Papers by Ronald Gonzales
Hands-on learning allows students to apply and better understand the concepts they learn during l... more Hands-on learning allows students to apply and better understand the concepts they learn during lectures and in reading assignments. Developing hands-on cybersecurity labs is challenging because many of the tools are proprietary and expensive. The creation of labs that simulate a real environment requires significant resources and planning. The use of real malware and network traffic provides a more realistic experience but can add additional risk to the laboratory network. This paper describes how we utilized the open source Linux distribution tool, Security Onion along with real malware and network traffic captures from publicly available sources to create a challenging and realistic set of hands-on cybersecurity labs. Security Onion is a Linux distribution that is used for intrusion detection, network security monitoring, and log management. It contains a variety of network security monitoring tools and is used by many organizations to monitor networks for intrusion. With its large number of pre-installed tools, Security Onion is an excellent tool to demonstrate network security monitoring concepts and provides students a hands-on experience with application tools commonly used by industry. In this paper we discuss the technical set up, development of lab objectives, data sources, and development of learning objectives. We also discuss mapping the learning objectives of the lab to the related knowledge, skills, and abilities in the National Cybersecurity Workforce Framework and to the relevant knowledge units required for designation as a National Center of Academic Excellence in Information Assurance/Cyber Defense. Use of realistic hands-on labs not only improves the students' learning experience but also better prepares them to enter the workforce.
Uploads
Papers by Ronald Gonzales