T5-COMP1-1 - CHEESE: Cyber Human Ecosystem of Engaged Security Education

1. Innovative Practice Full Paper
Rajesh Kalyanam1 , Baijian Yang2, Craig Willis3, Mike Lambert3, Christine Kirkpatrick4
1 Purdue University
2 Purdue Polytechnic Institute
3 University of Illinois at Urbana Champaign
4 San Diego Supercomputer Center

In this Full Paper we describe CHEESE, a platform for cybersecurity education that complements formal classroom instruction with hands-on experience. With the ubiquitous use of computing devices and applications today, the protection of personal and privileged information is a persistent challenge. Malicious actors can exploit flaws in a wide range of unsecure or erroneous software as has been demonstrated in well-know cybersecurity flaws like SQL Injection attacks which target database software that does not perform sufficient input validation, and the HeartBleed bug that exposed a similar lack of validation in the widely used OpenSSL library. Thus, cybersecurity education is a necessary skill for both the current and future IT workforce and not just cybersecurity researchers. 

CHEESE is composed of CHEESEHub, a public web-platform hosting demonstrations of cybersecurity concepts, a set of lessons complementing the demonstrations, and a community-driven approach to the contribution of new demonstrations and lessons. The demonstrations provide hands-on experience in reproducing a cybersecurity flaw and validating a solution, where one exists. Docker containers are used to package these cybersecurity demonstrations as a set of one or more containers with web-accessible interfaces. For instance, demonstrations of network security concepts such as ARP Poisoning, require three separate containers playing the role of victim, server, and hacker respectively. CHEESEHub is built on the Labs Workbench platform that provides both a web interface for accessing and requesting any of the demonstrations on-demand, and a container orchestration framework for launching and managing the corresponding containaers for these demonstrations. Step-by-step instructions for reproducing the demonstrations, as well as a description of the cybersecurity concept being demonstrated is described in a corresponding lesson that is designed using the widely used and popular Carpentries model. The Carpentries model provides rich syntax for including objectives, callouts, key takeways and expected duration of a lesson. The standard open-source GitHub contribution pipeline of issues and pull requests is used for contributions and updates of both demonstrations and lessons. 

CHEESE is intended to supplement and enhance traditional cybersecurity eduction with hands-on training that has been shown to improve concept retention and understanding. Instructors can incorporate CHEESE into their teaching in several ways: by utilizing one or more of the demonstrations hosted on the publicly-accessible CHEESEHub in conjunction with the web-accessible lessons; by deploying their own instance of CHEESEHub with a custom set of demonstrations and lessons; and by developing their own lesson plan which borrows from and combines one or more demonstrations on CHEESEHub. CHEESE differs from current platforms for hands-on training in cybersecurity education such as SEED Labs, Labtainers, DETER, Cyber Range, etc., in a few key ways: the use of containers enables more resource-efficient deployment and the ability to package applications that rely on an older, unsecure, and un-patched version of a software library; the contribution process is fairly straightforward and does not require any specific template; it is a publicly accessible platform that only requires a web-browser and can hence be employed in a wide variety of educational and training settings from K-12 through university.