Teaching Application of Online Virtual Simulation Network Penetration Attack and Defense Platform †
School of Cyberspace Security, Changzhou College of Information Technology, Changzhou 213164, China
*
Author to whom correspondence should be addressed.
†
Presented at the 9th Eurasian Conference on Educational Innovation 2026 (ECEI 2026), Da Nang City, Vietnam, 30 January–2 February 2026.
Eng. Proc. 2026, 141(1), 1005; https://doi.org/10.3390/engproc2026141005
Published: 4 June 2026
Abstract
To address the Issues of high-cost and rigid scenarios in traditional network penetration teaching, we explored an online virtual simulation platform to develop a scenario-driven and task-oriented teaching model. A comparative experiment was conducted to evaluate the differences between the virtual simulation approach and traditional physical equipment in terms of teaching efficiency, effectiveness, and cost. The results showed that the platform significantly outperforms the conventional method in experiment preparation efficiency, task completion rate, and skill acquisition speed, demonstrating its feasibility and application value in reforming cybersecurity practical teaching.
1. Introduction
With the advancement of the global digital transformation process, the importance of cultivating cybersecurity talents has become increasingly prominent. Traditional network penetration and defense teaching relies on physical equipment, facing bottlenecks such as high cost and fixed scenarios, making it difficult to meet the training needs of practical talents [1].
At the national level, there is a continuous push for the digitalization strategy in education. In April 2025, the Ministry of Education and eight other departments jointly issued the Opinions on Accelerating the Digitalization of Education, explicitly emphasizing the need to promote the digital transformation of teaching and improve multi-dimensional evaluation mechanisms. This policy provides clear guidance and a development basis for the application of technologies like virtual simulation in cybersecurity practical teaching.
Online virtual simulation network penetration and defense platforms, with their flexibility, are expected to break through the limitations of traditional teaching [2]. However, existing research mostly focuses on the platform technology. Its actual effectiveness in teaching, especially in comparison with traditional modes, and its application in personalized teaching, still lack systematic verification. Therefore, we constructed an online virtual simulation platform, designed a teaching model of scenario-driven, task-oriented, dynamic assessment, collaborative feedback, and evaluated its effectiveness through a controlled experiment, aiming to provide empirical reference for the reform of cybersecurity practical teaching.
2. Platform Architecture
This platform was built based on virtualization technology, software-defined networking, and cloud computing architecture, aiming to provide a safe, controllable, flexible, and scalable comprehensive practical training environment for network penetration and defense teaching [3]. The platform adopts a modular design, where components are highly decoupled yet work synergistically, forming an organically integrated teaching ecosystem. The architecture is shown in Figure 1.
2.1. Virtual Simulation Environment Module
This module constitutes the infrastructure layer of the platform. It utilizes kernel-based virtualization and container technologies to build the underlying resource pool, and employs software-defined networking to achieve dynamic network topology orchestration and intelligent management [4]. This architecture can simulate various scenarios from basic local area networks to cross-regional complex networks, supporting rapid deployment and elastic scaling of experimental environments. Its core innovation lies in the separation of the control plane and data plane, enabling flexible customization of network functions and efficient utilization of resources [5]. The module incorporates full traffic capture and experimental process monitoring functions, providing comprehensive data support for teaching evaluation.
2.2. Offensive and Defensive Practical Task Resource Library
The offensive and defensive practical task resource library constructs a systematic practical training system for network system integration, security hardening, and penetration testing. The network system integration module trains students’ ability to build and maintain complex network architectures. The security hardening module focuses on cultivating students’ skills in implementing defense-in-depth strategies [6]. The penetration testing module trains students in systematic vulnerability discovery and exploitation according to standard testing processes. Tasks in each module adopt a tiered difficulty design, ensuring that students can progressively master various practical skills.
2.3. Teaching Assessment Module
A multi-dimensional evaluation indicator system was built based on big data analysis and rule engine technology. By collecting students’ operational behavior data during the experiment process, the system conducts a quantitative assessment from four dimensions: standardization, completion degree, effectiveness, and innovation. The assessment covers the entire process, including network construction, vulnerability scanning, attack implementation, and defense response, with clear scoring criteria set for each step. This system can not only provide immediate feedback but also generate detailed evaluation reports, providing data support for teaching improvement.
2.4. Profile Analysis Module
This module constructs personalized learning profiles by continuously collecting students’ multi-modal learning data. Using machine learning algorithms, it characterizes students’ learning status from multiple dimensions such as knowledge structure, skill level, and behavioral characteristics, and generates visual ability maps and development trajectories [7]. This module provides a scientific basis for achieving precise teaching intervention and personalized learning guidance, effectively improving teaching quality and learning outcomes.
3. Teaching Model
On the basis of the online virtual simulation network penetration and defense platform, this study constructs a four-in-one teaching model. Through the organic connection of the four links, the deep integration of theoretical teaching and practical training is achieved, comprehensively enhancing students’ practical cybersecurity capabilities.
3.1. Scenario-Driven: Creating an Immersive Learning Environment
The scenario-driven link utilizes the platform’s simulation capabilities to construct learning situations highly similar to real network environments. In scenario design, a progressive complexity adopted increases strategy, gradually transitioning from basic local area networks to complex network architectures such as multi-segment enterprise networks, domain environments, and e-commerce platforms. Each scenario carefully incorporates typical characteristics and common configurations of real network environments, containing necessary technical elements and reflecting the complexity of practical application scenarios [8]. This environment design effectively stimulates students’ learning motivation, helps them deepen theoretical understanding in highly simulated network environments, and systematically cultivates their comprehensive ability to analyze and solve practical problems, thereby laying a solid foundation for subsequent offensive and defensive practical links.
3.2. Task-Oriented: Designing Stepped Modular Practical Tasks
The task-oriented link constructs a three-layer progressive practical system: basic tasks focus on single skill training, such as network scanning; comprehensive tasks require security assessment of complete network architectures; innovative tasks provide open challenges, encouraging technological exploration and tool development [9]. This design incorporates the competition-embedded pedagogy by translating the Capture The Flag competition model into teaching tasks, promoting learning through competition through modular teaching. The virtual experimental environment significantly reduces preparation time, allowing students to obtain experimental results instantly, complete more practical tasks within the same time frame, receive richer skill training, effectively accelerate ability growth and knowledge internalization, and significantly improve learning efficiency.
3.3. Dynamic Assessment: Implementing Whole-Process Learning Diagnosis
The dynamic assessment link establishes a whole-process, multi-dimensional diagnostic mechanism. The automated assessment system conducts detailed tracking of key steps such as network construction, vulnerability scanning, and attack implementation. Each step has quantitative indicators, such as complete target network scanning, discovering all hosts, and ensuring objective and consistent assessment. This mechanism combines formative and summative evaluation organically, providing learning insights for both teachers and students. Teachers can adjust teaching strategies based on diagnostic reports, while students can identify shortcomings through immediate feedback, forming a virtuous cycle of assessment, feedback, improvement, and continuously optimizing learning outcomes.
3.4. Collaborative Feedback: Building Precision Interaction Mechanisms
The collaborative feedback link relies on learning profiles to construct a precise, multi-level interactive system. On the basis of real-time generated profile data, the system achieves three types of precise feedback: personalized task recommendations provide specialized training for skill weaknesses; intelligent team formation optimization builds collaborative groups with complementary advantages; teacher intervention guidance flags student issues requiring special attention. The platform adopts a synchronous-asynchronous dual-track feedback mechanism, providing real-time intelligent guidance and generating personalized analysis reports after experiments [10]. This data-driven collaborative model significantly enhances students’ teamwork and communication skills, promotes the internalization and transfer of knowledge through diversified interactions, and optimizes teaching effectiveness.
4. Experiment and Data Analysis
To evaluate the teaching effectiveness of the online virtual simulation network penetration and defense platform, a rigorous controlled experiment design was adopted, comparing and analyzing the differences between the virtual simulation teaching model and the traditional physical equipment teaching model from multiple dimensions, providing empirical evidence for the reform of cybersecurity practical teaching [11].
4.1. Experiment Design
Pre-tests confirmed that there were no significant differences between the two groups in terms of baseline knowledge, gender ratio, or age distribution. The experiment lasted 11 weeks, totaling 60 class hours. The experimental group, consisting of 31 students, adopted a teaching model based on a virtual simulation platform, while the control group of 32 students followed a traditional physical equipment teaching plan. Both groups were instructed by the same teacher, using the same textbook and syllabus to ensure consistency in teaching content and pace. The experiment included skill modules such as network system integration, security policy configuration, and penetration testing, with typical tasks including network topology design, access control list configuration, firewall policy deployment, system security hardening, vulnerability scanning, and exploitation. At the conclusion of the course, data were collected through skill assessments, project-based practice, and questionnaires to comprehensively evaluate teaching effectiveness.
4.2. Teaching Efficiency Comparative Analysis
Teaching efficiency was evaluated in terms of experimental environment preparation time, number of experiments completed, and error recovery time. A comparison of teaching efficiency is shown in Table 1. The experimental group significantly outperformed the control group across all metrics: the average experimental environment preparation time was only 2.8 min, an 88.9% improvement compared to the control group. The number of experiments completed per unit time reached 5.1 per hour, representing a 112.5% improvement. Error recovery time was reduced to only 1.2 min, reflecting a 93.5% improvement. In complex scenario construction, the experimental group required just 5.8 min, an 86.4% improvement compared to the control group’s 42.7 min. The virtual simulation platform significantly alleviated the cumbersome debugging issues associated with physical equipment, enabling students to engage in more extensive practical exploration within limited class hours and greatly enhancing both learning efficiency and effectiveness.
4.3. Teaching Effectiveness
Teaching effectiveness was evaluated through three dimensions: skill assessment, project quality, and innovation capability. The experimental group achieved an average score of 96 points in the skill assessment, a 21.5% improvement compared to the control group; the excellent rate in comprehensive projects was 60.5%, a 97.4% improvement; and the number of innovative technology applications was 3.4 times per person, a 112.5% improvement. The comparative data on teaching effectiveness are shown in Table 2. In terms of knowledge retention, the experimental group reached 83.7%, significantly higher than the control group’s 69.4%. Personalized guidance based on learning profiles resulted in a weak skill improvement speed 2.3 times that of the control group, with a diagnostic accuracy rate of 88.5%. These data indicate that the virtual simulation platform has significant advantages in promoting deep learning and ability construction.
4.4. Ability Growth Trajectory
Through continuous tracking of comprehensive competency indicators based on virtual simulation task completion, we observed a significant divergence in capability development trajectories between the two student groups. As shown in Figure 2, the experimental group demonstrated markedly accelerated growth from Week 1.3, with a consistently widening performance gap. By Week 2, the experimental group’s competency score had already reached 58 points compared to the control group’s 46. The gap widened further by Week 4, with scores of 83 versus 62. At Week 6, the experimental group surpassed the 90-point excellence threshold, achieving 92 points while the control group remained at 73. Ultimately, the experimental group stabilized at a plateau of 96 points, maintaining a 17-point lead over the control group’s 79. This consistently diverging trajectory demonstrates that the virtual simulation platform, through its rich scenario design and instant feedback mechanisms, effectively supports systematic development and accelerates the enhancement of students’ practical competence and innovative thinking.
4.5. Teaching Cost Comparative Analysis
Teaching costs were analyzed from two dimensions: equipment investment and maintenance costs. In terms of equipment investment, the experimental group needed to deploy a dedicated virtualized server cluster, with an initial investment of approximately USD 26,000. The control group needed to purchase dedicated physical equipment, with a total investment of USD 196,000. In terms of maintenance costs, the experimental group utilized snapshot restoration, requiring only minutes for environment reset, with total maintenance time per semester controlled within 1 h, whereas the control group relied on manual maintenance, requiring 5 h. Calculation results showed that the overall teaching cost of the experimental group was about 30% of that of the control group, demonstrating significant economic benefits and providing an economically viable path for institutions, especially those with limited resources, to conduct high-quality cybersecurity practical teaching.
5. Conclusions
By constructing and systematically validating the scenario-driven, task-oriented, dynamic assessment, collaborative feedback teaching model, the significant value of the online virtual simulation platform in cybersecurity practical teaching was assessed. The developed model overcomes the bottlenecks of cost, scenario limitations, and efficiency challenges inherent in traditional experimental teaching. It not only significantly enhances students’ depth of technical mastery and practical innovation abilities but also provides an economically sustainable pathway for institutions with limited resources to deliver high-quality, large-scale cybersecurity talent cultivation.
It is necessary to explore how virtual simulation can be deeply integrated with intelligent teaching methods to create more adaptive and guidance-oriented instructional systems. In addition, systematic research on hybrid teaching models is necessary to combine virtual and real elements to build a more flexible and scalable cybersecurity training framework. The results can be used for improvements in the quality and efficiency of cybersecurity talent cultivation, ensuring stronger alignment with national cybersecurity strategic priorities.
Author Contributions
Conceptualization, J.L.; methodology, J.L.; software, J.L.; validation, J.C.; formal analysis, J.C.; investigation, J.C.; resources, J.L.; data curation, J.C.; writing—original draft preparation, J.L.; writing—review and editing, M.W.; visualization, J.L.; supervision, M.W.; project administration, M.W.; funding acquisition, M.W. All authors have read and agreed to the published version of the manuscript.
Funding
This research is partially supported by Teaching Reform Project of Changzhou College of Information Technology: Construction and Practice of Modular Curriculum System-Taking the Information Security Technology Application Major as an Example (2024CXJG07), Jointly Build a Cybersecurity Technology Service Platform at Changzhou College of Information Technology (SG220203B13), and Information Security Studio Project of the Skill Master Studio at Changzhou College of Information Technology.
Institutional Review Board Statement
Not applicable.
Informed Consent Statement
Not applicable.
Data Availability Statement
Data are available in this manuscript.
Conflicts of Interest
The authors declare no conflict of interest.
References
- Gu, Z.; Xu, G.; Hu, N. Preface: Security and safety in network simulation and evaluation. Secur. Saf. 2025, 4, 5–6. [Google Scholar] [CrossRef]
- Ahmed, A.M.; Nguyen, T.T.; Abdelrazek, M.; Aryal, S. Reinforcement learning-based autonomous attacker to uncover computer network vulnerabilities. Neural Comput. Appl. 2024, 36, 14341–14360. [Google Scholar] [CrossRef]
- Liu, J. Strategies for enhancing teaching quality in network security courses based on virtual simulation technology: Taking Fushun Vocational Technology Institute as an example. J. Liaoning Norm. Coll. (Nat. Sci. Ed.) 2025, 27, 46–51. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=197d0ef0ed720ef01d770v7078422606 (accessed on 28 May 2026).
- Sun, J. Application of virtual simulation technology in network attack and defense teaching in higher vocational colleges. Cyberspace Secur. 2024, 15, 224–227. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=1e480ev0m3400x00s5420rj0sn576920 (accessed on 28 May 2026).
- Zhou, Y.; Liu, K.; Su, H.; Lin, F.; Zhong, J. Research on the construction of integrated cyber range based on virtualization. Cybersecur. Data Gov. 2024, 43, 1–8. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=1t660jw0ct3n0md0f33d087024565917&site=xueshu_se (accessed on 28 May 2026).
- Lu, L.; Lu, D.; Ma, Y. Design of a virtual and real integrated industrial control security training range platform. J. Inf. Secur. Res. 2024, 10, 75–80. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=145q0vw05r0e0030c95y06c0fj561762 (accessed on 28 May 2026).
- Xie, Y. Design of a computer network attack and defense experimental teaching platform based on cloud computing and virtualization. J. Guangxi Open Univ. 2023, 34, 41–45. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=1a1p06p0k00t08v06a0g08c00d756685&site=xueshu_se (accessed on 28 May 2026).
- Tian, L.; Wang, J.; Yu, X.; Zhou, L.; Liu, C. Design of network security attack and defense simulation platform based on virtual technology. Inf. Technol. 2023, 47, 148–153. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=1v3908u06a0r0470kn1502c0hd663493 (accessed on 28 May 2026).
- Sun, J.; Zhai, J. A virtual scene construction of industrial control network simulated range. Intell. Comput. Appl. 2021, 11, 191–195+199. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=143p0cw0ty3n02k096160080n9227288&site=xueshu_se (accessed on 28 May 2026).
- Zou, X.; Hu, N.; Gu, Z.; Jia, Y. Cyber ranges:survey and perspective. Chin. J. Netw. Inf. Secur. 2024, 10, 1–22. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=140k0a60bc380vg0ym2w0xv0p9080382&site=xueshu_se (accessed on 28 May 2026).
- Wang, X. Study on the Application of Virtual Simulation Software in Higher Vocational Training Courses. J. Liaoning High. Vocat. 2025, 27, 86–89. Available online: https://xueshu.baidu.com/ndscholar/browse/detail?paperid=1e1g0vy00y7v00v0n42n0t60g7099688&site=xueshu_se (accessed on 28 May 2026).
Figure 1.
System architecture.
Figure 2.
Comparison of ability growth trajectories.
Table 1.
Teaching efficiency comparison.
| Evaluation Indicator | Experimental Group (Class A) | Control Group (Class B) | Improvement Efficiency |
|---|---|---|---|
| Average experiment preparation time | 2.8 min | 25.3 min | 88.9% |
| Experiments completed per unit time | 5.1/h | 2.4/h | 112.5% |
| Error operation recovery time | 1.2 min | 18.5 min | 93.5% |
| Complex scenario construction time | 5.8 min | 42.7 min | 86.4% |
Table 2.
Teaching effectiveness comparison data.
| Evaluation Indicator | Experimental Group (Class A) | Control Group (Class B) | Improvement Efficiency |
|---|---|---|---|
| Average skill assessment score | 96 points | 79 points | 21.5% |
| Comprehensive project excellence rate | 60.5% | 30.6% | 97.4% |
| Innovative technology application frequency | 3.4 times/person | 1.6 times/person | 112.5% |
| Knowledge retention rate (after 4 weeks) | 83.7% | 69.4% | 20.6% |
| Personalized guidance accuracy rate | 88.5% | 62.3% | 42.1% |
| Weak skill improvement speed | 2.3 times | Baseline | 130% |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2026 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license.
Share and Cite
MDPI and ACS Style
Li, J.; Chao, J.; Wu, M. Teaching Application of Online Virtual Simulation Network Penetration Attack and Defense Platform. Eng. Proc. 2026, 141, 1005. https://doi.org/10.3390/engproc2026141005
AMA Style
Li J, Chao J, Wu M. Teaching Application of Online Virtual Simulation Network Penetration Attack and Defense Platform. Engineering Proceedings. 2026; 141(1):1005. https://doi.org/10.3390/engproc2026141005
Chicago/Turabian StyleLi, Jianxin, Jia Chao, and Minjun Wu. 2026. "Teaching Application of Online Virtual Simulation Network Penetration Attack and Defense Platform" Engineering Proceedings 141, no. 1: 1005. https://doi.org/10.3390/engproc2026141005
APA StyleLi, J., Chao, J., & Wu, M. (2026). Teaching Application of Online Virtual Simulation Network Penetration Attack and Defense Platform. Engineering Proceedings, 141(1), 1005. https://doi.org/10.3390/engproc2026141005
