Tom Shaw

We present Hacktivity Cyber Security Labs, a novel technical framework and hosted lab infrastructure platform. Hacktivity uniquely addresses limitations in traditional cyber security education methods, particularly through extensive incorporation of randomisation of cyber security and hacking challenges, integration of automated chatbots, provisioning and managing of VMs and datacenter clusters, and integration with the Cyber Security Body of Knowledge (CyBOK) for curriculum alignment and individualised tracking of knowledge and experience. In this paper we present the technical design details of Hacktivity and our open-source backend framework, SecGen, and reflect on our experience of integrating it into security courses. By leveraging the SecGen framework for automatic problem generation, Hacktivity provides randomised challenges and hands-on tasks, enriching experiential learning for students. The close integration with CyBOK enables students to better understand the alignment of modules with knowledge areas and monitor and reflect on their learning progress. We present our experience of the platform’s effectiveness in teaching a wide range of technical cyber security topics. This paper introduces our innovative approach to teaching computer security, leveraging SecGen, an open-source software, multiple virtualisation data centres, and Hacktivity, a new virtualisation management and virtual learning environment.

Capture the flag (CTF) has been applied with success in cybersecurity education, and works particularly well when learning offensive techniques. However, defensive security and incident response do not always naturally fit the existing approaches to CTF. We present Hackerbot, a unique approach for teaching computer security: students interact with a malicious attacker chatbot, who challenges them to complete a variety of security tasks, including defensive and investigatory challenges. Challenges are randomised using SecGen, and deployed onto an oVirt infrastructure. Evaluation data included system performance, mixed methods questionnaires (including the Instructional Materials Motivation Survey (IMMS) and the System Usability Scale (SUS)), and group interviews/focus groups. Results were encouraging, finding the approach convenient, engaging, fun, and interactive; while significantly decreasing the manual marking workload for staff. The cloud infrastructure deployment using SecGen/oVirt was a success, generating VMs with randomised challenges, and enabling students to work from home.

Computer security students benefit from hands-on experience applying security tools and techniques to attack and defend vulnerable systems. Virtual machines (VMs) provide an effective way of sharing targets for hacking. However, developing these hacking challenges is time consuming, and once created, essentially static. That is, once the challenge has been "solved" there is no remaining challenge for the student, and if the challenge is created for a competition or assessment, the challenge cannot be reused without risking plagiarism, and collusion. Security Scenario Generator (SecGen) can build complex VMs based on randomised scenarios, with a number of diverse use-cases, including: building networks of VMs with randomised services and in-thewild vulnerabilities and with themed content, which can form the basis of penetration testing activities; VMs for educational lab use; and VMs with randomised CTF challenges. SecGen has a modular architecture which can dynamically generate challenges by nesting modules, and a hints generation system, which is designed to provide scaffolding for novice security students to make progress on complex challenges. SecGen has been used for teaching at universities, and hosting a recent UK-wide CTF event.