SEED:

Developing Instructional Laboratories for Computer SEcurity EDucation

Principal Investigator

Co-PIs

  • Dr. Tom Daniels
  • Dr. Noreen Gaubatz
  • Dr. Peng Ning
  • Dr. Gene Spafford

Current Students

  • Jinkai Gao
  • Lin Huang
  • Karthick Jayaraman
  • Zutao Zhu

Graduated Students & Employments

  • Bandan Das
  • Sudheer Bysani (Microsoft)
  • Sridhar Iyer (Mailshell)
  • Ronghua Wang (Microsoft)
  • Mingdong Shang (Microsoft)
  • Divyakaran Sachar
  • Nishant Doshi (Symantec)
  • Swapnil Bhalode (Symantec)
  • Sankara Narayanan (Cisco)
  • Sunil Vajir (VMware)


Project Summary

NSF Logo

The importance of experiental learning has long been recognized in the learning theory literature. Dewey (1938) pointed out that learning must be grounded in experience; Lewin (1951) claimed that learning is attained through active participation in the learning process; Piaget (1952) stated that learning occurs as a result of the interaction between the individual and the environment. Peter Denning also indicated that if we adopt a picture that ignores practice, our field (computing) will end up like the failed "new math" of the 1960s--all concepts, no practice, lifeless; dead.

The objective of the SEED project is to develop an instructional laboratory environment and laboratory exercises (called labs) for computer system security education. Our approach is motivated by the traditional mature courses, such as Operating Systems (OS), Compilers, and Networking. In OS courses, a widely adopted successful practice is using an instructional OS (e.g. Minix, Nachos, and XINU) as a framework and ask students to write significant portions of each major piece of a modern OS. The Compiler and Network courses adopted a similar approach. Inspired by the success of the instructional OS strategy, we adapt it to our computer security courses. Namely, we use an instructional operating system (Minix) as our basis, and develop lab exercises on this instructional system.

The goal of our labs is to help students focus on (1) grasping security principles, concepts, and technologies, (2) applying security principles to design and implement security mechanisms, (3) analyzing and testing systems for security properties. (4) applying security principles to solve real-world problems. To meet this goal, we have designed a number of labs. Since 2002, we have been experimenting with some of these labs in both undergraduate and graduate courses, including Introduction to Computer Security, Computer Security, and Internet Security.

Open Source Design

These lab documents are released as open source documents. Permission is granted to copy, distribute and/or modify these documents under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation. A copy of the license can be found at http://www.gnu.org/licenses/fdl.html.

SEED Labs

Sponsors

  • NSF CCLI: Course, Curriculum, and Laboratory Improvement program (Phase-II: $451,682, 01/2007-12/2010. Grant No. 0618680)
  • NSF CCLI: Course, Curriculum, and Laboratory Improvement program (Phase-I: $74,984, 01/2003-12/2005. Grant No. 0231122)
  • Syracuse University Vision Fund ($5000, 01/2003-12/2003)

Publications