Constructing Virtual Laboratory for

Research and Education

(Progress Report --- Week 6)

Team members: Melissa Nichols and Nathan Torrez

Mentor: Dr. Anyi Liu
Outline
Timeline
The Big Picture
Related Works
Schedule and Achievement of Week 6
Automate XML router interface creation
Troubleshoot network creation
Automating process of network, VM, and router interface
creation
Adding function that includes interface status on routers
The Plan of Week 7
References
Timeline
Week Six Write the module that can
change network topologies
using OpenStack API (Part 2)
Start working on the module
that can change the routing
We are here
rules (Part 2)

Week Seven Continue working on the

module that can change the
routing rules (Part 2)
Draft the research paper

Week Eight Improve the performance and

efficiency of the virtual
laboratory
Refine the user interface
Work on the poster
Continue work on research
paper
Week Nine Conduct tests in virtual
laboratory environment
Revise research paper
Continue work on poster
If possible, work with VMI library
(libVMI)
Week Ten Finalize research paper
Finalize poster
Finalize tests and scripts
The Big Picture

With the advances in technology, creating virtual

laboratories has gotten considerably easier with the
cloud.[1]
Virtual Laboratories are a great alternative to expensive
equipment and you can perform testing by creating
many virtual machines. This is particularly true for
penetration tests where the user can run exploits.[2]
The proper learning environment is important for students
or those trying to learn about hacking. Virtual
laboratories are a safe way to practice exploiting
machines.[3]
Related Works

Oracle Ravello Labs Run cyber security labs with data-center like
networking, VMware/KVM appliances, port-mirroring on leading
clouds, and gain from scale, flexibility and cost economics of public
cloud. [4]
Not free, only offers a 5-week free trial
National Cyberwatch Centers Complete Cloud-Based Lab Solution
A hands-on, scalable, and customizable virtual platform that
proves skills are the cornerstone of any degree, certificate, training,
or assessment program. Infosec Learnings hands on virtual lab
platform offers our members an unmatched turnkey training and
assessment solution with real world tools and technology. [5]
Not free, and only offers specific labs that are not customizable
Related Works (cont.)

Cloudshare With CloudShares virtual training lab environment,

you can offer every student in every class a realistic hands-on
training environment quickly, painlessly, and with minimal IT
support. Designed from the ground up especially for training,
CloudShare brings you features and efficiency the others simply
cant match.[6]
Not free
The Achievement of Week 6
Day 1: Day 4:
Adding function to XML creation
Automating XML router interface
importation that includes interface tag for
routers
Continue speeding up the process of Troubleshooting router ACTIVE
uploading VMs status
Day 2: Polishing multithreaded creation of
virtual machines and networks for
Troubleshooting network creation for
experiment experiment
Day 5
Multithreading creation of control Documenting the process of
domain and VMs creating multiple networks and
Day 3: virtual machines
Continuing to troubleshoot router
Fixing problem where new networks
could not be added to default routers ACTIVE status

Multithreading creation of all virtual

machines, networks, and router
interfaces
Day 1:Automating XML router interface
importation and speeding up the process of
uploading VMs
Previously, we were unable to import router interfaces
without user intervention. The user would be required to
enter the networks each router was connected to.
With Hishams help, we were able to automate this
process and remove any user intervention from the XML
importation process.
We are trying to make the process of creating an
experiment as automated and fast as possible.
Day 2: Creating Domain Containing Tools and
Troubleshooting Creation of Networks Using Script
As mentioned previously, there
are many tools that could be
used to monitor networks,
memory, and storage as well as
network monitoring.
A separate domain will be used
for those machines. This can be
created quickly by using
multithreading.

Domain containing VMs with

tools that was created by
multithreading
 Day 3: Creating of All Networks, VMs, and Router
Interfaces
It is important for the creation of
VMs, Networks, and Router
interfaces to be quick and easy.
Using multithreading, we were
able to automate the creation of
all of these things in parallel with
very little user input.
The Attack, Victim, and Control
machines can now be created in
one network. Multiple networks
can be created using the same
images and attached to the
router.

Multithreading to create networks, VMs, etc.

Day 4: Adding function to XML creation that includes
interface tag for routers and
troubleshooting router ACTIVE status

When router interfaces are created

using the OpenStack Dashboard, their
port status is automatically set to
ACTIVE
This ACTIVE status is required to
associate floating IPs with the
machines connected to those
networks through the routers.
However, when creating router
interfaces with the XML importation
script, these routers are automatically
set to DOWN.
There is no way to change this status
using the OpenStack Dashboard.
We added functionality to our script
that includes the router_interface
tag to each interface, but this did not Screenshot showing multiple router interfaces with DOWN
fix our issue. status. The circled area shows what our router interfaces need
to be set as.
Day 5: Continuing to troubleshoot router ACTIVE
status and documenting the process of creating
multiple networks and virtual machines
We referred to the OpenStack API documentation to see if we could
write a program that creates router interfaces in a different way than
the program we have
We were unable to find a way to create ports using this
documentation, but we did find a list of values that are associated with
ports, one being date_plane_status
However, the ports on OpenStack only have a status variable, and
we received an error when trying to use the data_plane_status
variable
When trying to change the status from DOWN to ACTIVE, we received
a read only error.
Upon further research, weve ruled this as a bug. We will have to find a
workaround or contact CloudLab administrators to see if this is an issue
they can fix.
Plan For Week 7

Find a workaround for router ACTIVE status bug

Continue streamlining the experiment creation process
Continue working on the module that can change
routing rules
Continue writing the module that can change network
topologies using the OpenStack API
References

[1] Wayner, Peter. Virtual testing: How to build an army of testers in the
cloud. Retrieved from https://techbeacon.com/virtual-testing-how-
build-army-testers-cloud
[2] Offensive Security. Hosted Penetration Testing Virtual Labs.
Retrieved from https://www.offensive-security.com/offensive-security-
solutions/virtual-penetration-testing-labs/
[3] Cesca, Vincent. How To Build A Virtual Lab to Hack Computers
Legally. Retrieved from https://phoenixts.com/blog/how-to-build-a-
virtual-lab-to-hack-computers-legally/
[4] Ravello Service | Oracle Cloud. (n.d.). Retrieved from
https://cloud.oracle.com/en_US/ravello
References (cont.)

[5] Complete Cloud-Based Lab Solution. (n.d.). Retrieved

from https://www.nationalcyberwatch.org/programs-
resources/complete-cloud-based-lab-solution/
[6] Build Virtual Training Lab Environments with CloudShare.
(n.d.). Retrieved from
https://www.cloudshare.com/solutions/training-education