SecLab

Ghiglieri, Marco; Stopczynski, Martin

doi:10.1145/2978192.2978224

Cited by 5 publications

(1 citation statement)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are extensive literature works on the lab design for the broad field of Cybersecurity Education. Depending on the employed technologies or methodologies, these lab designs can be categorized into three major groups: virtualization-based lab design (e.g., [3,4,12,13,19]), Web-based lab design (e.g., [8,10,27]), and USB-drivebased lab design (e.g., [20]). The target of the design is either a general security course (e.g., [22]), a singular security issue (e.g., EH for Web security [26]) or security of one particular system (e.g., mobile device security in [28], and NoSQL database security in [11]).…”

Section: Introductionmentioning

confidence: 99%

Developing an Undergraduate Course Curriculum for Ethical Hacking

Wang

McCoey

2020

Proceedings of the 21st Annual Conference on Information Technology Education

View full text Add to dashboard Cite

An Ethical Hacking (EH) course not only is a critical component for a Cybersecurity program but also an essential preparation for CS/IT majors towards career paths as security professionals. We face two major challenges when developing an undergraduate EH course, including the setup and choice of the lab design, and the choice and organization of covered topics for this course. On one hand, we have limited space, budget and technical support for a course that relies heavily on hands-on exercises. Given the nature of this course, the lab activities are often "offensive" and lab operations demand administrative privileges, which cause compliance issues with the university's IT policies. On the other hand, given the vast variety of topics and the fast pace of the field, it is difficult to select and organize an essential set of knowledge units to ensure that students are exposed to current technologies and prepared to be industry-ready. We adopt two major design principles to address these challenges correspondingly. First, our choice of a hybrid Virtual Machine (VM)-based and Web-based labs provides students the full set of privileges to perform lab activities without posing threats to the campus network. The Web-based labs remove high cost of hardware and avoid overwhelming installations and configurations for the lab. Second, given the diversity of topics and fast developments in this field, we choose topics based on four criteria: representative, current, certification-related, and foundations for other covered concepts. The chosen topics are aligned with three EH certificates, and organized into twelve modules with clear intermodule and intra-module logic. This paper details the curriculum of this EH course and elaborates how our design principles are entailed in the course.

show abstract