Implement Routing using Multiple Flow Tables
Lab 7 Configuring Stateless Firewall using ACLs
Lab 8 Configuring Stateful Firewall using Connection Tracking
Exercise 3 Configuring Stateless and Stateful Firewalls in Open vSwitch
Lab 9 Quality of Service (QoS)
Exercise 4 Configuring Quality of Service (QoS)
Lab 10 Open vSwitch Database Management Protocol (OVSDB)
Lab 11 Open vSwitch Kernel Datapath
Lab 12 Implementing Virtual Local Area Network (VLANs) in Open vSwitch
Lab 13 VLAN trunking in Open vSwitch
Exercise 5 Configuring Virtual Local Area Network (VLAN)
Lab 14 Configuring GRE Tunnel
Lab 15 Configuring IPsec Tunnel
Lab Manual OVS Lab Series [PDF]

Virtual Labs on perfSONAR

 

The perfSONAR labs provide hands-on lab experience using emulated multi-domain networks. Labs include configuration details required for accurate performance measurement, regular testing, monitoring, and debugging using a dashboard, limiting access and testing against perfSONAR nodes, web administration, and others.

perfSONAR_fig

Lab 1 Configuring Administrative Information Using perfSONAR Toolkit GUI
Lab 2 PerfSONAR Metrics and Tools
Lab 3 Configuring Regular Tests Using perfSONAR GUI
Lab 4 Configuring Regular Tests Using pScheduler CLI Part I
Lab 5 Configuring Regular Tests Using pScheduler CLI Part II
Lab 6 Bandwidth-delay Product and TCP Buffer Size
Lab 7 Configuring Regular Tests Using a pSConfig Template
Lab 8 perfSONAR Monitoring and Debugging Dashboard
Lab 9 pSConfig Web Administrator
Lab 10 Configuring pScheduler Limits
Lab Manuals perfSONAR Lab Series [PDF]

 

Virtual Labs on Zeek/Bro

 

The Zeek / Bro labs provide hands-on lab experience on Intrusion Detection Systems (IDS). Labs demonstrate Bro capabilities such as parsing Zeek files, capturing and analyzing network attacks such as scanner traffic, DoS and DDoS, and more.

zeek_fig

Lab 1 Introduction to the Capabilities of Zeek
Lab 2 An Overview of Zeek Logs
Lab 3 Parsing, Reading and Organizing Zeek Log Files
Lab 4 Generating, Capturing and Analyzing Network Scanner Traffic
Lab 5 Generating, Capturing and Analyzing DoS and DDoS-centric Network Traffic
Lab 6 Introduction to Zeek Scripting
Lab 7 Introduction to Zeek Signatures
Lab 8 Advanced Zeek Scripting for Anomaly and Malicious Event Detection
Lab 9 Profiling and Performance Metrics of Zeek
Lab 10 Application of the Zeek IDS for Real-Time Network Protection
Lab 11 Preprocessing of Zeek Output Logs for Machine Learning
Lab 12 Developing Machine Learning Classifiers for Anomaly Inference and Classification
Lab Manual Zeek/Bro Lab Series [PDF]