Mathew VanDerPol scite author profile

While cloud computing is an attractive option in terms of price, availability, and scalability, cloud consumers must also weigh the security concerns of a cloud environment. In particular, security breaches due to misconfiguration are common, and this prevalence starts with inadequate education and training. Consequently, we incorporated a capture the flag (CTF) activity into an existing course to illuminate the potential pitfalls and consequences of cloud misconfiguration and to encourage participants to protect against such issues in their own applications. In this paper, we report on the effectiveness of the CTF activity to achieve these goals. Our evaluation specifically focuses on participants' interests, self-perceptions, and application of essential security practices (e.g., defensive programming techniques) to defend against common types of attacks. Our results indicate that the CTF activity was perceived favorably by students, but participants performed comparably to their peers on independent assessments, including test questions related to web security and securing a web application developed as part of a course project. We examine these issues and suggest a path forward to address them, particularly by better aligning the CTF activity with the stated course outcomes in conjunction with collecting additional data in future semesters.

show abstract

Election Security in the Cloud: A CTF Activity to Teach Cloud and Web Security

Romano

Windsor

VanDerPol

et al. 2021

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Mathew VanDerPol

Hardware-based whitelisting for automated test system cybersecurity and configuration management

Using a CTF Activity to Teach Cloud and Web Security

Election Security in the Cloud: A CTF Activity to Teach Cloud and Web Security

Contact Info

Product

Resources

About