=Paper=
{{Paper
|id=Vol-1830/Paper68
|storemode=property
|title=An Implementation of A Software Defined Network Based Virtual Laboratory
|pdfUrl=https://ceur-ws.org/Vol-1830/Paper68.pdf
|volume=Vol-1830
|authors=M. E. Bima,O. C. Inalegwu,T. A. Folorunso,I. O. Oyefolahan,S. O Etuk,B. Simeon
}}
==An Implementation of A Software Defined Network Based Virtual Laboratory==
https://ceur-ws.org/Vol-1830/Paper68.pdf
An Implementation Of A Software Defined Network Based Virtual Laboratory
M.E. Bima, O.C. Inalegwu, T.A. Folorunso, I.O. Oyefolahan, S.O Etuk, B. Simeon
Federal University of Technology, Minna
Email: {bimamuhammad, ogbole.inalegwu, funso.taliha, o.ishaq, abiolastella}@futminna.edu.ng
simeon.bala@st.futminna.edu.ng
Abstract—The cost of adequately equipping laboratories This work was implemented using a cyber security practical
with required laboratory equipment has been found to be session. However, it should be noted that the developed
prohibitively expensive. This has made teaching of practical laboratory can be applied in a variegated range of disciplines.
oriented courses very challenging in educational institutions.
Virtualization is a technology that can create the impression The paper is further structured as follows: In section II
of having dedicated hardware resources in place of physical detailed review of related work is presented. The description
laboratory equipment thereby reducing this prohibitive cost. of the employed methodology is presented in Section III.
In this paper, the development of a virtual laboratory using The results and discussion is presented in Section IV while
software defined networking approach is presented. The de- Section V concludes the work.
veloped system was tested using a network penetration testing
laboratory session. The results derived show that the virtual II. R ELATED W ORKS
laboratory has the potential of enhancing learning in practical
oriented courses because of the ease of conducting practical The use of virtualization in the development of virtual
sessions and the elimination of procurement cost of laboratory laboratories has gained large acceptance in academia due
equipments. to the high cost of procuring laboratory equipment. A large
Keywords—-virtual laboratory, SDN virtual laboratory, soft- amount of work has been done in the development of a virtual
ware based virtual laboratory
laboratory for educational purposes. Based on these works,
I. I NTRODUCTION virtual laboratories can be classified into two namely: -
Centralized and Decentralized structured virtual laboratories.
Virtualization has been used for many years as a solution
In the case of the centralized structure, the nodes have
in many cooperate settings to ease the daily activities and
a central server where all remote connections are made in
provide security to equipment [1]. It involves the creating
order to access the laboratory. In [5], a centralized virtual
perception of having dedicated systems resources whereas,
laboratory known as VNLab was developed to evaluate vir-
resources are being shared [2], [3], [4]. This has brought
tual laboratory based on virtualization technologies. Students
great benefits to the large variation of usage involving both
could access the central server by establishing a remote
industry and academia.
In academics, virtualization has helped to reduce the connection. An Integrated physical and virtual laboratory
prohibitive cost of setting up a laboratory for teaching was developed in [6] to teach basic computer networking
practical courses. Heretofore, laboratory equipment have to concepts. VMWare was used at the core of the virtualization
be purchased and set up for use in the laboratory. Apart environment.
from the linear increment in cost as the number of students In Decentralized structure, the nodes operate with no
increase, there is also the issue of space where the equipment dependence on a central server. This creates a whole range
will be placed. Furthermore, students need to be physically of advantages to the virtual laboratory development. The
present in the laboratory to use the equipment. With the use use of decentralized structure is a trend among education
of virtualization, these overheads and more can be eliminated. and professional fields [7]. This is obviously because of
An upcoming technology in virtualization known as Soft- the great advantages derived for their usage which include
ware Defined Networking promises greater flexibility [1]. reusability and flexibility of making changes. A framework
With this, the layer one functionality of the network can for implementing a decentralized virtualization solution for
be transformed to be purely software based. The network computer laboratory was proposed in [8]. In [9], some free
tasks are further divided into two; data and control plane. The virtualization tools were used to develop a virtual laboratory
control plane decides how a given packet should be handled for educational purposes.
while the data plane forwards the packet to a specified Heretofore, virtualization for educational purposes has
destination. been focused mainly on Information Technology (IT) based
In this paper, the development of a virtual laboratory using courses and subjects. Some of the subjects include computer
a software defined networking (SDN) approach is presented. networking and cyber security. Advanced computer network
232
� International Conference on Information and Communication Technology and Its Applications (ICTA 2016)
[10] and VoIP [11] concepts were also taught using virtual
network laboratory. A cyber security based virtual laboratory
was developed in [7] with the Game Based Learning (GBL)
technique employed to encourage learning among students.
An intrusion detection system (IDS) virtual laboratory was
developed in [12]. The system was made modular so that
changes can be made for other courses without affecting Fig. 2. Block Diagram of Developed System
the main operation of the virtual machine. In this study, an
attempt was made to extend the earlier approaches by using 1) VIRTUAL LABORATORY: This block represents the
the software defined networking (SDN) based approach. various laboratory practical sessions taken in the laboratory.
For the purpose of this research, a network penetration
III. S YSTEM D ESIGN laboratory session is implemented in the laboratory. This
Software defined networking being an upcoming concept block will reside on the VMWare platform. Course Instructor
involves the abstraction of the network functionalities. The simply modifies this to accommodate the required laboratory
implication of this is that the network becomes more efficient session.
and flexible in maintenance. This section expounds on the 2) VIRTUAL NETWORK: This block enables remote con-
methods used in developing the SDN based virtual laboratory. nection between the user and the laboratory. Various modules
of the laboratory are connected together using this block. A
A. System Architecture user is further required to remotely log into laboratory to be
granted access. GNS3 network emulator is used to implement
The layered model show in Fig. 1 was employed in the this functionality in the design.
development of the virtual laboratory. 3) COMPUTER: It is from this unit that the user connects
to the laboratory. A secured login encryption is enabled using
SSH to eliminate possible eavesdropping on the provided
password.
B. Use Case Diagram
From Fig. 3, the instructor can set up all the virtual
machines for the SDN. The administrator is responsible
for creating virtual machines when needed, installing new
software or services on the virtual machine for the purpose
of laboratory practical.
Fig. 1. SDN model adopted in the design
Control layer defines how the network handles a given
packet. Infrastructure layer involves the use of a physical
or virtual network device. Application layer involves the
kinds of high layer functionality expected on the network.
It involves the virtualization of a designed network.
Fig. 3. Use Case Diagram of proposed system
In order to develop the system, two tools; VMWare and
GNS3; were employed. The application layer resides on the The students of the system can perform the set laboratory
VMWare while the control and infrastructure layers reside tasks. A remote connection is required to access the labo-
on the GNS3 platform. The network is set up on the GNS3 ratory platform. Once login has been established, users can
emulator and it is used to interface the application on the now carry out various penetration tests on the VM instance
VMware platform. that has been created.
A personal computer running windows 7 was used as the
Host Computer (HC). On the HC, VMware workstation 11 IV. R ESULTS
was installed to be used to create Virtual Machines for the This section shows the results and output from the devel-
developed Virtual Laboratory. The overview of the developed oped Software Defined Network (SDN). The screen-shot of
system is further depicted in Fig. 2 the designed system is shown in Fig 4.
233
� International Conference on Information and Communication Technology and Its Applications (ICTA 2016)
Fig. 4. Developed system on GNS3
The system was tested by implementing a Penetration
Testing Lab. The details of the tests conducted are presented
as follows. Fig. 7. Exploiting SQL Injection
1) Scanning of the networks.
2) Test for SQL injection vulnerability on webserver. sqlitest.txt will be used by sqlmap to exploit the database.
3) Perform SQL injection on the web server The process of exploitation is shown in Fig. 7.
A. Scanning
V. C ONCLUSION
Zenmap, a GUI scanning tool is used to scan the in-
ternal and external networks which are 10.10.10.1/24 and A virtual laboratory was designed, implemented and tested
192.168.10.1/24 respectively. The results of the scanning are using virtualization and SDN technologies. It was designed
shown in Fig. 5 using GNS3 and VMware workstation. Network penetration
test was conducted to determine the efficiency of the devel-
oped system. It can be concluded from the results that the
virtual laboratory has the potential of enhancing learning in
practical oriented courses because of the ease of conducting
practical sessions and the elimination of procurement cost of
laboratory equipments.
R EFERENCES
[1] D. Kreutz, F. M. V. Ramos, P. Verissimo, C. E. Rothenberg, S. Azodol-
molky, S. Member, and S. Uhlig, “Software-Defined Networking : A
Comprehensive Survey,” Proceedings of the IEEE, vol. 103, no. 1,
pp. 14 – 76, 2015.
[2] J. Ma and J. V. Nickerson, “Hands-on, simulated, and remote labora-
tories,” ACM Computing Surveys, vol. 38, no. 3, pp. 7–es, 2006.
[3] R. J. Ross, C. M. Boroni, F. W. Goosey, M. Grinder, and P. Wis-
senbach, “WebLab! A universal and interactive teaching, learning, and
laboratory environment for the World Wide Web,” SIGCSE Bulletin,
vol. 29, pp. 199–203, 1997.
[4] L. Winer, M. Chomienne, and J. Vazquez-Abad, “A distributed collab-
orative science learning laboratory on the internet,” American Journal
of Distance Education, vol. 14, no. 1, pp. 47–62, 2000.
[5] D. M. Dobrilovic, V. Z. Jevtic, and B. Odadzic, “Expanding Usability
of Virtual Network Laboratory in IT Engineering Education,” Interna-
Fig. 5. Result of Network Scanning tional Journal of Online Engineering (iJOE), vol. 9, pp. 26–32, feb
2013.
[6] K. C. Chan and M. Martin, “An integrated virtual and physical network
B. Testing for SQL Injection infrastructure for a networking laboratory,” in 2012 7th International
Conference on Computer Science & Education (ICCSE), no. Iccse,
A single quote (‘) or ‘or 1 = 1 – was submitted to the pp. 1433–1436, IEEE, jul 2012.
webserver to test for SQL injection vulnerability. An error [7] J. Cano, R. Hernandez, S. Ros, and L. Tobarra, “A distributed labora-
being generated afterwards indicates the presence of such tory architecture for game based learning in cybersecurity and critical
infrastructures,” in 2016 13th International Conference on Remote
vulnerability as shown in Fig. 6 Engineering and Virtual Instrumentation (REV), no. February, pp. 183–
185, IEEE, feb 2016.
C. Exploiting SQL Injection [8] H. Frederik and A. Buitendag, “Presenting a Framework for using Full
Decentralized Virtualization on Desktop Computers in an Educational
Burpsuite proxy is used to intercept the request and the Laboratory Environment,” in IST-Africa Conference and Exhibition
request is sent to SQLMAP, a database exploitation tool. To (IST-Africa), 2013, (Nairobi), pp. 1–8, IEEE, 2013.
run burpsuite, “burpsuite &” command is sent to the shell. On [9] A. Gonzalez, C. R. Garcia, and S. Candela, “Providing learning
computing laboratories using hosting and virtualization technologies,”
default, burpsuite intercepts the request sent to the database in 2011 IEEE Global Engineering Education Conference (EDUCON),
and it is saved in a file. All request information saved in pp. 252–259, IEEE, apr 2011.
234
� International Conference on Information and Communication Technology and Its Applications (ICTA 2016)
Fig. 6. Result from SQL Injection Test
[10] A. Ruiz-Martinez, F. Pereguez-Garcia, R. Marin-Lopez, P. M. Ruiz-
Martinez, and A. F. Skarmeta-Gmez, “Teaching Advanced Concepts in
Computer Networks: VNUML-UM Virtualization Tool,” IEEE Trans-
actions on Learning Technologies, vol. 6, pp. 85–96, jan 2013.
[11] G. V. Iana and V. M. Ionescu, “Virtualization of VoIP laboratories,”
in 2015 14th RoEduNet International Conference - Networking in
Education and Research (RoEduNet NER), pp. 115–120, IEEE, sep
2015.
[12] P. Li and T. Mohammed, “Integration of virtualization technology
into network security laboratory,” in 2008 38th Annual Frontiers in
Education Conference, no. Vmm, pp. S2A–7–S2A–12, IEEE, oct 2008.
235
�