DVCL

A Distributed Virtual Computer Lab for Security and Network Education

Jens Haag

Research output: ThesisDoctoral ThesisInternal (IDIP)

6 Downloads (Pure)

Abstract

Teaching networking and IT security in higher education requires a safeplayground for students, where they can safely carry out hands-on exercises.This safe playground is known as a computer lab. Universities have todesign and to provide such a lab with respect to certain criteria, e.g.technical opportunities, educational requirements and demands of thelearners. Since there is no one-size-fits-all lab, the labs will be designed tofit into a certain context and thus have own strengths and weaknesses.In this thesis, we investigate and work with two established labs, whichwere designed for hands-on experiences in networking and it security courses.These labs are predominantly different but have an essential overlap ineducational requirements.One lab is developed by the Open University. It is dedicated for distancelearning. It is based on virtualization and every student is able to startthis lab on his own computer. Students can work out exercises wheneverand wherever they want. A shortcoming however is that students have towork alone, (distant) group work is not possible due to the isolated labarchitecture. This lab is the technical base for our research.The other lab is developed by the Cologne University. It is a physicallab, dedicated for on-campus courses and thus it is not portable. Butstudents can meet in the lab, work in groups and are able to get supportfrom a course advisor, who is also able to verify exercises. A shortcominghowever is that students must be present (they have to travel to theuniversity) and they are dependent on the opening hours of the laboratoryand the availability of the course advisers.In two research parts, we show how such two different lab approachescan be combined and what can be achieved.The first research part is about design issues.Initially, we enable group work in our lab for distance education, sincegroup work is an essential part in on-campus classes. Also remote studentsshould be able to work together. Since the lab is designed as an isolatedsystem, the challenge is to connect two of them on the network level butwithout creating a potential bridge between the isolated and the outsideworld. We achieved this by adding a communication interface to the labarchitecture. This communication interface consists of a ghost host toextract and inject network packets, and a remote bridge endpoint, totransport these packets between remote ghost hosts across an intermediateconnection, e.g. the internet. The developed prototype is called DistributedVirtual Computer Lab (DVCL) and enables to connect two or more distantlabs while preserving the isolated character.The DVCL is then extended and improved by a central authority (CA).While the point-to-point connection of the communication interface canconnect two remote networks in a handy way, more connections requirecareful planning by the students. We show that a CA simplifies the usageof our DVCL for the students (and also for academic staff) and in additionto it avoids administrative configuration errors while connecting remotelabs, e.g. a circular flow which leads to an unusable lab.The first part is completed by two applicability enhancements. Thefirst enhancement covers and resolves security issues in order to pushour prototypical implementation of the DVCL and the CA closer to aproductive learning environment. The second enhancement introduces aGraphical User Interface to increase the usability of the DVCL.The second research part is about educational aspects.In the first part, we assume that working independent from a physicalon-campus lab as well as group work is essential for our students. Ourevaluation of more than 200 students participating in an on-campus networkingcourse shows, that nearly half of the students actually say, thatthey would like to work independently from the university at least partiallyand they would welcome the introduction of an e-learning system. Inaddition, a predominant majority think of working in groups as well asreceiving guidance and feedback as crucial to their learning success. Thisresult justifies and confirms our research and also reveals an additional requirement.The challenge is to provide feedback and guidance to a student, who isworking on an exercise and a human course advisor is not available. Thisis e.g. when students use the DVCL at home in the evening hours. Weshow, that captured network traffic of a lab can give some indication ofwhat a student has already configured according to a certain exercise. Weuse this insight to develop an Electronic Exercise Assistant. This softwareprogram is able to recognize the progress of an exercise and can provideappropriate feedback and support, based on preloaded rules and conditions.This significantly improves the learning situation for students workingremotely in lab. Besides this automatic support, the exercise assistant canverify intermediate and complete solutions of an exercise.The second part is completed by an educational enhancement. Ourevaluation and also own observations show, that a lab is more than aroom with computer and network facilities. Rather it is a social placewhere students e.g. meet, form learning groups, talk and discuss. Weuse these insights and enhance the DVCL to support social interactions.Based on our on-campus lab as source, we model a set of communicational,organizational as well as educational activities and implement them in ourDVCL. The result shows, that our DVCL prototype is no longer a technicalplatform but a virtual place, where students can meet, communicate,arrange learning groups, exchange experiences and work on exercises.This thesis shows that aspects of our two different lab environments canbe combined. Our resulting Distributed Virtual Computer Lab incorporatesstrengths of each source lab. It is a gain for distance teaching as well as foron-campus classes. Remote students are now able to utilize the lab being avirtual classroom, where they can learn in groups, assisted by an electronicadvisor and without the need for a face-to-face meeting. On-campus classescan offer students a new learning environment, where they can learn in aclassroom character without the need to travel to the university.
Original languageEnglish
QualificationPhD
Awarding Institution
  • Open University of the Netherlands
Supervisors/Advisors
  • van Eekelen, Marko, Supervisor
  • Karsch, Stefan, Advisor, External person
  • Vranken, Harald, Advisor
Award date22 Jun 2018
Place of PublicationHeerlen
Publisher
Print ISBNs978-3-86387-892-4
Publication statusPublished - 22 Jun 2018

Fingerprint

Education
Students
Feedback
Communication
Teaching
Packet networks
Distance education
User interfaces
Learning systems
Availability
Internet

Cite this

Haag, Jens. / DVCL : A Distributed Virtual Computer Lab for Security and Network Education. Heerlen : Open Universiteit, 2018. 139 p.
@phdthesis{0fcd9d42a342466f8122922cba079aca,
title = "DVCL: A Distributed Virtual Computer Lab for Security and Network Education",
abstract = "Teaching networking and IT security in higher education requires a safeplayground for students, where they can safely carry out hands-on exercises.This safe playground is known as a computer lab. Universities have todesign and to provide such a lab with respect to certain criteria, e.g.technical opportunities, educational requirements and demands of thelearners. Since there is no one-size-fits-all lab, the labs will be designed tofit into a certain context and thus have own strengths and weaknesses.In this thesis, we investigate and work with two established labs, whichwere designed for hands-on experiences in networking and it security courses.These labs are predominantly different but have an essential overlap ineducational requirements.One lab is developed by the Open University. It is dedicated for distancelearning. It is based on virtualization and every student is able to startthis lab on his own computer. Students can work out exercises wheneverand wherever they want. A shortcoming however is that students have towork alone, (distant) group work is not possible due to the isolated labarchitecture. This lab is the technical base for our research.The other lab is developed by the Cologne University. It is a physicallab, dedicated for on-campus courses and thus it is not portable. Butstudents can meet in the lab, work in groups and are able to get supportfrom a course advisor, who is also able to verify exercises. A shortcominghowever is that students must be present (they have to travel to theuniversity) and they are dependent on the opening hours of the laboratoryand the availability of the course advisers.In two research parts, we show how such two different lab approachescan be combined and what can be achieved.The first research part is about design issues.Initially, we enable group work in our lab for distance education, sincegroup work is an essential part in on-campus classes. Also remote studentsshould be able to work together. Since the lab is designed as an isolatedsystem, the challenge is to connect two of them on the network level butwithout creating a potential bridge between the isolated and the outsideworld. We achieved this by adding a communication interface to the labarchitecture. This communication interface consists of a ghost host toextract and inject network packets, and a remote bridge endpoint, totransport these packets between remote ghost hosts across an intermediateconnection, e.g. the internet. The developed prototype is called DistributedVirtual Computer Lab (DVCL) and enables to connect two or more distantlabs while preserving the isolated character.The DVCL is then extended and improved by a central authority (CA).While the point-to-point connection of the communication interface canconnect two remote networks in a handy way, more connections requirecareful planning by the students. We show that a CA simplifies the usageof our DVCL for the students (and also for academic staff) and in additionto it avoids administrative configuration errors while connecting remotelabs, e.g. a circular flow which leads to an unusable lab.The first part is completed by two applicability enhancements. Thefirst enhancement covers and resolves security issues in order to pushour prototypical implementation of the DVCL and the CA closer to aproductive learning environment. The second enhancement introduces aGraphical User Interface to increase the usability of the DVCL.The second research part is about educational aspects.In the first part, we assume that working independent from a physicalon-campus lab as well as group work is essential for our students. Ourevaluation of more than 200 students participating in an on-campus networkingcourse shows, that nearly half of the students actually say, thatthey would like to work independently from the university at least partiallyand they would welcome the introduction of an e-learning system. Inaddition, a predominant majority think of working in groups as well asreceiving guidance and feedback as crucial to their learning success. Thisresult justifies and confirms our research and also reveals an additional requirement.The challenge is to provide feedback and guidance to a student, who isworking on an exercise and a human course advisor is not available. Thisis e.g. when students use the DVCL at home in the evening hours. Weshow, that captured network traffic of a lab can give some indication ofwhat a student has already configured according to a certain exercise. Weuse this insight to develop an Electronic Exercise Assistant. This softwareprogram is able to recognize the progress of an exercise and can provideappropriate feedback and support, based on preloaded rules and conditions.This significantly improves the learning situation for students workingremotely in lab. Besides this automatic support, the exercise assistant canverify intermediate and complete solutions of an exercise.The second part is completed by an educational enhancement. Ourevaluation and also own observations show, that a lab is more than aroom with computer and network facilities. Rather it is a social placewhere students e.g. meet, form learning groups, talk and discuss. Weuse these insights and enhance the DVCL to support social interactions.Based on our on-campus lab as source, we model a set of communicational,organizational as well as educational activities and implement them in ourDVCL. The result shows, that our DVCL prototype is no longer a technicalplatform but a virtual place, where students can meet, communicate,arrange learning groups, exchange experiences and work on exercises.This thesis shows that aspects of our two different lab environments canbe combined. Our resulting Distributed Virtual Computer Lab incorporatesstrengths of each source lab. It is a gain for distance teaching as well as foron-campus classes. Remote students are now able to utilize the lab being avirtual classroom, where they can learn in groups, assisted by an electronicadvisor and without the need for a face-to-face meeting. On-campus classescan offer students a new learning environment, where they can learn in aclassroom character without the need to travel to the university.",
author = "Jens Haag",
year = "2018",
month = "6",
day = "22",
language = "English",
isbn = "978-3-86387-892-4",
publisher = "Open Universiteit",
school = "Open University of the Netherlands",

}

Haag, J 2018, 'DVCL: A Distributed Virtual Computer Lab for Security and Network Education', PhD, Open University of the Netherlands, Heerlen.

DVCL : A Distributed Virtual Computer Lab for Security and Network Education. / Haag, Jens.

Heerlen : Open Universiteit, 2018. 139 p.

Research output: ThesisDoctoral ThesisInternal (IDIP)

TY - THES

T1 - DVCL

T2 - A Distributed Virtual Computer Lab for Security and Network Education

AU - Haag, Jens

PY - 2018/6/22

Y1 - 2018/6/22

N2 - Teaching networking and IT security in higher education requires a safeplayground for students, where they can safely carry out hands-on exercises.This safe playground is known as a computer lab. Universities have todesign and to provide such a lab with respect to certain criteria, e.g.technical opportunities, educational requirements and demands of thelearners. Since there is no one-size-fits-all lab, the labs will be designed tofit into a certain context and thus have own strengths and weaknesses.In this thesis, we investigate and work with two established labs, whichwere designed for hands-on experiences in networking and it security courses.These labs are predominantly different but have an essential overlap ineducational requirements.One lab is developed by the Open University. It is dedicated for distancelearning. It is based on virtualization and every student is able to startthis lab on his own computer. Students can work out exercises wheneverand wherever they want. A shortcoming however is that students have towork alone, (distant) group work is not possible due to the isolated labarchitecture. This lab is the technical base for our research.The other lab is developed by the Cologne University. It is a physicallab, dedicated for on-campus courses and thus it is not portable. Butstudents can meet in the lab, work in groups and are able to get supportfrom a course advisor, who is also able to verify exercises. A shortcominghowever is that students must be present (they have to travel to theuniversity) and they are dependent on the opening hours of the laboratoryand the availability of the course advisers.In two research parts, we show how such two different lab approachescan be combined and what can be achieved.The first research part is about design issues.Initially, we enable group work in our lab for distance education, sincegroup work is an essential part in on-campus classes. Also remote studentsshould be able to work together. Since the lab is designed as an isolatedsystem, the challenge is to connect two of them on the network level butwithout creating a potential bridge between the isolated and the outsideworld. We achieved this by adding a communication interface to the labarchitecture. This communication interface consists of a ghost host toextract and inject network packets, and a remote bridge endpoint, totransport these packets between remote ghost hosts across an intermediateconnection, e.g. the internet. The developed prototype is called DistributedVirtual Computer Lab (DVCL) and enables to connect two or more distantlabs while preserving the isolated character.The DVCL is then extended and improved by a central authority (CA).While the point-to-point connection of the communication interface canconnect two remote networks in a handy way, more connections requirecareful planning by the students. We show that a CA simplifies the usageof our DVCL for the students (and also for academic staff) and in additionto it avoids administrative configuration errors while connecting remotelabs, e.g. a circular flow which leads to an unusable lab.The first part is completed by two applicability enhancements. Thefirst enhancement covers and resolves security issues in order to pushour prototypical implementation of the DVCL and the CA closer to aproductive learning environment. The second enhancement introduces aGraphical User Interface to increase the usability of the DVCL.The second research part is about educational aspects.In the first part, we assume that working independent from a physicalon-campus lab as well as group work is essential for our students. Ourevaluation of more than 200 students participating in an on-campus networkingcourse shows, that nearly half of the students actually say, thatthey would like to work independently from the university at least partiallyand they would welcome the introduction of an e-learning system. Inaddition, a predominant majority think of working in groups as well asreceiving guidance and feedback as crucial to their learning success. Thisresult justifies and confirms our research and also reveals an additional requirement.The challenge is to provide feedback and guidance to a student, who isworking on an exercise and a human course advisor is not available. Thisis e.g. when students use the DVCL at home in the evening hours. Weshow, that captured network traffic of a lab can give some indication ofwhat a student has already configured according to a certain exercise. Weuse this insight to develop an Electronic Exercise Assistant. This softwareprogram is able to recognize the progress of an exercise and can provideappropriate feedback and support, based on preloaded rules and conditions.This significantly improves the learning situation for students workingremotely in lab. Besides this automatic support, the exercise assistant canverify intermediate and complete solutions of an exercise.The second part is completed by an educational enhancement. Ourevaluation and also own observations show, that a lab is more than aroom with computer and network facilities. Rather it is a social placewhere students e.g. meet, form learning groups, talk and discuss. Weuse these insights and enhance the DVCL to support social interactions.Based on our on-campus lab as source, we model a set of communicational,organizational as well as educational activities and implement them in ourDVCL. The result shows, that our DVCL prototype is no longer a technicalplatform but a virtual place, where students can meet, communicate,arrange learning groups, exchange experiences and work on exercises.This thesis shows that aspects of our two different lab environments canbe combined. Our resulting Distributed Virtual Computer Lab incorporatesstrengths of each source lab. It is a gain for distance teaching as well as foron-campus classes. Remote students are now able to utilize the lab being avirtual classroom, where they can learn in groups, assisted by an electronicadvisor and without the need for a face-to-face meeting. On-campus classescan offer students a new learning environment, where they can learn in aclassroom character without the need to travel to the university.

AB - Teaching networking and IT security in higher education requires a safeplayground for students, where they can safely carry out hands-on exercises.This safe playground is known as a computer lab. Universities have todesign and to provide such a lab with respect to certain criteria, e.g.technical opportunities, educational requirements and demands of thelearners. Since there is no one-size-fits-all lab, the labs will be designed tofit into a certain context and thus have own strengths and weaknesses.In this thesis, we investigate and work with two established labs, whichwere designed for hands-on experiences in networking and it security courses.These labs are predominantly different but have an essential overlap ineducational requirements.One lab is developed by the Open University. It is dedicated for distancelearning. It is based on virtualization and every student is able to startthis lab on his own computer. Students can work out exercises wheneverand wherever they want. A shortcoming however is that students have towork alone, (distant) group work is not possible due to the isolated labarchitecture. This lab is the technical base for our research.The other lab is developed by the Cologne University. It is a physicallab, dedicated for on-campus courses and thus it is not portable. Butstudents can meet in the lab, work in groups and are able to get supportfrom a course advisor, who is also able to verify exercises. A shortcominghowever is that students must be present (they have to travel to theuniversity) and they are dependent on the opening hours of the laboratoryand the availability of the course advisers.In two research parts, we show how such two different lab approachescan be combined and what can be achieved.The first research part is about design issues.Initially, we enable group work in our lab for distance education, sincegroup work is an essential part in on-campus classes. Also remote studentsshould be able to work together. Since the lab is designed as an isolatedsystem, the challenge is to connect two of them on the network level butwithout creating a potential bridge between the isolated and the outsideworld. We achieved this by adding a communication interface to the labarchitecture. This communication interface consists of a ghost host toextract and inject network packets, and a remote bridge endpoint, totransport these packets between remote ghost hosts across an intermediateconnection, e.g. the internet. The developed prototype is called DistributedVirtual Computer Lab (DVCL) and enables to connect two or more distantlabs while preserving the isolated character.The DVCL is then extended and improved by a central authority (CA).While the point-to-point connection of the communication interface canconnect two remote networks in a handy way, more connections requirecareful planning by the students. We show that a CA simplifies the usageof our DVCL for the students (and also for academic staff) and in additionto it avoids administrative configuration errors while connecting remotelabs, e.g. a circular flow which leads to an unusable lab.The first part is completed by two applicability enhancements. Thefirst enhancement covers and resolves security issues in order to pushour prototypical implementation of the DVCL and the CA closer to aproductive learning environment. The second enhancement introduces aGraphical User Interface to increase the usability of the DVCL.The second research part is about educational aspects.In the first part, we assume that working independent from a physicalon-campus lab as well as group work is essential for our students. Ourevaluation of more than 200 students participating in an on-campus networkingcourse shows, that nearly half of the students actually say, thatthey would like to work independently from the university at least partiallyand they would welcome the introduction of an e-learning system. Inaddition, a predominant majority think of working in groups as well asreceiving guidance and feedback as crucial to their learning success. Thisresult justifies and confirms our research and also reveals an additional requirement.The challenge is to provide feedback and guidance to a student, who isworking on an exercise and a human course advisor is not available. Thisis e.g. when students use the DVCL at home in the evening hours. Weshow, that captured network traffic of a lab can give some indication ofwhat a student has already configured according to a certain exercise. Weuse this insight to develop an Electronic Exercise Assistant. This softwareprogram is able to recognize the progress of an exercise and can provideappropriate feedback and support, based on preloaded rules and conditions.This significantly improves the learning situation for students workingremotely in lab. Besides this automatic support, the exercise assistant canverify intermediate and complete solutions of an exercise.The second part is completed by an educational enhancement. Ourevaluation and also own observations show, that a lab is more than aroom with computer and network facilities. Rather it is a social placewhere students e.g. meet, form learning groups, talk and discuss. Weuse these insights and enhance the DVCL to support social interactions.Based on our on-campus lab as source, we model a set of communicational,organizational as well as educational activities and implement them in ourDVCL. The result shows, that our DVCL prototype is no longer a technicalplatform but a virtual place, where students can meet, communicate,arrange learning groups, exchange experiences and work on exercises.This thesis shows that aspects of our two different lab environments canbe combined. Our resulting Distributed Virtual Computer Lab incorporatesstrengths of each source lab. It is a gain for distance teaching as well as foron-campus classes. Remote students are now able to utilize the lab being avirtual classroom, where they can learn in groups, assisted by an electronicadvisor and without the need for a face-to-face meeting. On-campus classescan offer students a new learning environment, where they can learn in aclassroom character without the need to travel to the university.

M3 - Doctoral Thesis

SN - 978-3-86387-892-4

PB - Open Universiteit

CY - Heerlen

ER -

Haag J. DVCL: A Distributed Virtual Computer Lab for Security and Network Education. Heerlen: Open Universiteit, 2018. 139 p.