The article is devoted to developing virtual laboratories and innovative cybersecurity courses for distance learning due to the urgent need for effective education in the current conditions that should include and supplement the modern theoretical content of the relevant courses with the necessary practical skills. Currently, the problem of the organization of practical and laboratory works acquires special importance when the demanded level of knowledge requires training laboratories to be equipped with the necessary modern equipment and corresponding network technologies. Recently, the trend of virtualization of both networks and computers has become popular and intensive, which allows the development and implementation of more flexible types of virtualized laboratory solutions for distance learning. Moreover, virtualization tools are extremely useful in teaching and learning in the field of cybersecurity, as they are effectively applied in simulating various types of attacks, without harming the physical equipment or the entire user network. In turn, the basis for preparing innovative courses for the next generation of cybersecurity experts is the availability of specific servers for the rapid deployment of the proposed Сybersecurity Virtual Laboratory (CVLab) and its direct implementation in the educational process of the university. Introducing the CVLab will have a significant impact on improving the quality of education in higher education institutions, as well as promote research and teaching experience for researchers and scholars.
Currently, in conditions of distance learning of students, the problem of the organization of practical
and laboratory works acquires special importance [
The education of future cybersecurity professionals should include and supplement the modern
theoretical content of the relevant courses with the necessary practical skills [
Lemeshko); oleksandra.yeremenko.ua@ieee.org (O.
Yeremenko);
2022 Copyright for this paper by its authors. FOUNDATIONAL DIGITAL SKILLS
FOR ALL GRADUATES · Analyzing Data · Managing Data · Software Development · Computer
Programming · Digital Security and
Privacy
guidance should motivate students to perform and solve practical and problem-oriented tasks on real
equipment. At the same time, students under the guidance of a teacher can perform such tasks
individually or in groups with a limited number of participants in the learning process, thus acquiring
soft skills of communication and cooperation [
CYBERSECURITY GRADUATES` SKILLS Soft skills: · Problem-Solving Skills · Analytical, Inquisitive
and Insightful Skills · Technical Aptitude · Attention to Detail · Threat Hunting · Communication · Collaboration · A Desire to Learn · Research and Writing · Business Acumen · Agility · Adaptability · Leadership · Project Management
Hard skills: · Security Incident
Handling & Response · Security Information and Event
Management (SIEM) · Risk, Audit &
Compliance · Penetration testing · Network security · Identity and access
management · Analytics & Intelligence · Firewall/IDS/IPS Skills · Application Security
Development · Advanced Malware
Prevention · Data Management
Protection · Digital Forensics · Mobile Device
Management
In recent years, the trend of virtualization of both networks and computers has become popular and
intensive, which allows us to develop and implement more flexible types of virtualized laboratory
solutions, including for distance learning [
In general, a Cybersecurity Virtual Laboratory will use appropriate computer equipment (powerful servers or cluster servers) for distance learning. Thus, such laboratories allow you to run the required number of devices per student and even simulate complex networking scenarios needed to perform practical and laboratory work on cybersecurity (network security, penetration testing, digital forensics, etc.). Therefore, virtualization technologies are currently seen as the only way to deploy future cybersecurity laboratories for distance learning and their long-term resilience in quarantine and isolation.
Virtualization allows you to create and use virtual environments for a physical machine (computer),
network, or operating system. In addition, virtual environments allow you to use different operating
systems or even networks on a single physical machine (Fig. 2) [
Characteristics of some existing virtual cybersecurity laboratories are presented in Table 1 [
Therefore, virtualization can be configured on both the desktop and the cloud infrastructure. The
virtual desktop environment allows you to use virtual machines with different operating systems that
share the resources of the host computer [
The basis for preparing courses for the next generation of cybersecurity experts is the availability of specific servers for the rapid deployment of a Сybersecurity Virtual Laboratory and its direct implementation in the educational process of the university.
Distributed laboratory
architecture for game-based
learning in cybersecurity and
critical infrastructures [
Description A virtual platform based on multiple virtual machines, designed to provide students with remote access to experiment with malware and ethical hacking in a secure environment.
A distributed virtual computer lab for cybersecurity and network technology training. The laboratory was implemented for use both in distance learning and on campus. This has been made possible by the extension of the basic Virtual Security Lab (VCL) through distribution, central management, assisted learning, and security.
CLaaS uses cloud computing and virtualization technologies to conduct virtual cybersecurity experiments and gain practical experience on the vulnerabilities used to launch cyber-attacks, how to fix them, and how to strengthen the protection of cyber resources and services.
SEED Labs provide a built-in virtual machine image that is preconfigured for 30 cybersecurity labs that cover a wide range of computer and information security topics, including software security, network security, web security, operating system security, and mobile application security.
An inter-institutional laboratory that offers innovative, practical, collaborative learning experiences aimed at preventing and reducing real-time cyberattacks. Using a well-established and relatively common malicious code (exploits) in a virtual laboratory, students will experience multidimensional simultaneous attacks and learn to solve, correct, and resist such actions in a special shared environment.
An integrated learning environment for both information security and computer science using open-source Xen virtualization technology.
Distributed remote laboratory for cybersecurity training and infrastructure protection systems using virtualization technologies, cloud computing, and Game-Based Learning (GBL).
Tele-Lab IT-Security [
Cloud platform for practical cybersecurity education.
According to the main goal of CVLab, namely the organization of an effective distance learning process, it is necessary to implement a number of activities, namely: 1. Organizing the purchase of server equipment according to the technical recommendations and computing resources demands. 2. Deploying and launching CVLab for distance learning. 3. Testing CVLab by performing practical and laboratory work to verify its proper operation, as well as eliminating possible errors. 4. Providing open access CVLab for all target groups in Ukraine, namely students and teachers. 5. Organizing online webinars on the possibilities of using CVLab for students and teachers. 6. Dissemination of information about CVLab and its capabilities through social networks and internet resources in order to interest students at various universities in Ukraine, where they are trained in cybersecurity. 7. Effective quality control (internal quality control, monitoring, and evaluation).
Moreover, the rapid provision of a virtual distance learning CVLab platform will help to ensure the full-fledged learning of students during the quarantine. Such a virtual platform will contain all the necessary tools, software, as well as recommendations for laboratory and practical work of basic training courses, such as Network & Cloud Security, Secure Software Development, Malware Analysis, Web Security, Penetration Testing, and Ethical Hacking, Digital Forensic, etc.
Introducing the CVLab and developing the innovative courses on cybersecurity, as well as integrating into the educational process of Ukrainian higher education institutions (HEIs) has a significant impact in the following: · raising awareness about cybersecurity policies and facilitating future cooperation between companies and security regulatory bodies; · fostering of understanding the cybersecurity policies through a series of training courses; · improving the quality of education in the HEIs.
In addition, the introduction of CVLab will promote research and the first teaching experience for young researchers and scholars. The CVLab development team members are young scientists and teachers with broad experience in teaching specialized disciplines in the field of cybersecurity. The involvement of young researchers will entail successful implementation of the CVLab objectives, which will be achieved both through self-training and independent research in the field of cybersecurity, and jointly as a team, by attracting external experts in this field, internships in industry, and exchanging experience on the international conferences.
Extremely important that CVLab deployment will foster the publication and dissemination of the results of academic research. Nowadays, cybersecurity research and development are important all over the world. Cyber-attacks are on the increase and a connected economy and society that is more vulnerable to cyber threats and attacks requires stronger defenses. The main goal and principles of Cybersecurity Strategy are to foster a reliable, safe, and open cyber ecosystem that should remain valid. However, the continuously evolving and deepening threat landscape demand more action to withstand and deter attacks in the future.
In accordance with the Cyber Security Strategy of Ukraine, the main objective is also to create conditions for the safe functioning of cyberspace, application of cyberspace to benefit individuals, society, and the State. However, the research of Ukrainian scientists focused on specific threats and attacks in narrow areas, and the research itself is technical in nature. Nevertheless, cybersecurity is not limited to network, information security, and technical protection. Therefore, the urgent task of conducting comprehensive research in Ukraine arises, aimed at developing and implementing the most effective regulatory protection mechanisms.
Therefore, carrying out research on cybersecurity topics will allow to deepen knowledge, broaden the outlook, and highlight the best practices for their further dissemination at the territory of Ukraine. Publication of articles in scientific and technical journals as well as in local and regional press and participation in international conferences will disseminate the knowledge and experience and exchanging cybersecurity information.
The development of new and modernization of existing courses will be based on analyzing challenges in the cybersecurity area in Ukraine and worldwide with getting feedback from industry, public, and government stakeholders on skills and knowledge demands in Ukraine. To ensure the sustainability of the CVLab results, all the courses will be implemented in the educational curriculum at Ukrainian universities, and delivered material, including publications could be accessed free on the website of the project.
According to the key objectives for cybersecurity and information and communications technology, cybersecurity certification the network and information systems, as well as electronic communication networks and services play a vital role in society and have become the backbone of economic growth.
Information and communications technology (ICT), IoT, and Smart Infrastructures underpin the complex systems which support everyday social activities, connect people and devices, keep our economies running in key sectors such as health, energy, finance, transport, and, in particular, support the functioning of the internal market. In this context, the security and certification of the products, services, and processes become significant relevant areas both in Ukraine and all over the world.
To make the Ukrainian market more familiar with the current standards and policies in cybersecurity, the CVLab team will modernize existing courses expanding the content with cybersecurity policies and best practices in the specific areas as IoT, namely cyber resilience and ICT services that are relevant for graduates in their professional life. These courses will enhance students` professional skills and their competitiveness in the labor market.
As part of the implementation of CVLab, it is planned to develop the following innovative
specialized courses, which are relevant today and include the scientific results of young scientists
involved in the deployment of the laboratory [
Among them, the course titled “Best practices in the cyber resilience strategy” can be distinguished, the brief description of which is presented below.
The purpose of the course is to provide knowledge in current frameworks, modern methods of protecting networks and cloud systems. The students will obtain knowledge about cyber resilience means, practical skills in deep packet inspection systems, secure routing, fault-tolerant network and systems, firewalls, access control methods of protection, software-defined networks, and cloud security principles.
Course syllabus: 1. Towards a Global Cyber Resilience Framework
Goal: to study the current understanding of cyber resilience based on getting an overview of what sort of resilience measures are currently in place, as well as highlight any glaring gaps in efforts. 2. The cyber resilience strategy
Goal: to study best practices aimed at providing three core pillars of the Eurosystem’s cyber resilience strategy.
3. Analysis of Cyber Defense Policy Framework
Goal: to study about Cyber Defense Policy Framework for the consistent implementation promotion of the relevant framework, which is essential to increasing cyber resilience.
4. The main concepts of secure routing in reliable networks.
Goal: to know characteristics of existing network security methods in infocommunications; analysis of secure routing methods in the communication networks; improving secure routing methods. 5. Network security metrics evaluation.
Goal: to know the probability of compromising the network elements (links, nodes, routes, network segments); existing and novel methods of evaluating the probability of compromise.
6. Fault-tolerant routing as the approach for ensuring cyber resilience in the modern network architectures and clouds.
Goal: to know default gateway protection within fault-tolerant routing; inter-area fast rerouting in the case of hierarchical routing; fast rerouting with load balancing in software-defined networks; faulttolerant cloud infrastructures.
The course teaches strategic documentation and cybersecurity approaches of the EU frameworks for ensuring the cyber resilience of ICT. The course also combines EU frameworks and technical knowledge about the fundamentals of SDN, cloud, virtualization technologies, IPS/IDS, advanced VPN protection, secure routing, design a fault-tolerant network to protect network elements.
Also, currently considerable interest in a course called “Best practices for IoT and Smart Infrastructures”, which description is as follows.
The purpose of the course is to define security measures for IoT in the entailed complexity that is brought by the diversity of application areas for IoT. This course helps to understand what needs to be secured and what security measures to implement in order to protect the Internet of Things from cyber threats. During the course, the differences in apportioning risk to distinct environments in each IoT domain will be considered as well as threats and risks related to the IoT devices.
Course syllabus: 1. IoT Security Standards Gap Analysis
Goal: to study and analyze the gaps in IoT security and provide guidelines for the development or repositioning of standards.
2. Baseline Security Recommendations for IoT
Goal: to study best practices to help secure IoT products and systems including physical security, device secure boot, secure operating system, application security, encryption, network connection, and so on (IoT Security Foundation).
3. Security and Resilience of Smart Home Environments
Goal: to study securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers. 4. Good Practices for Security of Internet of Things in the context of Smart Manufacturing Goal: to study and analyze the security and privacy challenges related to the evolution of industrial systems and services precipitated by the introduction of IoT innovations. Introduce the good practices to ensure the security of IoT in the context of Industry 4.0/Smart Manufacturing, while mapping the relevant security and privacy challenges, threats, risks, and attack scenarios.
5. Security of IoT cloud services
Goal: to provide a high-level overview on the security issues to IoT developers and IoT integrators that make use of IoT Cloud Computing and Cloud Service Providers (CSPs) of IoT Cloud offerings. 6. Cybersecurity Challenges and Recommendations for industrial IoT
Goal: to study the main challenges to the adoption of the security measures and security of Industry 4.0 and Industrial IoT. To get acquired with recommendations to different stakeholder groups in order to promote Industry 4.0 cybersecurity and facilitate wider take-up of relevant innovations in a secure manner.
7. Vulnerability Disclosure in the Internet of Things Product (IoT security foundation) Goal: study how to report newly discovered security vulnerabilities to the product or serviceproviding organization and make the public announcement of security vulnerabilities by that organization.
8. IoT Security Compliance Framework (IoT security foundation)
Goal: to study how Framework sets out a comprehensive set of security requirements for aspects of the organization and product. To learn how to do a risk assessment of the IoT products, how to create a Compliance Checklist, understand how to provide a list of countermeasures to reduce any security risk.
The course will increase the awareness of participants about what measures according to EU cybersecurity policies should be implemented to protect IoT and Smart Infrastructure from cyber threats. Given the pervasiveness and massive deployment of the IoT concept, cyber threats against it have real consequences on the safety of citizens and industrial objects.
It should be mentioned that the introduction of a cybersecurity virtual laboratory (CVLab) aimed at improving the effectiveness of distance education meets the objectives of the Cyber Security Strategy of Ukraine, as well as priorities and areas of its provision, ranging from general digital literacy to training of security sector actors [32]. At the same time, among the advantages of CVLab implementation are the following.
Ease of use and implementation in the educational process. After installing CVLab, students can perform practical and laboratory works both on the server and on their personal device, after downloading the image of the virtual laboratory at a convenient time. Teachers can create instructions and guides for laboratory work, whereas students can access and create feedback.
Versatility and efficiency. Due to the fact that CVLab will include training courses that are part of the basic curriculum in the field of cybersecurity, this virtual platform will be able to cover most universities in which students study in this specialty.
Availability. CVLab courses will be publicly available. Students and teachers can use this virtual laboratory for distance learning in the field of cybersecurity.
Sustainability. Using CVLab is an effective tool for distance learning not only during the global pandemic, but will be useful in the educational process during any period of student learning.
Technical support. Periodic updating of the platform and support as needed are provided.
and Systems. MCT 2019, volume 152of Lecture Notes in Networks and Systems, Springer, Cham, 2021, pp. 191-205. doi: https://doi.org/10.1007/978-3-030-58359-0_10. [28] O. Lemeshko, M. Yevdokymenko, M. Yeremenko, I. Kuzminykh, Cyber Resilience and Fault Tolerance of Artificial Intelligence Systems: EU Standards, Guidelines, and Reports, in: Proceedings of the Selected Papers on Cybersecurity Providing in Information and Telecommunication Systems (CPITS 2020), CEUR, 2020, pp. 99-108. http://ceur-ws.org/Vol2746/paper9.pdf. [29] I. Kuzminykh, A. Carlsson, Analysis of Assets for Threat Risk Model in Avatar-Oriented IoT Architecture. In: Galinina O., Andreev S., Balandin S., Koucheryavy Y. (eds) Internet of Things, Smart Spaces, and Next Generation Networks and Systems. NEW2AN 2018, ruSMART 2018, volume 11118 of Lecture Notes in Computer Science, Springer, Cham, 2018, pp. 52-63. doi: https://doi.org/10.1007/978-3-030-01168-0_6. [30] M. TajDini, V. Sokolov, I. Kuzminykh, S. Shiaeles, B. Ghita, Wireless Sensors for Brain
Activity—A Survey, Electronics 9 (2020) 2092. https://doi.org/10.3390/electronics9122092. [31] I. Kuzminvkh, Development of traffic light control algorithm in smart municipal network, in: Proceedings of the 2016 13th International Conference on Modern Problems of Radio Engineering, Telecommunications and Computer Science (TCSET), IEEE, 2016, pp. 896-898. doi: https://doi.org/10.1109/TCSET.2016.7452218. [32] Cybersecurity Strategy of Ukraine, Decree of the President of Ukraine from 15.03.2016. 96/2016. https://zakon.rada.gov.ua/laws/show/96/2016#n11.