Laboratory Experiments for Network Security Instruction
We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experime...
Gespeichert in:
| Veröffentlicht in: | Journal on educational resources in computing 2006-12, Vol.6 (4), p.5 |
|---|---|
| 1. Verfasser: | |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | 4 |
| container_start_page | 5 |
| container_title | Journal on educational resources in computing |
| container_volume | 6 |
| creator | Brustoloni, Jose Carlos |
| description | We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an attack by the instructor. Students then learn how to use open-source defense tools appropriate for the role they are playing and the attack at hand. Threats covered include eavesdropping, dictionary, man-in-the-middle, port scanning, and fingerprinting attacks. Defense skills gained by students include how to forward ports with OpenSSH, how to prevent weak passwords with CrackLib, how to salt passwords, how to set up a simple certifying authority, issue and verify certificates, and guarantee communication confidentiality and integrity using OpenSSL, and how to set up firewalls and IPsec-based virtual private networks. At two separate offerings, tests taken before and after each experiment showed that each has a statistically significant and large effect on students' learning. Moreover, surveys show that students finish the sequence of experiments with high interest in further studies and work in the area of security. These results suggest that the experiments are well-suited for introductory security or networking courses. |
| doi_str_mv | 10.1145/1248453.1248458 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_30950178</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ericid>EJ966217</ericid><sourcerecordid>30950178</sourcerecordid><originalsourceid>FETCH-LOGICAL-c208t-73aba36d5a53d97b3d965f00442a4491796294a9eecbca19a3b8e9a91f9cb4363</originalsourceid><addsrcrecordid>eNpNkDFPwzAUhC0EEqUwszBkYkvrF9txPKKqQFEEAzBHL64jBdI42I4g_55UiRDLuzd8d9IdIddAVwBcrCHhGRdsNWl2QhYgGMQ8kdnpv_-cXHj_QSkwyuiCyBxL6zBYN0Tbn864-mDa4KPKuujZhG_rPqNXo3tXhyHatT64XofatpfkrMLGm6tZl-T9fvu2eYzzl4fd5i6PdUKzEEuGJbJ0L1CwvZLleFJRUcp5gpwrkCpNFEdljC41gkJWZkahgkrpkrOULcntlNs5-9UbH4pD7bVpGmyN7X3BqBIUZDaC6wnUznrvTFV0Yxd0QwG0OA5UzAPNenTcTI6xtP6jt08qTROQ7BcMkmFR</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>30950178</pqid></control><display><type>article</type><title>Laboratory Experiments for Network Security Instruction</title><source>ACM Digital Library Complete</source><creator>Brustoloni, Jose Carlos</creator><creatorcontrib>Brustoloni, Jose Carlos</creatorcontrib><description>We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an attack by the instructor. Students then learn how to use open-source defense tools appropriate for the role they are playing and the attack at hand. Threats covered include eavesdropping, dictionary, man-in-the-middle, port scanning, and fingerprinting attacks. Defense skills gained by students include how to forward ports with OpenSSH, how to prevent weak passwords with CrackLib, how to salt passwords, how to set up a simple certifying authority, issue and verify certificates, and guarantee communication confidentiality and integrity using OpenSSL, and how to set up firewalls and IPsec-based virtual private networks. At two separate offerings, tests taken before and after each experiment showed that each has a statistically significant and large effect on students' learning. Moreover, surveys show that students finish the sequence of experiments with high interest in further studies and work in the area of security. These results suggest that the experiments are well-suited for introductory security or networking courses.</description><identifier>ISSN: 1531-4278</identifier><identifier>EISSN: 1531-4278</identifier><identifier>DOI: 10.1145/1248453.1248458</identifier><language>eng</language><publisher>Association for Computing Machinery</publisher><subject>College Students ; Computer Networks ; Computer Security ; Confidentiality ; Integrity ; Internet ; Laboratory Experiments ; Role Playing ; Safety ; Student Interests ; Surveys ; Technological Literacy</subject><ispartof>Journal on educational resources in computing, 2006-12, Vol.6 (4), p.5</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c208t-73aba36d5a53d97b3d965f00442a4491796294a9eecbca19a3b8e9a91f9cb4363</citedby><cites>FETCH-LOGICAL-c208t-73aba36d5a53d97b3d965f00442a4491796294a9eecbca19a3b8e9a91f9cb4363</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27903,27904</link.rule.ids><backlink>$$Uhttp://eric.ed.gov/ERICWebPortal/detail?accno=EJ966217$$DView record in ERIC$$Hfree_for_read</backlink></links><search><creatorcontrib>Brustoloni, Jose Carlos</creatorcontrib><title>Laboratory Experiments for Network Security Instruction</title><title>Journal on educational resources in computing</title><description>We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an attack by the instructor. Students then learn how to use open-source defense tools appropriate for the role they are playing and the attack at hand. Threats covered include eavesdropping, dictionary, man-in-the-middle, port scanning, and fingerprinting attacks. Defense skills gained by students include how to forward ports with OpenSSH, how to prevent weak passwords with CrackLib, how to salt passwords, how to set up a simple certifying authority, issue and verify certificates, and guarantee communication confidentiality and integrity using OpenSSL, and how to set up firewalls and IPsec-based virtual private networks. At two separate offerings, tests taken before and after each experiment showed that each has a statistically significant and large effect on students' learning. Moreover, surveys show that students finish the sequence of experiments with high interest in further studies and work in the area of security. These results suggest that the experiments are well-suited for introductory security or networking courses.</description><subject>College Students</subject><subject>Computer Networks</subject><subject>Computer Security</subject><subject>Confidentiality</subject><subject>Integrity</subject><subject>Internet</subject><subject>Laboratory Experiments</subject><subject>Role Playing</subject><subject>Safety</subject><subject>Student Interests</subject><subject>Surveys</subject><subject>Technological Literacy</subject><issn>1531-4278</issn><issn>1531-4278</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2006</creationdate><recordtype>article</recordtype><recordid>eNpNkDFPwzAUhC0EEqUwszBkYkvrF9txPKKqQFEEAzBHL64jBdI42I4g_55UiRDLuzd8d9IdIddAVwBcrCHhGRdsNWl2QhYgGMQ8kdnpv_-cXHj_QSkwyuiCyBxL6zBYN0Tbn864-mDa4KPKuujZhG_rPqNXo3tXhyHatT64XofatpfkrMLGm6tZl-T9fvu2eYzzl4fd5i6PdUKzEEuGJbJ0L1CwvZLleFJRUcp5gpwrkCpNFEdljC41gkJWZkahgkrpkrOULcntlNs5-9UbH4pD7bVpGmyN7X3BqBIUZDaC6wnUznrvTFV0Yxd0QwG0OA5UzAPNenTcTI6xtP6jt08qTROQ7BcMkmFR</recordid><startdate>200612</startdate><enddate>200612</enddate><creator>Brustoloni, Jose Carlos</creator><general>Association for Computing Machinery</general><scope>7SW</scope><scope>BJH</scope><scope>BNH</scope><scope>BNI</scope><scope>BNJ</scope><scope>BNO</scope><scope>ERI</scope><scope>PET</scope><scope>REK</scope><scope>WWN</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope></search><sort><creationdate>200612</creationdate><title>Laboratory Experiments for Network Security Instruction</title><author>Brustoloni, Jose Carlos</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c208t-73aba36d5a53d97b3d965f00442a4491796294a9eecbca19a3b8e9a91f9cb4363</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2006</creationdate><topic>College Students</topic><topic>Computer Networks</topic><topic>Computer Security</topic><topic>Confidentiality</topic><topic>Integrity</topic><topic>Internet</topic><topic>Laboratory Experiments</topic><topic>Role Playing</topic><topic>Safety</topic><topic>Student Interests</topic><topic>Surveys</topic><topic>Technological Literacy</topic><toplevel>online_resources</toplevel><creatorcontrib>Brustoloni, Jose Carlos</creatorcontrib><collection>ERIC</collection><collection>ERIC (Ovid)</collection><collection>ERIC</collection><collection>ERIC</collection><collection>ERIC (Legacy Platform)</collection><collection>ERIC( SilverPlatter )</collection><collection>ERIC</collection><collection>ERIC PlusText (Legacy Platform)</collection><collection>Education Resources Information Center (ERIC)</collection><collection>ERIC</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>Journal on educational resources in computing</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Brustoloni, Jose Carlos</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><ericid>EJ966217</ericid><atitle>Laboratory Experiments for Network Security Instruction</atitle><jtitle>Journal on educational resources in computing</jtitle><date>2006-12</date><risdate>2006</risdate><volume>6</volume><issue>4</issue><spage>5</spage><pages>5-</pages><issn>1531-4278</issn><eissn>1531-4278</eissn><abstract>We describe a sequence of five experiments on network security that cast students successively in the roles of computer user, programmer, and system administrator. Unlike experiments described in several previous papers, these experiments avoid placing students in the role of attacker. Each experiment starts with an in-class demonstration of an attack by the instructor. Students then learn how to use open-source defense tools appropriate for the role they are playing and the attack at hand. Threats covered include eavesdropping, dictionary, man-in-the-middle, port scanning, and fingerprinting attacks. Defense skills gained by students include how to forward ports with OpenSSH, how to prevent weak passwords with CrackLib, how to salt passwords, how to set up a simple certifying authority, issue and verify certificates, and guarantee communication confidentiality and integrity using OpenSSL, and how to set up firewalls and IPsec-based virtual private networks. At two separate offerings, tests taken before and after each experiment showed that each has a statistically significant and large effect on students' learning. Moreover, surveys show that students finish the sequence of experiments with high interest in further studies and work in the area of security. These results suggest that the experiments are well-suited for introductory security or networking courses.</abstract><pub>Association for Computing Machinery</pub><doi>10.1145/1248453.1248458</doi><tpages>0</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1531-4278 |
| ispartof | Journal on educational resources in computing, 2006-12, Vol.6 (4), p.5 |
| issn | 1531-4278 1531-4278 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_30950178 |
| source | ACM Digital Library Complete |
| subjects | College Students Computer Networks Computer Security Confidentiality Integrity Internet Laboratory Experiments Role Playing Safety Student Interests Surveys Technological Literacy |
| title | Laboratory Experiments for Network Security Instruction |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-27T22%3A19%3A34IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Laboratory%20Experiments%20for%20Network%20Security%20Instruction&rft.jtitle=Journal%20on%20educational%20resources%20in%20computing&rft.au=Brustoloni,%20Jose%20Carlos&rft.date=2006-12&rft.volume=6&rft.issue=4&rft.spage=5&rft.pages=5-&rft.issn=1531-4278&rft.eissn=1531-4278&rft_id=info:doi/10.1145/1248453.1248458&rft_dat=%3Cproquest_cross%3E30950178%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=30950178&rft_id=info:pmid/&rft_ericid=EJ966217&rfr_iscdi=true |