A laboratory-based course on internet security
SIGCSE '03 Proceedings of the 34th SIGCSE technical symposium on Computer science education
Teaching students to hack: curriculum issues in information security
Proceedings of the 36th SIGCSE technical symposium on Computer science education
A model for summer undergraduate research experiences in emerging technologies
Proceedings of the 37th SIGCSE technical symposium on Computer science education
Teaching students to hack: ethical implications in teaching students to hack at the university level
InfoSecCD '06 Proceedings of the 3rd annual conference on Information security curriculum development
Network intrusion detection: evasion, traffic normalization, and end-to-end protocol semantics
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
What Hackers Learn that the Rest of Us Don't: Notes on Hacker Curriculum
IEEE Security and Privacy
Hacker Curriculum: How Hackers Learn Networking
IEEE Distributed Systems Online
Proceedings of the 42nd ACM technical symposium on Computer science education
Teaching security labs with web applications, buffer overflows and firewall configurations
Journal of Computing Sciences in Colleges
Pre-Service Teachers' Perceptions of Information Assurance and Cyber Security
International Journal of Information and Communication Technology Education
Using network packet generators and snort rules for teaching denial of service attacks
Proceedings of the 18th ACM conference on Innovation and technology in computer science education
Top 10 hands-on cybersecurity exercises
Journal of Computing Sciences in Colleges
Hi-index | 0.00 |
The "Hacker Curriculum" exists as a mostly undocumented set of principles and methods for learning about information security. Hacking, in our view, is defined by the ability to question the trust assumptions in the design and implementation of computer systems rather than any negative use of such skills. Chief among these principles and methods are two useful pedagogical techniques: (1) developing a cross-layer view of systems (one unconstrained by API definitions or traditional subject matter boundaries) and (2) understanding systems by analyzing their failure modes (this approach works well with learning networking concepts and assessing software vulnerabilities). Both techniques provide a rich contrast to traditional teaching approaches, particularly for information security topics. We relate our experience applying Hacker Curriculum principles to education and training programs for undergraduates, including the Secure Information Systems Mentoring and Training (SISMAT) program and the Cyber Security Initiative at Dartmouth College, which allows undergraduates to perform supervised red team activities on Dartmouth's production systems.