The interest in developing and employing new technologies has increased in recent years, even more, with the high accessibility to Internet resources and services, seen as Anything as a Service (XaaS) [1
]. The daily life of many people is evolving to use digital resources from remote locations and considering the ubiquity of users. There is a need for training professionals in many areas of the society, such as e-Health [2
], marketing for sales [3
], or distance teaching/learning [4
], among other areas.
In the field of education, the learning–teaching process can be supported by the laboratory as a service approach [5
]. These kinds of learning/teaching resources become even more relevant with distance education methodologies, as the National University of Distance Education in Spain is (named in Spanish as UNED), since students do not interact face to face in the classroom. Practical activities at a distance are essential to satisfy the corresponding competences and learning’s objectives of this methodology.
The primary topic of this work is the distance education of cybersecurity. In this case, the learning process of students has additional challenges, such as keeping the interest of students and minimizing drop-outs. It is also very relevant to have a fluent virtual communication among students and with lecturers. This fact eases their guidance to achieve the competences and abilities defined in the curricula, as well as using the proposed resources into the online learning platforms. Our future Engineers, specialized in cybersecurity, must be able to address the possible technological threats on the Internet, not only in a theoretical way but also in a practical way [6
]. In addition to this, a set of useful tools for increasing the motivation and interest in cybersecurity can be found in [9
]. They employ games and competitions based on the capture-the-flag (CTF) approach to keep students engaged with the learning process and improving qualifications at the same time.
In this sense, this work proposes and evaluates exhaustively a new Virtual Remote Laboratory (named ViRe-Lab) for the cybersecurity topic, hosted in the cloud employing virtualization technologies. The proposed laboratory, in which a set of practical activities can be defined, is built over the EVE-NG technology (Emulated Virtual Environment – Next Generation [12
]). Lecturers are able to define emulated and very realistic laboratories on remote with minimum configuration requirements [13
]. The results obtained from the assessment of the laboratory are divided in several parts, in terms of interactions with the laboratory, satisfaction of use it, and the students’ acceptance of the technology.
The proposed laboratory will be used in the “Cibersecurity in Information Systems” (CIS) subject (in Spanish, “Seguridad en los Sistemas de Información”
). Employing the online platform of UNED, named aLF (active Learning Framework) [14
], the contact between the teaching team and the students can be continuous, as well as the interrelation between the students themselves (asynchronous forums). The UNED University also manages a significant amount of centers, and extension centers in small towns which are distributed throughout the Spanish geography and other countries in Europe, Africa, Asia, and America. They are more than 300 centers, where students can optionally attend face-to-face classes, so the UNED methodology is blended, but only for degree subjects. However, the CIS subject belongs to a post-degree in Computer Science Engineering. The proposed practical activities are carried out entirely on distance.
It is also necessary (in distance education) that the resources offered to students are accessible and with a high quality. Therefore, the proposed remote laboratories must support a quality of service without expecting fails or delays and problems of access. In this sense, the acceptance of this technology must also be considered. It is necessary to have some acceptance and use theory for technology, such as UTAUT [15
]. This is a very suitable model to analyze the intention to use the technology, and analyzing their benefits and drawbacks, but also taking into account the students’ behaviors. According to this, there are a set of elements to be elicited to obtain useful psychological factors. Another useful model to create and validate the user’s intentions to employ a new technology is TAM (Technology Acceptance Model) [16
], as well as many variations and extensions [17
]. In recent years, some research works have proposed mixed and integrated UTAUT/TAM models, such as [4
], considering the advantages of both of them.
Therefore, the concrete contributions of this work are: (1) the creation of a virtual remote laboratory, ViRe-Lab, which allows lecturers to create emulated realistic scenarios in the cloud without configuration requirements for the students;(2) the integration of the laboratory within the curricula of a post-degree subject about cybersecurity; (3) the analysis of the students’ traceability to observe their interactions with the technology; (4) studying the grade of satisfaction considering a set of psychological factors, when students interact with the laboratory; and (5) analyzing the acceptance of the laboratory to be used it for other Engineering contexts. Two structural equation models have been hypothesized and validated for our proposed laboratory. These equation models follow the guidelines provided by the UTAUT/TAM model. A set of statistical values have also been calculated to measure if the second proposed model is valid and within the expected ranges of reliability, according to the examined literature.
This manuscript is structured as follows. Section 2
presents the state-of-the-art and a summary of previous works on remote virtual laboratories, some of them oriented to cybersecurity. After that, Section 3
describes the educational context, and presents our starting hypotheses of the study presented in this work. Section 4
presents the implemented remote virtual laboratory for cybersecurity, and a practical activity integrated in a cybersecurity subject. The obtained results from the experience with students based on the proposed laboratory are presented in Section 5
. Finally, conclusions and further work are given in Section 6
2. State of the Art
When managing an Infrastructure as a Service (IaaS), it is essential to perform an efficient use of the available resources attending the previously established service level agreements and operation level agreements (SLAs/OLAs). In [20
], the employed infrastructure to provide services to costumers is optimized from both the point of view of resource provisioning in the cloud, as well as the satisfaction of costumers. In practice, authors propose a hiring resource model for providers by considering several parameters, such as SLAs, resource allocation, satisfaction, and costs, in order to maximize revenues. Simulation results obtained with CloudSim highlight the revenue optimization and customer satisfaction.
Within the Internet-of-Things (IoT) topic, some proposals have also taken into account the aspect of security in different IoT layers: sensors and smart devices, distributed edge computation, and the network communication in the cloud. An example is [21
], in which a security IoT framework for organizations is proposed considering the three mentioned layers. Cybersecurity is also very relevant at the level of protocols and algorithms. For instance, in [22
], a secure authentication protocol for Radio Frequency Identification (RFID) systems is proposed and analyzed. Another example of managing technologies in an efficient way can be found in [23
]. In here, authors proposed the SensGrid simulation toolkit for experimentation in the field of Wireless Sensor Networks (WSNs) with Grid computation for the resource allocation.
Focusing on the educative laboratories, higher institutions and universities nowadays have the need of providing students with physical equipment from a remote location for training in practical skills, and gaining professional abilities within the field of Engineering, as well as emulated scenarios. Another approach would be the use of immersive virtual reality [24
]. When a distance methodology is used, as in the case of UNED, it is very relevant to integrate virtual remote laboratories, seen as additional resources, into the curricula of Engineering subjects, such as the cybersecurity topic. Remote equipment or laboratories can be seen as several hardware and software elements, which work together to provide a set of functionalities. They can be seen as individual resources or a set of services. The laboratory itself is located in a different physical location than laboratory users. These users can use it for some reason, such as educational purposes. A variety of remote labs have been defined and created for several fields throughout the last years. Some proposals are [25
]. An Internet connection is only needed to access the remote laboratory.
Distance laboratories (remote or virtual) are used in different educational areas. Related to renewable energies in the context of distance education, low-cost remote laboratories have been developed in recent years [28
]. The concept of deconstruction of laboratories was introduced, in which a remote laboratory is made up of many services. From the client perspective, all services or a subset of them can be used to adapt the learning process to students. This approach is known as LaaS (Laboratory as a Service) [5
]. The work was conducted in the context of the MUREE project [29
]. Each component is used as a web service, which can be hardware or software. It is possible that the hardware can only be used in an active way by one single user at a time, hence it is necessary to implement control protocols for these hardware elements.
Remote laboratories can be managed by resources to keep the quality of online teaching in Engineering courses [31
]. Another relevant work is [32
], where the evolution of a set of learning laboratories is presented for the learning process of distributed network services and cybersecurity, to improve the students’ grades and minimizing drop outs into distance courses [33
]. Another recent work [4
] pays attention to the development and assessment of remote laboratories for renewable energies. It validates the successful integration of remote laboratories by defining a structural equation model. Authors conclude that these kinds of laboratories are useful to improve the quality of virtual courses at a distance.
As a complement of a remote laboratory, the concept of virtual laboratory appears. This way, only software elements compose the laboratory. Virtual laboratories can be used for emulating physical laboratories or adding new features to remote laboratories through their software components, as an alternative or for reinforcing their use. [34
] proposes a virtual laboratory to configure and evaluate network services automatically. Each student had to configure his/her network server with a set of services (DHCP, DNS …) and, later, the virtual lab was able to detail the configuration problems of these network services. In this sense, the virtualization paradigm [35
] has additional benefits for the dynamic creation of virtual laboratories. In general terms, time and processing resources are usually consumed more effectively and efficiently by the technical staff when using this kind of technologies. Some efforts have already performed in the context of laboratory virtualization with a distance methodology at UNED [38
As a further step, virtualization and cloud paradigms are merged here for dynamically providing students with useful emulated environments The current work for the creation of the remote virtual laboratory and its dynamic scenarios for practical activities is an exhaustive extension of [13
]. This way students can acquire practical Engineering skills in a context in which no physical interactions occur among students. Students develop critical assets for their professional careers such as practical experience and autonomous work. Closely related to the creation of virtual laboratories to help teachers in schools and other institutions was the Go-Lab project [39
], in which UNED was also involved. These types of virtualized laboratories contribute to the sustainability of university education on distance [40
]. This fact has much impact at UNED, where the number of users in virtual courses could be massive.
As an additional step, we analyze the students’ learning experiences. Several SEMs (Structural Equation Model), have also been defined and validated statistically by using the students’ opinions. To define our SEMs, we have based our findings out in the UTAUT methodology [15
]. There are other many kinds of models, but the UTAUT model is nowadays one of the most popular, as already justified in previous works for the field of Engineering, one of the most recent ones is [4
]. Another interesting research work using UTAUT models for the field of health care technology can be found in [19
4. Emulating Virtual Remote Laboratories in the Cloud
Our emulated virtual remote laboratory, ViRe-Lab, has been implemented taking as a basis the Emulated Virtual Environment - Next Generation (EVE-NG) [12
] technology. The principal characteristics of the EVE-NG core are the efficient management of the EVE-NG core, the dynamic and graphic creation of the network topology, a straightforward definition of laboratories and configuration files in the cloud, local memory optimization, responsive client-interfaces, the possibility of integrating real and virtual devices, and the simultaneous laboratory instantiating, among others. The concepts of virtualization and cloud provision fit this approach.
4.1. Creation of the EVE-NG Virtual Environment
In order to create and deploy emulated virtual scenarios with EVE-NG, which are hosted in the cloud, it is necessary to follow a set of phases: (1) Obtaining the virtualization software and remote connection tools; (2) Creation of the emulated virtual environment; (3) Updating access permissions; (4) Adding the required virtual resources to the emulated environment; (5) Starting the EVE-NG core and deploying an automatic setup script; and (6) Defining practical scenarios for the corresponding subjects. Details about these points are the following:
Obtaining the virtualization software and remote connection tools. The virtualization software can be based on Virtual Box, VMware, Docker containers, or a similar virtualization technology. Additionally, remote connection tools will be useful to graphically access the virtualization resources located in the EVE-NG environment, such as Telnet, VNS, among others. These tools have to be installed into the network infrastructure where hosted the virtualized EVE-NG environment.
Creation of the emulated virtual environment with EVE-NG. It is necessary to download and install the virtualized EVE-NG core within the network infrastructure as the principal virtual resource, which controls all resources. For instance, virtualization could be based on a VMWare ESXi server.
Updating access and configuration permissions. All the access permissions to the network interfaces have to be specified according to the pre-established access policy. The same happens with the interface configuration files. These permissions can be updated later.
Adding the required virtual resources to the EVE-NG environment. The desired images and VMs for emulating the different devices of the network scenarios have to be incorporated to the virtualization server. This fact depends on the concrete scenarios defined for the practical activities of the subjects. The set of available resources can dynamically be updated later.
Starting the EVE-NG core and deploying an automatic setup script. Once the emulated EVE-NG environment is created, this platform has to be restarted with a concrete configuration, as well as a set of scripting lines to automatically re-init system correctly when it fails, turns off, etc. With this technology, real and emulated devices can be mixed at the same time.
Defining practical scenarios for the corresponding subjects. A set of sample scenarios have to be defined and tested prior to deployment for production purposes. As an example, Figure 1
represents a part of a virtual laboratory with a network facility defined in ViRe-Lab for audit purposes. In particular, there is an access point for the auditor, another machine with a set of audit tools (available in a Kali Linux distribution), and a local router connected to the access point and Kali. Prior to enter the laboratory, but not shown here, the user finds information about the own working laboratory and some guidelines about the practical activity.
4.2. The Purpose and Access of the Laboratory
The principal purpose of the proposed virtual remote laboratory, ViRe-Lab, is to develop practical activities in the context of Engineering, like the cybersecurity topic. The registration screen is shown in Figure 2
. Our virtual remote laboratory, ViRe-Lab, allows the user’s interaction with the devices of a network facility defined by the lecturer. A student may use all nodes and routes as real equipment, depending on the permissions provided by lecturers during the preparation of the practical activity.
A session and booking layer is incorporated and integrated into the core of EVE-NG, to control the user access to ViRe-Lab, in terms of available resources. The Algorithm 1 shows the procedure to control the access to ViRe-Lab that includes a session calendar. Each student can book a free session by choosing one or several days and hours from the calendar. A specific account is needed to enter the platform. ViRe-Lab incorporates a scheduler to allow several students in the laboratory. However, only a user at the same time has access with an active role.
|Algorithm 1 Access Control and Booking Algorithm for ViRe-Lab.|
| procedure Laboratory Access and Booking (UserData, booking)|
| Calendar ← Data structure with free and busy slots of time|
| if ((booking)&&(AvailableSlot(Calendar)) then|
| BookingSession(UserData, Calendar)|
| message(“Booked a selected and free session in the calendar.”)|
| return True|
| if (!BookedSlot(UserData, Calendar)) then|
| message(“There is not a booked slot session for the user at the moment. Yo can do it.”)|
| return False|
| Resources ← List of available virtual resources|
| if (!AvailableResources(Resources)) then|
| message(“There is not available resources at the moment. Try it later, please.”)|
| return False|
| UserResources ← List of booked virtual resources for this user|
| CheckingConfigurations(UserData, UserResources)|
| RunVirtualLab(UserData, UserResources)|
| message(“Setting up the laboratory for user access.”)|
| return True|
As observed in Algorithm 1, in case the student desires to access directly to the laboratory, the system would check if he/she had a booked session. Also, ViRe-Lab examines if there are available virtualization resources for the current session. If so, it assigns the session a set of virtual resources, checks the correctness of all configuration files, and deploys a virtual network defined by software. Finally, the student enters the system for performing practical activity. Additionally, he/she has the possibility of checking his/her pending and completed sessions. Each session lasts up to 55 min.
4.3. Practical Activity
The presented case of study is related to the practical activity proposed by the CIS subject to be developed with ViRe-Lab since this is integrated into the on-line course as an additional resource. It is composed of a set of objectives, which correspond to the competences, learning results, and contents of the subject. These objectives are detailed next in a descriptive and incremental way, depending on the skills achieved by the student during the course:
Analyzing the context of the company in a non-intrusive way
. The search for non-intrusive information focuses on obtaining as much information as possible from the company system with no knowledge of the organization’s internal structure. Students must avoid techniques that are considered intrusive (to be used in the following steps). Therefore, a student will be take the role of a penetration tester (pentester) recruited by a fictional company, named Disaster Corporation
. As initial tasks, he/she can visit the company portal and obtain information about the network facility of the company The student can access the system through an unique access point in the cloud, as shown in Figure 3
. He/she will not know any details about facility of the company.
Discovering the network structure of the company in both a non-intrusive and intrusive ways
. Some initial tools can be employed by students to discover information about the network system: (1) the nslookup
tool, in order to make queries to the DNS servers, so obtaining information about a possible target; and (2) the ping
tool, in order to find out accessible and non-accessible IP addresses. It is worth mentioning the traceroute
tool that allows detecting the route followed on the Internet to reach an IP address [44
]. In addition to this. The first intrusive step will be to locate those computers that are turned on and connected to the network (devices, ports, and services) with the nmap
]. We can find out which network we are connected to by using the ifconfig
(Linux) or ipconfig
(Windows) command. As observed in Figure 4
, the company network of the practical activity is composed of five devices (from 192.168.56.1 to 192.168.56.5). The network IP (192.168.56.0) was found out with both the nslookup
Finding out weak access points (open ports) in the network structure of the company. After knowing which devices are active into the network, it is interesting to find out possible access points to those computers. Therefore, the student must pay attention of the existing open ports. In the previous step, the devices of the network were discovered. It is now necessary to scan one-by-one with the nmap tool, instead of scanning the whole network, in order to discover the active ports of each of them. This will allow us to work faster, since our all information about our own devices is already in our own.
Discovering active services using the detected the access points (or devices)
. The next step is to determine which services are running associated with each port. At this point, if we found a machine with all ports closed, we would ignore it, prior to do a more exhaustive scan. In particular, the open ports and associated services belonging to a set of network devices are shown in Figure 5
. From this analysis, we obtain additional information to verify existing vulnerabilities into the network facility of the company.
Achieving all the possible information about possible targets
. It is also needed to obtain more detailed information about each device of the company, which is a possible attack target, such as operating system, users, computer names and any information we may locate. It is also possible to perform this enumeration with the nmap
tool. This command option usually takes time and generates large amounts of traffic. It also produces extensive output information. As an example, all information about the ssh
service (open port 22), the operating system located in the host, keys, version of protocol, etc., is shown in Figure 6
Identifying and reporting vulnerabilities. From the previous findings, the student will have to identify the most relevant vulnerabilities found in the network system, and to make a report about these and how to solve them. Therefore, the cybersecurity policy of the company will be updated.
Exploiting vulnerabilities. From the information collected in the report, the student must check the redefined cybersecurity policy with the role of a pentester. This will allow us to detect which system vulnerabilities can be exploited and to implement some known exploit to see if it is possible to find an attack in the system.
6. Conclusions and Future Works
Nowadays, there is a huge increment for the employment of new technologies, since the way of and living working nowadays has become digital. The education context is not an exception in this sense; even more, in practical topics for the field of Engineering. This fact is more noticeable when a distance methodology is used during the learning/teaching process of students. UNED is the biggest University in Spain, and it includes a distance methodology in virtual courses. In many subjects, there are also periodically physical and/or virtual classes.
In this digital era, new threats and vulnerabilities appear, so cybersecurity competences and abilities have to be acquired by students. In this sense, this paper has shown the fundamentals of our emulated virtual remote laboratory in the cloud (named, ViRe-Lab), which has been used for a cybersecurity subject, CIS, belonging to Engineering studies. Technical requirements about the implementation, development and integration of this laboratory are detailed in the paper; in addition to how it has been integrated in the students’ learning/teaching process. The ViRe-Lab can be considered as a another integrated resource within the virtual platform.
On the other hand, the students’ interactions with the ViRe-Lab had also been previously analyzed to detect their behaviour by concluding they interact with the laboratory in a suitable way. In addition to this, a set of perceived factors (usefulness, estimated effort, social influence, attitude, ease of access intention of use) which may affect the process of students’ learning/teaching are studied from the point of view of their satisfaction with the ViRe-Lab. The satisfaction values are outstanding since the mean values of these factors are mostly higher than four points out of five. Additionally, these factors are analyzed for students’ acceptance in case of using ViRe-Lab in other Engineering subjects.
Furthermore, two structural equation models, based on TAM/UTAUT, have statistically been hypothesized and validated. From the confirmatory analysis of the improved second, it can be concluded that the students’ perceived usefulness influences their positive attitude toward the ViRe-Lab. The students’ attitudes affect their intention of using the ViRe-Lab in a very strong way, and their perceived usefulness also influences the intention of using the ViRe-Lab immediately. The students’ ease of access slightly influences their attitude. Additionally, the calculated statistical values for the improved SEM are within the expected ranges of reliability, with the X2 parameters being equal to 0.6, the relation among X2 and DF equal to 0.3, both GFI and CIF values equal to 0.985, and RMSEA very near zero.
As a future direction, we are working towards an extended approach to developing physical device remote solutions. These approaches will have advantages of the real world, i.e., the remote laboratory and all the advantages of efficient virtualization presented in this work. Therefore, there will be a laboratory of real things and micro-services, where dynamic resource provisioning and fault-tolerance features are considered. Even serious games can be employed as a complementary way.
It will be essential to define specific learning processes and monitor them to undertake projects based on IoT infrastructures in the context of learning analytics. This way, students can achieve a set of skills ranging from devices and sensors, their communication IoT protocols, the storage management, and the processing environments in the cloud for the data generated by sensors. Students must use components and layers (hardware/software) that are deployed in these types of solutions, so the learning process must incorporate the use of technological tools similar to those that will be found in these IoT environments and domains. Our research efforts will be to develop, deploy, and evaluate this technology related to cybersecurity, cloud computing, and IoT infrastructures and services topics.