XenLabs

Using modern VM technology to create a virtual laboratory of machines that students can use for "hands-on" security exercises. Students (or groups of students) can have an identical set of machines where they have full control, but are encapsulated from the each other and the rest of the network. Also, security exercises that use flaws in a particular OS version can remain viable for longer periods.

We are collaborating with folks at Iowa State and SUNY Oswego on this project.

XenLabs software

The current version of XenLabs is designed to run on the Debian stable.

Here are the source/scripts for XenLabs.

• xenlabs-0.25.tgz - full code and documentation
• InstallXenLabs.sh - just the installation script (it will download the above and install it for you)
• xenlabs-0.34.tgz - updated code and documentation, you would need to modify the installation script to install

XenLabs pre-made assignments

• Buffer overflow lab (uses HVM and needs 0.34) - disk image and config (1GB) - student assignment - email me to get the root password for the system

Publications about XenLabs

1. Nathaniel W. Gephart^* and Benjamin A. Kuperman. Design of a Virtual Computer Lab Environment for hands-on Information Security Exercises. The Journal of Computing Sciences in Colleges 26(1):32-39, 2010. [ PDF | bib | ACM Library ]
2. Nathaniel W. Gephart*, Benjamin A. Kuperman, Thomas E. Daniels, James P. Early, Building a virtualized lab environment to teach information security through hands-on exercises , poster presented at the 25th Annual Computer Security Applications Conference (ACSAC), 2009.

Acknowledgment and Disclaimer

This material is based upon work supported by the National Science Foundation under Grant No. 0830877.

Any opinions, findings and conclusions or recomendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).

Last Modified: August 02, 2010 - Benjamin A. Kuperman