Toolset for Collecting Shell Commands and Its Application in Hands-on Cybersecurity Training

Result code in IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F21%3A00121979" target="_blank" >RIV/00216224:14610/21:00121979 - isvavai.cz</a>

Result on the web

<a href="http://dx.doi.org/10.1109/FIE49875.2021.9637052" target="_blank" >http://dx.doi.org/10.1109/FIE49875.2021.9637052</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1109/FIE49875.2021.9637052" target="_blank" >10.1109/FIE49875.2021.9637052</a>

Result language

angličtina

Original language name

Toolset for Collecting Shell Commands and Its Application in Hands-on Cybersecurity Training

Original language description

This Full Paper in the Innovative Practice category presents and evaluates a technical innovation for hands-on classes. When learning cybersecurity, operating systems, or networking, students perform practical tasks using a broad range of command-line tools. Collecting and analyzing data about the command usage can reveal valuable insights into how students progress and where they make mistakes. However, few learning environments support recording and inspecting command-line inputs, and setting up an efficient infrastructure for this purpose is challenging. To aid engineering and computing educators, we share the design and implementation of an open-source toolset for logging commands that students execute on Linux machines. Compared to basic solutions, such as shell history files, the toolset's novelty and added value are threefold. First, its configuration is automated so that it can be easily used in classes on different topics. Second, it collects metadata about the command execution, such as a timestamp, hostname, and IP address. Third, all data are instantly forwarded to central storage in a unified, semi-structured format. This enables automated processing of the data, both in real-time and post hoc, to enhance the instructors' understanding of student actions. The toolset works independently of the teaching content, the training network's topology, or the number of students working in parallel. We demonstrated the toolset’s value in two learning environments at four training sessions. Over two semesters, 50 students played educational cybersecurity games using a Linux command-line interface. Each training session lasted approximately two hours, during which we recorded 4439 shell commands. The semi-automated data analysis revealed different solution patterns, used tools, and misconceptions of students. Our insights from creating the toolset and applying it in teaching practice are relevant for instructors, researchers, and developers of learning environments. We provide the software and data resulting from this work so that others can use them in their hands-on classes.

Czech name

—

Czech description

—

Type

D - Article in proceedings

CEP classification

—

OECD FORD branch

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Project

<a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>

Continuities

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Publication year

2021

Confidentiality

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Article name in the collection

2021 IEEE Frontiers in Education Conference (FIE)

ISBN

9781665438513

ISSN

1539-4565

e-ISSN

2377-634X

Number of pages

9

Pages from-to

1-9

Publisher name

IEEE

Place of publication

New York, NY, USA

Event location

Lincoln, Nebraska, USA

Event date

Jan 1, 2021

Type of event by nationality

WRD - Celosvětová akce

UT code for WoS article

—