Application of security tot he computing science classroom
Proceedings of the thirty-first SIGCSE technical symposium on Computer science education
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Using an isolated network laboratory to teach advanced networks and security
Proceedings of the thirty-second SIGCSE technical symposium on Computer Science Education
Network Security with Openssl
SSH, The Secure Shell: The Definitive Guide
SSH, The Secure Shell: The Definitive Guide
Building a cyberwar lab: lessons learned: teaching cybersecurity principles to undergraduates
SIGCSE '02 Proceedings of the 33rd SIGCSE technical symposium on Computer science education
Panel on integrating security concepts into existing computer courses
SIGCSE '02 Proceedings of the 33rd SIGCSE technical symposium on Computer science education
A laboratory-based course on internet security
SIGCSE '03 Proceedings of the 34th SIGCSE technical symposium on Computer science education
The challenges of designing lab exercises for a curriculum in computer security
Journal of Computing Sciences in Colleges
Who Watches the Security Educators?
IEEE Security and Privacy
Humans in the Loop: Human-Computer Interaction and Security
IEEE Security and Privacy
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Implementing a minimal lab for an undergraduate network security course
Journal of Computing Sciences in Colleges
Designing and implementing a cyberwar laboratory exercise for a computer security course
Proceedings of the 35th SIGCSE technical symposium on Computer science education
Animation of computer networking concepts
Journal on Educational Resources in Computing (JERIC)
Computer Networking: A Top-Down Approach Featuring the Internet
Computer Networking: A Top-Down Approach Featuring the Internet
Proceedings of the 36th SIGCSE technical symposium on Computer science education
Teaching students to hack: curriculum issues in information security
Proceedings of the 36th SIGCSE technical symposium on Computer science education
Teaching hands-on computer and information systems security despite limited resources
Proceedings of the 36th SIGCSE technical symposium on Computer science education
Design of network security projects using honeypots
Journal of Computing Sciences in Colleges
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
WWW '05 Proceedings of the 14th international conference on World Wide Web
Distributed Systems: Principles and Paradigms (2nd Edition)
Distributed Systems: Principles and Paradigms (2nd Edition)
Why Johnny can't encrypt: a usability evaluation of PGP 5.0
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Information Assurance the West Point Way
IEEE Security and Privacy
An experimental environment for teaching Java security
Proceedings of the 6th international symposium on Principles and practice of programming in Java
Laboratory design for wireless network attacks
Proceedings of the 5th annual conference on Information security curriculum development
An instructional design of open source networking laboratory and curriculum
Proceedings of the 10th ACM conference on SIG-information technology education
Journal of Computer Systems, Networks, and Communications
How secure is WiFi MAC layer in comparison with IPsec for classified environments?
Proceedings of the 14th Communications and Networking Symposium
IPv6 certification and course development
Proceedings of the 13th annual conference on Information technology education
Harnessing the cloud for teaching cybersecurity
Proceedings of the 45th ACM technical symposium on Computer science education
| Hi-index | 0.00 |
We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an attack by the instructor. Students then learn how to use open-source defense tools appropriate for the role they are playing and the attack at hand. Threats covered include eavesdropping, dictionary, man-in-the-middle, port scanning, and fingerprinting attacks. Defense skills gained by students include how to forward ports with OpenSSH, how to prevent weak passwords with CrackLib, how to salt passwords, how to set up a simple certifying authority, issue and verify certificates, and guarantee communication confidentiality and integrity using OpenSSL, and how to set up firewalls and IPsec-based virtual private networks. At two separate offerings, tests taken before and after each experiment showed that each has a statistically significant and large effect on students' learning. Moreover, surveys show that students finish the sequence of experiments with high interest in further studies and work in the area of security. These results suggest that the experiments are well-suited for introductory security or networking courses.