Teaching network security through live exercises
Security education and critical infrastructures
How the Cyber Defense Exercise Shaped an Information-Assurance Curriculum
IEEE Security and Privacy
Experiences in cyber security education: the MIT Lincoln laboratory capture-the-flag exercise
CSET'11 Proceedings of the 4th conference on Cyber security experimentation and test
Fear the EAR: discovering and mitigating execution after redirect vulnerabilities
Proceedings of the 18th ACM conference on Computer and communications security
Hit 'em where it hurts: a live security exercise on cyber situational awareness
Proceedings of the 27th Annual Computer Security Applications Conference
Cyber security exercises and competitions as a platform for cyber security experiments
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Hi-index | 0.00 |
Computer security competitions and challenges are a way to foster innovation and educate students in a highly-motivating setting. In recent years, a number of different security competitions and challenges were carried out, each with different characteristics, configurations, and goals. From 2003 to 2007, we carried out a number of live security exercises involving dozens of universities from around the world. These exercises were designed as "traditional" Capture The Flag competitions, where teams both attacked and defended a virtualized host, which provided several vulnerable services. In 2008 and 2009, we introduced two completely new types of competition: a security "treasure hunt" and a botnet-inspired competition. These two competitions, to date, represent the largest live security exercises ever attempted and involved hundreds of students across the globe. In this paper, we describe these two new competition designs, the challenges overcome, and the lessons learned, with the goal of providing useful guidelines to other educators who want to pursue the organization of similar events