HackInSDN: A Flexible, Incremental, and Portable Architecture for Cybersecurity Experimentation
Abstract
Testbed environments for experimenting and teaching cybersecurity with real-world characteristics and isolated resources can be an alternative to address recent security threats and challenges. Traditional experimentation tools, datasets, and existing testbeds usually provide few cybersecurity specialized resources or unrealistic scenarios, which pose challenges for building near to production experiments with component reuse. This paper presents HackInSDN, an architecture based on programmable testbed infrastructures for teaching and experimentation in cybersecurity. HackInSDN incorporates monitoring tools, offensive security, benign traffic generation, network programmability, anomaly detection, and threat intelligence capabilities into a modular and scalable platform. A proof of concept was developed and integrated into a Kubernetes cluster. Use cases demonstrate the benefits of the proposed architecture.
Keywords:
Cybersecurity, Computer Networks, Testbed, Education, Experimentation, SDN
References
Brito, I. V. S. and Sampaio, L. N. (2024). Mininet-sec: plataforma de experimentação para segurança cibernética em redes programáveis. Salão de Ferramentas - SBRC.
Chouliaras, N., Kittes, G., Kantzavelou, I., Maglaras, L., Pantziou, G., and Ferrag, M. A. (2021). Cyber ranges and testbeds for education, training, and research. Applied Sciences, 11(4):1809.
Du, W. (2011). Seed: hands-on lab exercises for computer security education. IEEE Security & Privacy, 9(5):70–73.
Du, W., Zeng, H., and Won, K. (2022). Seed emulator: An internet emulator for research and education. In Proceedings of the 21st ACM Workshop on Hot Topics in Networks, pages 101–107.
Gemmer, D. D., Meyer, B. H., Mello, E. R. d., Schwarz, M., Wangham, M. S., and Nogueira, M. (2023). A Scalable Cyber Security Framework for the Experimentation of DDoS Attacks of Things. In NOMS 2023-2023 IEEE/IFIP, pages 1–7.
Gomez, J., Kfoury, E. F., Crichigno, J., and Srivastava, G. (2023). A survey on network simulators, emulators, and testbeds used for research and education. Computer Networks, 237:110054.
Jonas, D., Yusuf, N. A., and Zahra, A. R. A. (2023). Enhancing Security Frameworks with Artificial Intelligence in Cybersecurity. International Transactions on Education Technology, 2(1):83–91.
Mirkovic, J., Kocoloski, B., and Balenson, D. (2024). Enabling reproducibility through the sphere research infrastructure. login Usenix Mag.
Rahouti, M. and Xiong, K. (2019). A Customized Educational Booster for Online Students in Cybersecurity Education. In CSEDU (2), pages 535–541.
Rahouti, M., Xiong, K., and Lin, J. (2021). Leveraging a cloud-based testbed and software-defined networking for cybersecurity and networking education. Engineering Reports, 3(10):e12395.
Seufert, M., Dietz, K., Wehner, N., Geißler, S., Schüler, J., Wolz, M., Hotho, A., Casas, P., Hoßfeld, T., and Feldmann, A. (2024). Marina: Realizing ML-Driven Real-Time Network Traffic Monitoring at Terabit Scale. IEEE Transactions on Network and Service Management.
Shannon, C. E. (1948). A mathematical theory of communication. The Bell system technical journal, 27(3):379–423.
Stamatopoulos, D., Katsantonis, M., Fouliras, P., and Mavridis, I. (2024). Exploring the architectural composition of cyber ranges: A systematic review. Future Internet, 16(7):231.
Tan, L., Su, W., Zhang, W., Lv, J., Zhang, Z., Miao, J., Liu, X., and Li, N. (2021). In-band network telemetry: A survey. Computer Networks, 186:107763.
Vykopal, J., Čeleda, P., Seda, P., Švábenskỳ, V., and Tovarňák, D. (2021). Scalable learning environments for teaching cybersecurity hands-on. In 2021 IEEE Frontiers in Education Conference (FIE), pages 1–9. IEEE.
Wang, M., Li, B., and Li, Z. (2004). sflow: Towards resource-efficient and agile service federation in service overlay networks. In 24th International Conference on Distributed Computing Systems, 2004. Proceedings., pages 628–635. IEEE.
Wangham, M. S., Meyer, B. H., Gemmer, D. D., de Santana, K. G., Frank, L. R., de Campos, L. E. F., de Mello, E. R., and Schwarz, M. F. (2024). Testbeds para pesquisa experimental em cibersegurança: Da teoria à prática. Minicursos do Simpósio Brasileiro de Redes de Computadores - SBRC.
Yamin, M. M., Katt, B., and Gkioulos, V. (2020). Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security, 88:101636.
Chouliaras, N., Kittes, G., Kantzavelou, I., Maglaras, L., Pantziou, G., and Ferrag, M. A. (2021). Cyber ranges and testbeds for education, training, and research. Applied Sciences, 11(4):1809.
Du, W. (2011). Seed: hands-on lab exercises for computer security education. IEEE Security & Privacy, 9(5):70–73.
Du, W., Zeng, H., and Won, K. (2022). Seed emulator: An internet emulator for research and education. In Proceedings of the 21st ACM Workshop on Hot Topics in Networks, pages 101–107.
Gemmer, D. D., Meyer, B. H., Mello, E. R. d., Schwarz, M., Wangham, M. S., and Nogueira, M. (2023). A Scalable Cyber Security Framework for the Experimentation of DDoS Attacks of Things. In NOMS 2023-2023 IEEE/IFIP, pages 1–7.
Gomez, J., Kfoury, E. F., Crichigno, J., and Srivastava, G. (2023). A survey on network simulators, emulators, and testbeds used for research and education. Computer Networks, 237:110054.
Jonas, D., Yusuf, N. A., and Zahra, A. R. A. (2023). Enhancing Security Frameworks with Artificial Intelligence in Cybersecurity. International Transactions on Education Technology, 2(1):83–91.
Mirkovic, J., Kocoloski, B., and Balenson, D. (2024). Enabling reproducibility through the sphere research infrastructure. login Usenix Mag.
Rahouti, M. and Xiong, K. (2019). A Customized Educational Booster for Online Students in Cybersecurity Education. In CSEDU (2), pages 535–541.
Rahouti, M., Xiong, K., and Lin, J. (2021). Leveraging a cloud-based testbed and software-defined networking for cybersecurity and networking education. Engineering Reports, 3(10):e12395.
Seufert, M., Dietz, K., Wehner, N., Geißler, S., Schüler, J., Wolz, M., Hotho, A., Casas, P., Hoßfeld, T., and Feldmann, A. (2024). Marina: Realizing ML-Driven Real-Time Network Traffic Monitoring at Terabit Scale. IEEE Transactions on Network and Service Management.
Shannon, C. E. (1948). A mathematical theory of communication. The Bell system technical journal, 27(3):379–423.
Stamatopoulos, D., Katsantonis, M., Fouliras, P., and Mavridis, I. (2024). Exploring the architectural composition of cyber ranges: A systematic review. Future Internet, 16(7):231.
Tan, L., Su, W., Zhang, W., Lv, J., Zhang, Z., Miao, J., Liu, X., and Li, N. (2021). In-band network telemetry: A survey. Computer Networks, 186:107763.
Vykopal, J., Čeleda, P., Seda, P., Švábenskỳ, V., and Tovarňák, D. (2021). Scalable learning environments for teaching cybersecurity hands-on. In 2021 IEEE Frontiers in Education Conference (FIE), pages 1–9. IEEE.
Wang, M., Li, B., and Li, Z. (2004). sflow: Towards resource-efficient and agile service federation in service overlay networks. In 24th International Conference on Distributed Computing Systems, 2004. Proceedings., pages 628–635. IEEE.
Wangham, M. S., Meyer, B. H., Gemmer, D. D., de Santana, K. G., Frank, L. R., de Campos, L. E. F., de Mello, E. R., and Schwarz, M. F. (2024). Testbeds para pesquisa experimental em cibersegurança: Da teoria à prática. Minicursos do Simpósio Brasileiro de Redes de Computadores - SBRC.
Yamin, M. M., Katt, B., and Gkioulos, V. (2020). Cyber ranges and security testbeds: Scenarios, functions, tools and architecture. Computers & Security, 88:101636.
Published
2025-05-19
How to Cite
BRITO, Italo V. S.; PINHEIRO, Talita R.; SANTOS, Mayara R. E.; SANTOS, Raquel S. M.; GOMES, Gustavo; SAMPAIO, Henrique Q. S.; FREITAS, Allan E. S.; SAMPAIO, Leobino N..
HackInSDN: A Flexible, Incremental, and Portable Architecture for Cybersecurity Experimentation. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 43. , 2025, Natal/RN.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 882-895.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2025.6392.
