Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis > publications : papers : 2016 : teaching_network_security
Teaching Network Security With IP Darkspace Data
T. Zseby, F. Vázquez, A. King, and k. claffy, "Teaching Network Security With IP Darkspace Data", IEEE Transactions on Education, vol. 59, no. 1, pp. 1--7, Feb 2016.
|   View full paper:    PDF    DOI    Lab Material    |  Citation:    BibTeX    Resource Catalog   |

Teaching Network Security With IP Darkspace Data

Tanja Zseby2
Félix Iglesias Vázquez2
Alistair King1
kc claffy1

CAIDA, San Diego Supercomputer Center, University of California San Diego


Vienna University of Technology

This paper presents a network security laboratory project for teaching network traffic anomaly detection methods to electrical engineering students. The project design follows a research-oriented teaching principle, enabling students to make their own discoveries in real network traffic, using data captured from a large IP darkspace monitor operated at the University of California, San Diego (UCSD). Although darkspace traffic does not include bidirectional conversations (only attempts to initiate them), it contains traffic related to or actually perpetrating a variety of network attacks originating from millions of Internet addresses around the world. This breadth of coverage makes this darkspace data an excellent choice for a hands-on study of Internet attack detection techniques. In addition, darkspace data is less privacy-critical than other network traces, because it contains only unwanted network traffic and no legitimate communication. In the lab exercises presented, students learn about network security challenges, search for suspicious anomalies in network traffic, and gain experience in presenting and interpreting their own findings. They acquire not only security-specific technical skills but also general knowledge in statistical data analysis and data mining techniques. They are also encouraged to discover new phenomena in the data, which helps to ignite their general interest in science and engineering research. The Vienna University of Technology, Austria, first implemented this laboratory during the summer semester 2014, with a class of 41 students. With the help of the Center for Applied Internet Data Analysis (CAIDA) at UCSD, all exercises and IP darkspace data are publicly available.

Keywords: education, network telescope, passive data analysis, security, software/tools
  Last Modified: Tue Nov-17-2020 04:47:27 UTC
  Page URL: