Training Students to Steal: A Practical Assignment in Computer Security Education

Share/Save/Bookmark

Dimkov, Trajce and Pieters, Wolter and Hartel, Pieter (2010) Training Students to Steal: A Practical Assignment in Computer Security Education. In: 42nd ACM Technical Symposium on Computer Science Education, SIGCSE’11, March 9-12, 2011, Dallas, Texas, USA.

[img] PDF (Publisher's version)
Restricted to UT campus only
: Request a copy
870kB
[img] PDF (Author version with appendixes)
Restricted to UT campus only
: Request a copy
880kB
Abstract:Practical courses in information security provide students with first-hand knowledge of technical security mechanisms and their weaknesses.
However, teaching students only the technical side of information security leads to a generation of students that emphasize digital solutions, but ignore the physical and the social aspects of security. In the last two years we devised a course where students were given a practical assignment which includes a combination of physical security, social engineering and digital penetration testing. As part of the course, the students stole laptops using social engineering from unaware employees throughout the university campus. The assignment provided the students with a practical overview of security and increased their awareness of the strengths and weaknesses of security mechanisms. In this paper we present the design of the practical assignment and the observations from the execution.
Item Type:Conference or Workshop Item
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/74582
Conference URL:http://www.sigcse.org/sigcse2011/
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page