EthkLab: laboratorio de bajo costo para aprendizaje práctico en temas de ciberseguridad

Holzen Atocha Martínez-García; Enrique Camacho-Pérez; Ligia Beatriz Chuc-Us

doi:10.23913/ride.v15i29.2052

EthkLab: Low-cost laboratory for hands-on learning in cybersecurity issues

Holzen Atocha Martínez-García Tecnológico Nacional de México
Enrique Camacho-Pérez Universidad Autónoma de Yucatán
Ligia Beatriz Chuc-Us Tecnológico Nacional de México

DOI: https://doi.org/10.23913/ride.v15i29.2052

Abstract

EthkLab, a low-cost portable laboratory for learning cybersecurity and ethical hacking, is presented. The objective was to develop a learning environment for students at the Tecnológico Nacional de México campus Progreso, who lack a specialized laboratory about cybersecurity. First, it is defined whether it is possible and feasible to build such a laboratory. Then the specific hardware architecture is designed and the prototype is developed. Various tests are applied to volunteer students for validation of the lab, revealing satisfactory results that support the hypothesis that it can be used to benefit students and improve their skills with realistic hands-on testing. As in any preliminary development, areas of opportunity were found to be evaluated and corrected in future work on this proposed architecture, which is vertically and horizontally scalable due to the nature of its design.

Downloads

Download data is not yet available.

References

Arreola-García, A. (2019). Desafíos a las estrategias de ciberseguridad en América. Revista del Centro de Estudios Superiores Navales, 40(4), 25–53.

Castro-León, G. K. y Rendón-Burgos, C. E. (2021). Creación de un entorno virtual de aprendizaje para un laboratorio de enseñanza de seguridad informática en carreras técnicas (trabajo de grado). Universidad de Guayaquil. http://repositorio.ug.edu.ec/handle/redug/57097

Fuentes-Penna, A. F., Gómez-Cárdenas, R. y González-Ibarra, J. de D. (2023). La Ciberseguridad en México y los derechos humanos en la era digital. Espacios Públicos, 24(61), 110–130.

Grobler, M., Gaire, R. and Nepal, S. (2021). User, Usage and Usability: Redefining Human Centric Cyber Security. Frontiers in Big Data, 4. https://www.frontiersin.org/articles/10.3389/fdata.2021.583723

Legg, P., Mills, A. and Johnson, I. (2023). Teaching Offensive and Defensive Cyber Security in Schools using a Raspberry Pi Cyber Range. Journal of The Colloquium for Information Systems Security Education, 10(1), Article 1. https://doi.org/10.53735/cisse.v10i1.172

Marble, J. L., Lawless, W. F., Mittu, R., Coyne, J., Abramson, M. and Sibley, C. (2015). The Human Factor in Cybersecurity: Robust & Intelligent Defense. In S. Jajodia, P. Shakarian, V. S. Subrahmanian, V. Swarup and C. Wang (eds.), Cyber Warfare: Building the Scientific Foundation (pp. 173–206). Springer International Publishing. https://doi.org/10.1007/978-3-319-14039-1_9

Martínez-Luengo, D. (2021). Anonimato y Pentesting con Raspberry Pi. http://e-spacio.uned.es/fez/view/bibliuned:master-ETSInformatica-CBS-Dmartinez

Muñoz-Martínez, M. (2020). Políticas educativas e incorporación de las TIC en la educación superior mexicana. Revista Digital Universitaria, 21(6). https://biblat.unam.mx/es/revista/revista-digital-universitaria/articulo/politicas-educativas-e-incorporacion-de-las-tic-en-la-educacion-superior-mexicana

Oh, S. K., Stickney, N., Hawthorne, D. and Matthews, S. J. (2020). Teaching Web-Attacks on a Raspberry Pi Cyber Range. Proceedings of the 21st Annual Conference on Information Technology Education, 324–329. https://doi.org/10.1145/3368308.3415364

Pearson, B., Luo, L., Zou, C., Crain, J., Jin, Y. and Fu, X. (2020). Building a Low-Cost and State-of-the-Art IoT Security Hands-On Laboratory. En A. Casaca, S. Katkoori, S. Ray and L. Strous (eds.), Internet of Things. A Confluence of Many Disciplines (pp. 289–306). Springer International Publishing. https://doi.org/10.1007/978-3-030-43605-6_17

Raspberry Pi Ltd. (s. f.). Buy a Raspberry Pi 400 Personal Computer Kit. Raspberry Pi. https://www.raspberrypi.com/products/raspberry-pi-400/

Salazar-Mata, J. M., Cruz-Navarro, C., Balderas-Sánchez, A. V. y Díaz-Uribe, H. F. (2021). La seguridad informática en las instituciones de educación superior. TECTZAPIC: Revista Académico-Científica, 7(2), 72–79.

Torres-Knight, R. R. T. y Méndez-Morales, O. A. M. (2023). Esfuerzo dentro del estado de Chihuahua, México en materia de ciberseguridad. Informática y Derecho. Revista Iberoamericana de Derecho Informático, 13(2.ª época).

Velasco-Arellanes, F. J., Vera-Noriega, J. Á. y Durazo-Salas, F. F. (2020). La educación universitaria pública mexicana en el libre mercado: necesidades, ausencias y confusiones en su mejoramiento. Voces y Silencios. Revista Latinoamericana de Educación, 11(2). https://doi.org/10.18175/VyS11.2.2020.9

Yamin, M. M., Katt, B. and Gkioulos, V. (2020). Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security, 88, 101636. https://doi.org/10.1016/j.cose.2019.101636

Zimmermann, V. and Renaud, K. (2019). Moving from a ‘human-as-problem” to a ‘human-as-solution” cybersecurity mindset. International Journal of Human-Computer Studies, 131, 169–187. https://doi.org/10.1016/j.ijhcs.2019.05.005

Published

2024-08-29

How to Cite

Martínez-García, H. A., Camacho-Pérez, E., & Chuc-Us, L. B. (2024). EthkLab: Low-cost laboratory for hands-on learning in cybersecurity issues. RIDE Revista Iberoamericana Para La Investigación Y El Desarrollo Educativo, 15(29). https://doi.org/10.23913/ride.v15i29.2052

Download Citation

Issue

Vol 15 No 29 (2024): July - December 2024

Section

Scientific articles

This work is licensed under a Creative Commons Attribution 4.0 International License.

In order to promote the development and dissemination of research in education in Latin America, the Ibero-American Journal for Educational Research and Development (RIDE) adhered to the Budapest Open Access Initiative, which is why it is identified as a Open access publication. This means that any user can read the complete text of the articles, print them, download them, copy them, link them, distribute them and use the contents for other purposes. Creative Cummons licenses allow users to specify the rights to use an open access journal available on the Internet in such a way that users know the rules of publication. Authors who publish in this journal accept the following conditions: Authors they keep the author's rights and give the magazine the right of the first publication, with the work registered with the attribution license of Creative Commons, which allows third parties to use the published material whenever they mention the authorship of the work and the first publication in this The authors can make other independent and additional contractual agreements for the non-exclusive distribution of the version of the article published in this journal (eg, include it in an institutional repository or publish it in a book) as long as they clearly indicate that The work was published for the first time in this magazine. Authors are allowed and recommended to publish their work. low on the Internet (for example on institutional or personal pages) before and during the review and publication process, as it can lead to productive exchanges and to a greater and faster dissemination of the published work