Seminar on Virtual Labs for Cybersecurity

  

         

 

Seminar on Virtual Labs for Cybersecurity

Friday, February 9, 2024

 

 

Organizers
  • University of South Florida (USF)
  • University of South Carolina (UofSC)
Venue
  • Electrical Engineering Department
  • University of South Florida
  • 4202 E. Fowler Avenue, Tampa, FL
  • NetLab link: https://netlab.cec.sc.edu/
  •  

Overview

                            

This seminar will cover two virtual lab libraries available for NETLAB+ systems: 1) “Cybersecurity Tools and Applications,” and 2) “P4 Programmable Data Plane Switches.” The “Cybersecurity Tools and Applications” library covers the main concepts needed by learners who may want to be introduced to cybersecurity and/or want to obtain the Security+ certificate. Topics are reinforced with virtual labs that can be deployed in a NETLAB+ system. Examples of labs include Remote Access Trojan (RAT) using Reverse TCP Meterpreter, Social Engineering Attacks, Credentials Harvesting and Remote Access through Phishing Emails, SQL Injection Attack on a Web Application, Cross-site Scripting (XSS) Attack on a Web Application, Asymmetric Encryption (RSA, Digital Signatures, Diffie-Hellman), Configuring a Stateful Packet Filter using iptables, Intrusion Detection and Prevention using Suricata, and more.

The “P4 Programmable Switches” library covers how to write cybersecurity applications targeting programmable data plane switches, thus running at terabits per second (Tbps) rates. These switches have recently emerged and run applications at line rate. Moreover, applications can be reconfigured in the field without additional hardware upgrades, facilitating the deployment of new defenses against unforeseen attacks and vulnerabilities. Examples of labs include Detecting DDoS in the Data Plane, Parsing DNS Packets in P4 Switches and Blocking DNS attacks, Tracking Flows in Real Time, and more.     

Outcomes

By the end of this seminar, attendees will:

 

Cybersecurity Labs:
  • Perform vulnerability scanning and penetration testing
  • Create and deploy a malicious payload on a victim's machine
  • Maintain persistent access by installing a backdoor
  • Perform web-based attacks including SQL injection and XSS
  • Understand symmetric and asymmetric cryptography algorithms
  • Implement stateful packet filtering and deploy an intrusion detection system
P4 Security Labs:
  • Implement a stateful packet filter for the ICMP and TCP protocols
  • Implement a mitigation program for the DNS amplification attack
  • Identify and block heavy hitters
  • Mitigate flood attack
  • Mitigate slow DDoS attacks (SlowLoris)

 

Intended Audience

The seminar is targeted to students interested in P4 programmable data plane switches and cybersecurity. The content is suitable for introductory to advanced levels and for practitioners in general. The content is available in the Academic Cloud.
 

Award Information

This activity is supported by:

  • NSF award 2118311. Link to official webpage: NSF-2118311
  • ONR award N00014-23-1-2245

 

Pre-requisites

Connectivity to the Internet and a browser to access the online virtual platform. Attendees will be provided with an account to access USC’s NETLAB system: https://netlab.cec.sc.edu/

 

Agenda

 

Friday, February 9

Time (PST) Topic Presenter
9:00 - 10:00 Seminar Overview Jorge Crichigno
10:00 - 10:45 Executing a cyber-attack [PDF, PPT] Jorge Crichigno
10:45 - 11:00 Summary Jorge Crichigno

 

 

Resources

 

Item Note
P4 installation guide Link A useful guide for preparing the environment for P4 development
Which open-source IDS? Snort, Suricata or Zeek Link Study that compares the performance of Zeek, Snort, and Suricata
Security Course Slides Link Slides for a cybersecurity course
VM for P4 Programmable Data Plane Switches (BMv2) Labs Link Virtual Machine for the P4 Programmable Data Plane Switches (BMv2) lab series
VM for P4 Programmable Data Planes: Applications, Stateful Elements, and Custom Packet Processing Labs Link Virtual Machine for the P4 Programmable Data Planes: Applications, Stateful Elements, and Custom Packet Processing lab series
P4 Cheat Sheet: Link P4 language cheat sheet
BMv2 Docker Containers: Link DockerHub link for the BMv2 containers
Cybertraining Material: Link List of virtual labs on P4, SDN, network tools and protocols, ...
P4 Campus: Link P4 applications for campus networks
FABRIC: Link A programmable research infrastructure
Behavioral Model version 2 (BMv2): Link Reference P4 software switch used as a tool for developing, testing and debugging P4 data planes
Software-Defined Networks: A Systems Approach: Link A book that explores the key principles of Software-Defined Networking (SDN)
Mininet: Link Virtual testbed enabling the development and testing of network tools and protocols
Containernet: Link Mininet fork that allows to use Docker containers as hosts in emulated networks
Mininet Installation:Link A guide that describes the steps to install Mininet on Linux
Wireshark: Link Packet analyzer used for network troubleshooting, analysis, protocol development, and education