Download Folie 1 - Open Universiteit

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
Document related concepts

Wake-on-LAN wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Citizen Lab wikipedia , lookup

Transcript 
A Virtual Computer Lab As Learning
Environment For Networking and
Security Courses
Jens Haag*, Stefan Karsch
Cologne University of Applied Sciences, Germany
*Work has been done as a PhD student of the Open Universiteit, The Netherlands
Harald Vranken, Marko van Eekelen**
Open Universiteit, Netherlands
**Marko van Eekelen is also affiliated with Radboud University Nijmegen, The Netherlands
Agenda
 Introduction
 Previous research subjects
 Virtualization
 Collaboration
 Current research subject: Course Advisory
 Human Course Advisor
 Electronic Course Advisor
 Conclusion and Outlook
02.10.2012
A Virtual Computer Lab As Learning Environment
2
Learning Scenario
 Teaching networking and security of computer systems and networks
(IT Security)
 Basics (e.g. network configuration, routing)
 Advanced content (e.g. security management and measurements, firewalls)
 Students learn the theoretical background
 in lessons
 from textbooks
 Knowledge is illustrated, deepened and
anchored by carrying out
practical exercises (hands-on)
02.10.2012
Teaching e.g. IT Security
Theoretical Background
A Virtual Computer Lab As Learning Environment
Practical Exercises
3
Example Exercise I
 Example exercise: Setup, configure and secure a network
 Server, which provides services
 Router with firewall
 Client
 Students can gather several practical experiences




Configuring the network interfaces and the routing/NAT
Providing and using internet services, e.g. HTTP, SSH, FTP
Adding security measures, e.g. configuring the firewall
Attacks („Hacking“), e.g. Buffer Overflows
 Requires a “safe playground”
02.10.2012
A Virtual Computer Lab As Learning Environment
4
Computer Lab
 At the university: Room containing computer systems
 Network isolated from the outside world (Internet)
 Group work is possible
 Supported by at least one (human) course advisor
 Students work with super-user rights
 After a session, reinstalling the operating system may be necessary
 Not suited for distance learning
 Significant administration effort necessary
 Usually closed in the evening hours and
on weekends
02.10.2012
A Virtual Computer Lab As Learning Environment
5
Virtual Computer Lab
 General idea: Move the lab to the students
 Computer Lab nested in a virtual environment
 Stand-alone environment, composed of two virtualization
layers
 Layer : Between Host machine and Virtual host machine
 Based on free virtualization software (e.g. VMware player, Oracle VirtualBox)
 Typically runs on almost all student computers
 Layer : Between Virtual host machine and highly
resource efficient scalable UML virtual machine
 Based on Netkit, applies User Mode Linux (UML)
 Multiple virtual hosts and isolated, virtual network(s)
02.10.2012
A Virtual Computer Lab As Learning Environment
UML virtual machines

in virtual network
Virtual host machine

Host machine
6
Using the Virtual Computer Lab
 Isolated, secured software environment
 Provided to the students on a DVD
 Can easily install and run on students own computer
 (Virtual) Hardware setup for the example exercise I
 Start the environment
 Issue 3 commands
 Three virtual hosts
 Network interfaces in separated
broadcast domains
02.10.2012
vstart server --eth0=netA
vstart router --eth0=netA --eth1=netB
vstart client --eth0=netB
A Virtual Computer Lab As Learning Environment
7
Principles
 When designing a computer lab that fits into the education system, we
have to deal with at least three principles
 Students should have the possibility to work in a computer
lab whenever and wherever they want
 Students should have the possibility to work together
even if they are distant from each other
 Students should be able to get support while working
in the computer lab
02.10.2012
A Virtual Computer Lab As Learning Environment
8
Collaboration I
 Distant students have the impression of being connected
within an Ethernet LAN
 Connected virtual networks behave like a single
broadcast domain
 Transparent connection on OSI-layer 2 (Data Link Layer)
 Implementation
 Extracting and injecting network data
on virtual network level 
(Ghost Host)
 Sending and receiving the
extracted network data 
(Remote Bridge)
02.10.2012
A Virtual Computer Lab As Learning Environment



9
Collaboration II
 Further improvement: Central Authority
 Goals
 Optimized organization and management when students work together
 Reduced administration effort for students on their PCs
 Virtual Lab with Central Authority (CA)
 The CA is typically hosted at the university
 Each student can connect one or more virtual
networks to the CA in one session
 Additional session can be opened and closed
on demand
02.10.2012
A Virtual Computer Lab As Learning Environment
10
Current research subject: Course Advisory
 Challenges
 Moving the lab to the students cuts the course advisor(s)
from the students
 Complex scenarios could not be verified in a timely manner
 Questions
 How can students get feedback/support while working on exercises?
 How can course advisor(s) verify/rate student’s work?
 Approach
 In advance known exercises should have a predictable network setup
 An “Electronic Course Advisor” will compare the requirements based on an
exercise with student’s progress while working on an exercise
 Students/Advisor(s) can fetch the progress and a final result
02.10.2012
A Virtual Computer Lab As Learning Environment
11
Example Exercise II
 Network example exercise:
“Setup and configure a scenario with at least three hosts (client, router,
server). Client and server should be located within different subnets. The
client should be able to intercommunicate with the server by using the
intermediate router.”
02.10.2012
A Virtual Computer Lab As Learning Environment
12
Possible Solution for Exercise II
 Student’s tasks
 Create the virtual environment
 Configure the hosts
 Verify the routing behavior
# Create the required hosts and networks
vstart client --eth0=subnet1
vstart router --eth0=subnet1 --eth1=subnet2
vstart server --eth0=subnet2
 Netkit for the virtual environment
# Configure the client
ifconfig eth0 192.168.1.2 up
route add default gw 192.168.1.1
 Standard Linux/Unix commands for the
configuration
# Configure the router
ifconfig eth0 192.168.1.1 up
ifconfig eth1 192.168.2.1 up
 Feedback? Verify?
# Configure the server
ifconfig eth0 192.168.2.2 up
route add default gw 192.168.2.1
02.10.2012
A Virtual Computer Lab As Learning Environment
13
Human Course Advisor
 Human course advisor can guide students in several ways by asking,
checking or discussing questions
 How should the final setup look like?
 Do we have appropriate IP addresses?
 Can the client and the server intercommunicate?
 Finally, the course advisor will check the setup to verify that the student’s
work fulfills the requirements of the exercise
 Do we have at least three hosts? (Verified by e.g. counting open terminals)
 Does the routing work? (Verified by e.g. ping, traceroute)
 Can we use the course advisors expert knowledge in a software program?
02.10.2012
A Virtual Computer Lab As Learning Environment
14
Electronic Course Advisor I
 Major parts of the course advisors knowledge could be represented as
rules.
 Rule to determine routing behavior within a network:
“Routing occurs if an OSI layer 3 IP transmission of a network packet
between two hosts is based on more than one OSI layer 2 transmissions”.
 When working on networking exercises, network packets will occur. They
can be constantly accessed, observed and stored into a database by a new
computer program called Electronic Course Advisor (ECA).
 The ECA also continuously applies rules represented by SQL queries and
outputs the results
02.10.2012
A Virtual Computer Lab As Learning Environment
15
Electronic Course Advisor II
 Architecture of the ECA interacting with a student and Netkit
02.10.2012
A Virtual Computer Lab As Learning Environment
16
Modeled Knowledge
 SQL query to detect routing
// Subquery (3)
SELECT
CASE WHEN COUNT(HOPS) = 0 THEN 'NO' ELSE 'YES' END AS ROUTING_DETECTED
FROM
(
// Subquery (2)
SELECT IPv4_SOURCE, IPv4_DESTINATION, COUNT(SOURCE) as HOPS
FROM
(
// Subquery (1)
SELECT IPv4_SOURCE, SOURCE, IPv4_DESTINATION FROM ETHERNET
WHERE IPv4_SOURCE NOTNULL AND IPv4_DESTINATION NOTNULL
GROUP BY SOURCE, IPv4_SOURCE, DESTINATION, IPv4_DESTINATION
// Closing Subquery (2)
)
GROUP BY IPv4_SOURCE, IPv4_DESTINATION
// Closing Subquery (3)
)
WHERE HOPS > 1;
 Additional queries can detect hosts, networks…
02.10.2012
A Virtual Computer Lab As Learning Environment
17
Guiding Example
 ECA output
 Student’s input
vstart client --eth0=subnet1
02.10.2012
A Virtual Computer Lab As Learning Environment
18
Guiding Example
 ECA output
 Student’s input
vstart router --eth0=subnet1 --eth1=subnet2
vstart server --eth0=subnet1
02.10.2012
A Virtual Computer Lab As Learning Environment
19
Guiding Example
 ECA output
 Student’s input
client: ifconfig eth0 192.168.1.2 up
client: route add default gw 192.168.1.1
02.10.2012
A Virtual Computer Lab As Learning Environment
20
Guiding Example
 ECA output
 Student’s input
router:
router:
server:
server:
02.10.2012
ifconfig eth0 192.168.1.1 up
ifconfig eth1 192.168.2.1 up
ifconfig eth0 192.168.2.2 up
route add default gw 192.168.2.1
A Virtual Computer Lab As Learning Environment
21
Guiding Example
 ECA output
 Student’s input
client: ping -c 1 192.168.2.2
02.10.2012
A Virtual Computer Lab As Learning Environment
22
Guiding Example
 ECA output
 Student successfully solved the exercise
02.10.2012
A Virtual Computer Lab As Learning Environment
23
Conclusion
 A real world networking exercise from a physical lab can be transferred to
a setting in a virtual lab.
 Real world course advisor’s expert knowledge can be modeled as (SQL)
rules.
 An Electronic Course Advisor can
 prove the correctness of a students solution
 offer guidance and support to the students
 Future tasks
 Transform more typical exercises (to find out about limitations)
 Deal with situations where students make mistakes
 Find a proper and efficient way to model exercises and knowledge
02.10.2012
A Virtual Computer Lab As Learning Environment
24
Outlook
 Current ECA prototype was improved by replacing the SQL database part
with a logic reasoner prolog.
 Prolog is well suited to logic and artificial intelligence programming.
 Creating an exercise for the ECA requires telling the computer less the “how”
than the “what”.
 Knowledge base consists of facts: Characteristics, relations and rules
 Exercise configuration file includes question(s), prolog will search the
knowledge base with the goal of “satisfying” this question(s).
 Simplifies the process when creating or customizing exercises.
 WS2012/13: Course advisor @FHK will use the ECA to verify student’s
setup
02.10.2012
A Virtual Computer Lab As Learning Environment
25
 Thank your for your attention!
 Please ask your questions…

 E-Mail: [email protected]
02.10.2012
A Virtual Computer Lab As Learning Environment
26
Related documents
DEPARTMENT OF BIOLOGY GRADUATE STUDENTS – 2010 and 2011 Brittny Calsbeek, PhD
DEPARTMENT OF BIOLOGY GRADUATE STUDENTS – 2010 and 2011 Brittny Calsbeek, PhD
Dr. Ogechi Nwaokelemeh
Dr. Ogechi Nwaokelemeh
Title: FISH analysis comparing the gene composition of the Onager
Title: FISH analysis comparing the gene composition of the Onager
C olegio C.C.T. 09PES0763R Watson y Crick School year 2016
C olegio C.C.T. 09PES0763R Watson y Crick School year 2016
Assertiveness - University of Maryland
Assertiveness - University of Maryland
Three Step Approach for FDA Reform
Three Step Approach for FDA Reform
How to Revise an Economics Major at Macalester College
How to Revise an Economics Major at Macalester College
Systems Development Brochure
Systems Development Brochure
Department of Economics Senior Thesis Prize Winners Class of 2015
Department of Economics Senior Thesis Prize Winners Class of 2015
Practice Based Improvement Log
Practice Based Improvement Log
What Are We Really Saying? Non-verbal
What Are We Really Saying? Non-verbal
Ottavia Pesce_SET Nairobi Workshop April 2015
Ottavia Pesce_SET Nairobi Workshop April 2015