A New Construction Scheme for Information Security Lab

doi:10.4236/ce.2012.34064

Paper Menu >>

Journal Menu >>

Creative Education

2012. Vol.3, No.4, 406-412

Published Online August 2012 in SciRes (http://www.SciRP.org/journal/ce) http://dx.doi.org/10.4236/ce.2012.34064

406

A New Construction Scheme for Information Security Lab

Li Zhu, Huaqing Mao, Zhiwen Hu

Wenzhou University Oujiang College, Wenz h o u , China

Email: 38995791@qq.com, mr.maohuaqing@qq.com, 448766175@qq.com

Received May 31st, 2012; revised June 28th, 2012; accepted July 10th, 2012

At present, it is urgent for us to build fully functional information security laboratory. In this paper, the

function and requirements of a new information security lab are analyzed. And a construction scheme for

information security laboratory is put forward. The lab not only provides services for teaching and train-

ing, but also provides security evaluation, authentication and extension services for local governments,

institutions and enterprises. Our teaching and training practice shows that the scheme of such information

security laboratory proposed in this paper is effective and reasonable.

Keywords: Information Security Laboratory; Construction Scheme; Extension Services

Introduction

At present, information security has become a comprehen-

sive, cross-discipline area, which integrated the accumulation

of knowledge and latest research results on computer, tele-

communication, microelectronics, mathematics, physics, and

many other areas. (Zhang, Huang, & Liu, 2004) Information

security is also a complex system, which involves the con-

struction of information infrastructure, networks and systems,

information systems and business application systems de-

velopment, information security laws and regulations and

safety ma nag e me nt sy st em e tc .

Therefore, information security is a direct project-oriented

and application-oriented professional field. Information se-

curity education is an engineering culture (Wang, Tan, &

Huang, 2006). If engine ering practice sy stem is e stablishe d in

colleges and universities, the students could carry experi-

ments and practice in the system, which will have great sig-

nificance in improving practical ability and the cognition

ability of technology (Gu & Huang, 2006). In the situation

where a great deal of security talents are required, the uni-

versities should play to their stre ngths to build an appropriate

information security laboratory with perfect functions.

Why to Build Information Security Laboratory

in Colleges and Universities?

The great development of globalization and informatization

has brought rare opportunities for China’s information industry

development, but it has also presented a serious challenge. The

rapid development of Internet has directly affected innovation

of science and technology, the development of information

industry and the rise of knowledge economy. Information net-

work is gradually becoming the foundation of economic pros-

perity, social stability and national development; at present, the

number of Internet users in China has reached 360 million. The

online transaction amount is as high as $30 billion every year.

However, the network brings unprecedented hidden danger to

our life. According to the estimation of National Computer

Network Emergency Treatment Coordination Center, the an-

nual production of dark industry formed by cybercrime has

exceeded $238 million, which results in a loss of more than

$7.6 billion. A page will become a hacker “dinner table” in

every 5 seconds; the rate of being experienced “network link”

for small and medium-sized web sites is up to 5 per thousand.

At the same time, with the evolution of network convergence

and next generation networks, a large number of new busi-

nesses and technologies without security evaluation have been

brought to the market. The inherent security risks in the IP

network are extending to other networks, which will lead to

more security risks. It is visible that information security issues

have changed from purely technical issue to global national

security issues. Along with the process of information deve-

loping, the increased information security risks and threats have

become the key problem of the national security and social

stability. Faced with the increasingly grim situation of network

information security, taking scientific and effective measures is

necessary and feasible.

At present, the talents of network technology tend to be

saturated. According to research report published by the com-

puter world news has estimated the demand for the national

information security talents will reach to more than 300,000.

Currently, quantity of information security engineer talents is

few; especially the compound talents are lacked. For example,

the network managers are not familiar with storage expertise

and storage management planning, and it is seriously short of

manpower for the professional storage device manufacturers

and service providers. There are few training institutions to

offer storage classes, even if they open the storage courses with

high training cost. It is forecasted that the demand of national

network storage talents is more than 600,000 per year. However,

it only offers around 10,000 a year presently, which indicates

that the demand gap is enormous.

From above analysis, we can see that the demand of network

information security talents in China is lacked, and the ability

of talents also need to be further enhanced. It is necessary and

urgent to build high level information security laboratory with

completed function in college and university. The laboratory

should meet the needs of different levels of information secu-

rity laborato ry base a n d talent training base, which will promote

practical ability training of the students, broaden students’ ideas

L. ZHU ET AL.

and vision, improve the quality of teaching, and finally provide

good conditions for cultivating innovative information security

talents in universities and colleges.

Current Status & Construction Target

With the development of the network and information tech-

nology, information security has become the key information

technology of 21st Century. Therefore, the ministry of educa-

tion has established information security professionals from

2000. Currently, there are more than sixty colleges to start the

information security major as well as the higher vocational

colleges. Domestic universities such as Wuhan University, Bei-

jing University of Posts and Telecommunications, Shanghai

Jiao Tong University have set information security major early

and constructed large-scale labs of information security. In

addition, each university or college who has opened informa-

tion security major, combined with their own characteristics,

put forward the suitable construction ideas for the laboratory

construction; however, there are still some limitations and defi-

ciencies.

Firstly, Many network and information security laboratories

are reconstructed from the original network engineering labs,

which are lacking special security experimental equipments and

unable to complete professional experimental courses.

Secondly, at the beginning of the construction, only the sim-

ple experimental teaching process is considered, which leads to

the students’ little knowledge about the experiments. Besides

that, because of the lack of communication between the stu-

dents and the teachers, students learn passively, and the inspira-

tion of innovative consciousness that the teachers give to the

students is not enough. This will affect the students’ ability to

solve problems independently

Thirdly, the laboratory of Information security serves for a

single object without its own hardware advantages, which can’t

provide the requirements of local extended service and scien-

tific research requirement of the teachers.

Therefore, building a network and information security labo-

ratory combined with scientific research, teaching and service

will play an important role in the development of information

security technology as well as the training. It also provides

security evaluation, authentication and extension services for

local governments, institutions and enterprises.

Function Requirements for Information Security

Laboratory

On the one hand, we should pay attention to the related fore-

front research, intensive technologies and hot application in

information security field; on the other hand, it is needed to

build information security engineering practice environment to

cultivate comprehensive information security talents. Engineer-

ing application of information security is strong; therefore, we

should focus on authenticity of the experimental environment

and design comprehensive experiments to cultivate security

sense of the students (Aboutab, 2006). The following three

aspects of services are supported by the lab:

Firstly, it is research-oriented. It will provide good experi-

mental environment for scientific research and validation in-

cluding the basic theory, security frame, security mechanisms,

security technologies and other aspects.

Secondly, it is teaching-oriented. The lab will help the stu-

dents to improve their practice activity. In the information se-

curity laboratory, the students could carry out security experi-

ments in different levels and different directions.

Thirdly, it will support extension services. It will support so-

cialization training services for information security majors.

The two talents cultivation modes including “school education”

and “vocational training” need to be combined; the two modes

of “teaching in class” and the “online learning” also need to be

combined. It also provides multi-level training and certification

mechanisms of universal and specific complementary levels; it

also supports safety training services and products promotion.

Through the combination with well-known security vendors, it

provides training and certification of security products to meet

the needs of enterprise users; it also supports testing function

for network devices and security devices; it supports testing and

validation services for large network, and also it provides secu-

rity test and eva luation on the c ommercia l n e tw o rk.

Requirements for Network and Information

Security Laboratory

The construction of information security lab involves many

new technologies. As a fully functional network security lab, it

is able to simulate real environment as much as possible. At the

same time, we should deduce the cost of devices to achieve

high-yield with low-input. The lab will provide the students

with the same work environment as they work after graduation.

Based on the above considerations, the following principles

(O’Leary, 2006) should be confirmed:

1) Practical, easy to use and apply.

The security devices used in lab should have strong practica-

bility. We should adopt mainstream security devices and soft-

ware in the market, combine with the mainstream command

line configuration so that the students can experience and learn

a variety of network attack and defense techniques in real work

environment, which guarantees that what skills they have

learned can be fully applied in the work after they graduated.

Besides that, the convenience of teaching in the lab needs to be

taken into full consideration. It should be easy to use for the

teachers and students. The opening management system is

adopted for unified management. The system provides different

users including students, teachers and administrators access to

the lab by the network, which makes it possible that the users

can do experiments remotely. This will improve the utilization

rate of the lab, and the teachers and students can carry out ex-

periments and communicate in their spare time.

2) The technology should be advanced, function of the lab

should be comprehensive and devices should be compatible and

scalable.

Firstly, with the rapid development of the network security

technologies, the equipments and management systems in the

lab should be updated timely to adapt to the development of the

technologies. So, the lab should have good compatibility and

scalability at the beginning of lab construction. When the new

technologies appear, the hardware and software can be up-

graded, and the new equipments can be used in the laboratory.

The lab will provide devices including firewall, IDS/IPS, VPN,

anti-virus, anti-spyware, high security, hacking, encryption and

decryption, and other security devices and software etc, which

will provide a more comprehensive network security learning

platform for us.

Secondly, the network information security technologies are

L. ZHU ET AL.

408

training and teaching, which includes platform, LED screen

announcement area, blackboard, projection area and hexagonal

tables. The training room will meet the need of eight-group

students to do experiments at the same time. Each group has six

computers. The working area is provided for laboratory admi-

nistrator and teachers. There are four sets of work tables and

chairs for teachers. The equipment area is used for placing ex-

perimental equipments, including network cabinets, server

cabinets and UPS equipment area etc. The network cabinet area

is designed for placing various security equipments and net-

work switching equipments; the server cabinet area is designed

for placing required servers; the UPS equipment area is used for

placing UPS host and UPS battery.

constructed based on the network protocol. Current IPv4 net-

work is transiting to the next generation network which sup-

ports IPv6 protocol. In addition to providing nearly infinite

IPv6 addresses, security of IPv6 is also greatly improved.

Therefore, we should fully take the compatibility of the IPv6

protocol into account in the future. The laboratory design will

consider future employment demand for the students. So the

availability and extension should be taken into account.

3) It will provide services for objects with different levels.

The related courses of information security are covered with

wide range of content. The students of different levels and dif-

ferent majors need to master different theory and technologies.

This requires that the lab not only provides experimental teach-

ing environment for the teachers and students in our college but

also provides network security vocational training for the whole

community. Besides that, the lab will also provide security

evaluation, authentication and extension services for local gov-

ernments, institutions and enterprises (Yang, Yue, & Liaw,

2004).

The functions provided by the lab include training, teaching,

security evaluation authentication and extension services for the

local governments, institutions and enterprises.

Training & Teaching Platform

The topology of the information security lab is described in

Figure 2.

A Construction Scheme for Information Security

Laboratory Each terminal group connects to the central switch by

anti-virus system, intrusion defense system and firewall, and

eventually connects to the machine Cabinet Server. Each group

corresponds to a cabinet server, which uses virtual machine to

simulate various servers (such as: patch Server, WEB server

and virus server) that act as target area. The work area of

teacher can use a projector, security audit system and log audit

system to display students’ behavior of attack target area. Each

Function S tructure

The function structure of the lab is shown as Figure 1.

The information security lab is divided into three regions:

training room, work area and the equipment area. Each area is

separated by toughened glass. The training room is used for

Figure 1.

Structure of the lab.

L. ZHU ET AL.

Figure 2.

Topology of the information security lab.

of the two groups students share an intrusion prevention sys-

tem. The security devices are put in six cabinets as Figure 3.

Experimental Modules of Training & Teaching

The content division of information security experiments is

shown in Table 1.

Security Evaluation, Authentication and

Extension Services

The center of information security evaluation as is shown in

Figure 4 has owned advanced information security vulnerabi-

lity analysis resources, and evaluation equipments; the func-

tions provided by the center include: basic research on vulner-

ability, product security vulnerability detection, system hidden

analysis and testing equipments; in accordance with national

laws and regulations, it can provide technical support to coun-

tries in information security area. It also provides the commu-

nity with public services, information technology products and

security vulnerabilities analysis of the systems and communica-

tions. The information security center is responsible for infor-

mation network of the party, security risk evaluations of im-

portant information system; developing information technology

products, security test and evaluation of systems and engineer-

ing construction; theoretical study on information security test-

ing and evaluation, technology development, standards deve-

lopment and so on.

It also provides product testing, evaluation and certification

services for computer information system of the party and gov-

ernment organs in Wenzhou and Zhejiang areas. It accepts

delegates of government departments and industry, and pro-

vides testing services of products, engineering and services.

The security evaluation services include security evaluation

testing, security system counseling, security system building,

security program reorganization, host evaluation, business sys-

tems testing, network architecture evaluation, data security

evaluation, security consolidation, emergency response and

security patrol. During the devlopment of technical system e

L. ZHU ET AL.

Figure 3.

Cabinets of security devices.

Table 1.

Experiment modules.

The experiment modules Experiment projects

Security ac cess control tec hnology Deployment experi ment, routi ng experiment, NAT experiments, firewa l l and IDS e x periment, logging syst em

experiment

Security technology (VPN) VPN deploy ment, IPSEC VPN, SSL VPN, Ga t e way to gate way tunnel c o nfigurat io n, the cli ent to the gateway tunnel

experiment

Detection a nd defense te chnologies Trojan detection and defense, ove r flow detection and defense experime nt al, denial of service and defense

detection, sy stem vulnerabilities category detect ion and defense, worms detection and defense, HTTP detection

and defense

Virus protection technology Feature code testing, calibration and dete ction of the virus behav i or , virus a nd malware virus

Vulnerability analysis tec hnology CGI vulnerab ility ana l ysis, the buffer overflow analysis, denial of ser vice analysis , b ackdoor v u lnerabi lity analysi s ,

and protocol vulnerability analysis

Security audit technology Behavior audit analysis, log analysis, d atabase audit analysis, equipment and s ystem audit a nalysis

Terminal security technology Software patches and system distributi ng technology, terminal behavior management technology, illegal inline

management technology, il legal connection management, experimental re mote management and ter minal

security access

Attack and d efense technology Scanning technology, sniffer and Anti-sniffer technology, WEB attack and defense technology, the buffer overflow

attack and protection, network spoofing attack and defense, DDOS attack and defense and password cracking

410

L. ZHU ET AL.

construction, the network security, host security, application

security, and data security need to be considered. The techno-

logy tools include terminal security management system, net-

work anti-virus software, vulnerability scanning system, secu-

rity audit system, access control system, firewall, antivirus

gateway, intrusion prevention systems, and VPN systems. The

security manageme nt sy ste m includes sa fety ma nage ment rul es,

security management institute, personnel security management,

system construction management and operation and mainte-

nance management etc.

The information security evaluation service modules are

shown as Table 2.

Conclusion

Information security education is a kind of engineering culture

education. In this paper, the function and practice requirements

of an information security lab are analyzed. The scheme of an

information security laboratory is proposed. The lab provides

not only services for teaching and training, but also security

evaluation, authentication and extension services for local gov-

ernments, institutions and enterprises. Our teaching and training

practice shows that the scheme of such information security

laboratory proposed in this paper is effective and reaso n a ble．

Acknowledgements

This work was supported by a grant from Zhejiang province

college lab research project: Research on construction trinity of

network and information security lab (Grant NO. Y201236) and

teaching reform project of Wenzhou University in 2012: Con-

struction on innovation practice teaching system of Network

Figure 4.

Topology of information secur ity evaluation center.

Table 2.

Modules of information security evaluation service.

Project name Service content Service object

Device performance and attack-defense

detection eva luation Device performance and attack-defense detection technology

experiments Ent erprise, security product manufacturer

Security evaluation project Security evaluation and evaluation, classified protection

evaluation service Government, Enterprise, financial and

energy enterprises

Company qualification certification Company se curity service engineering aptitude i ntelligence and

company eme rgency response aptitude intelligence The enterprise s engaged in information

security

Personnel q ualificati on certification CIW, CISP and CISSP Government and perso nnel staff of

information construction in enterprises

and institutions

Security tra in ing cert if i cation CIW, CISP and CISSP Government and personnel staf f o f

information construction in enterprises

and institutions

L. ZHU ET AL.

and information security (Grant NO. 12JG68B).

REFERENCES

Aboutabl, M. S. (2006). The CyberDefense laboratory: A framework

for information security education. Proceedings of the 2006 IEEE

Workshop on Information Assurance, Phoe nix , 10-12 April 2006.

doi:10.1109/IAW.2006.1652077

Gu, N. J., & Huang, L. S. (2006). Exploration on information security

professional curriculum. Journal of Beijing Electronic Science &

Technology Institute, 14, 13.

O’Leary, M. (2006). A laboratory based capstone course in computer

security for undergraduates. SIGCSE’06(ACM), Houston, 1-5 March

2006.

Wang, H. H., Tan, Y. S., & Huang, W. Z. (2006). Discussion on infor-

mation security professional talent training mode. Journal of Wuhan

Institute of Chemical Technology, 28, 56-59.

Yang, T. A., Yue, K.-B., & Liaw, M. et al. (2004). Design of a distrib-

uted computer security lab. Journal of Computing Sciences in Col-

leges, 20, 332-346.

Zhang, H. G., Huang, C. H., & Liu, Y. Z. (2004). Talent training and

course system of Information security profession. High Science Edu-

cation, 2, 16-20.

412