Teaching students to hack

Pashel, Brian A.

doi:10.1145/1231047.1231088

Cited by 22 publications

(3 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Ide dibalik mengajarkan metode hacking pada tingkat universitas adalah mengajarkan bagaimana melindungi aset data calon organisasi yang akan merekrut. Perdebatan mengenai mengajarkan hacking kepada siswa selalu ada karena mereka mungkin menggunakan kemampuannya untuk memperkuat keamanan jaringan dan berbagai keuntungan serta kebaikan lainnya bagi organisasi perekrut, atau menggunakan kemampuannya secara negatif atau dengan cara ilegal [14]. Siswa berpotensi untuk menggunakan teknik yang telah dipelajari secara tidak bertanggung jawab, tidak tepat atau dengan cara ilegal yang dapat dianggap oleh pengajar keamanan sebagai hal yang tidak etis dan tidak bertanggung jawab secara sosial [6].…”

Section: Mengajarkan Ethical Hackingunclassified

Peran Ethical Hacking Dalam Memerangi Cyberthreats

Fitroh,

Sugiantoro

2023

oai

View full text Add to dashboard Cite

Upaya digitalisasi dan optimalisasi berbagai hal dalam dunia modern tentunya akan menyoroti berbagai isu yang berkaitan dengan cybersecurity seperti pelanggaran data, pelanggaran keamanan, dan sebagainya. Ethical hacking dan kebutuhannya di masa mendatang tidak dapat dihindari. Teknologi ethical hacking menyebar hampir dalam setiap aspek kehidupan, terutama industri komputer yang membutuhkan perlindungan terhadap data penting dan harus ditangani dengan teknologi yang tepat. Ethical hacking bertujuan menemukan kelemahan dalam sistem keamanan dan menemukan kemungkinan potensi pelanggaran data. Hal ini kontras dengan pengertian hacking yang umum beredar di masyarakat yaitu black hat hackers yang merusak sistem dengan niat jahat dan mencuri data serta menanamkan virus. Ethical hacking merupakan cara untuk memerangi dan menetralkan black hat hackers. Mengajarkan ethical hacking merupakan mempersiapkan professional dalam bidang keamanan informasi dengan alat dan keahlian untuk memerangi serta mencegah ancaman cybersecurity. Mengajarkan orang yang belum berpengalaman dalam keamanan informasi dengan metode yang agresif dapat dipandang sebagai hal yang baik maupun buruk. Hal ini disebabkan oleh metode yang sama digunakan oleh hacker jahat sehingga mendidik professional dalam keamanan informasi dapat dianggap menambah hacker jahat. Menggunakan metode studi literatur, artikel ini membahas berbagai hal yang berkaitan dengan ethical hacking.

show abstract

Section: Mengajarkan Ethical Hackingunclassified

Peran Ethical Hacking Dalam Memerangi Cyberthreats

Fitroh,

Sugiantoro

2023

oai

View full text Add to dashboard Cite

show abstract

“…Assim os autores consideraram que as intenções dos ataques realizados pelos alunos não eram maliciosas. [Pashel 2006] sugere que além de uma formação ética para os alunos, é necessário mostrar as consequências no âmbito legal sobre o que acontece quando o aluno utiliza de forma ilícita as técnicas aprendidas em sala de aula. [Hartley 2016] demonstra que apesar da possibilidade de alguns alunos fazerem mal uso do conhecimento adquirido, os benefícios alcançados pelos alunos que utilizam os conhecimentos para fins éticos podem compensar eventuais prejuízos.…”

Section: Educação E Hackingunclassified

WebGoat Plus: Uma Extensão da Ferramenta WebGoat

Bizon¹,

Justino²

2021

Anais Estendidos Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg Estendido 2021)

View full text Add to dashboard Cite

Atividades práticas de exploração de vulnerabilidades podem trazer um melhor entendimento ao aluno sobre falhas de segurança. Assim, o presente artigo se propôs a disponibilizar uma extensão à aplicação WebGoat que permita o aprendizado prático sobre a vulnerabilidade OS Injection. Neste trabalho foram realizados testes com nove alunos que utilizaram e avaliaram a aplicação. Ao avaliar a quantidade de atividades concluídas foi percebido que 80% dos alunos resolveram ao menos 60% das atividades. Quanto a satisfação dos usuários 88% deles recomendariam a aplicação para um terceiro. Sendo assim, é possível concluir que a aplicação contribuiu no ensino da vulnerabilidade OS Injection.

show abstract

“…None of above designs, however, present a suite of labs for an EH course. There are also rich studies that address various aspects of EH (e.g., student red-teaming experiences [5], penetration testing architecture [7], EH certification course analysis [16], legal and ethical issues with EH [14,18,21]), but they do not explicitly address the choices and organization of topics in an EH course (i.e., the second challenge).…”

Section: Introductionmentioning

confidence: 99%

Developing an Undergraduate Course Curriculum for Ethical Hacking

Wang

McCoey

2020

Proceedings of the 21st Annual Conference on Information Technology Education

View full text Add to dashboard Cite

An Ethical Hacking (EH) course not only is a critical component for a Cybersecurity program but also an essential preparation for CS/IT majors towards career paths as security professionals. We face two major challenges when developing an undergraduate EH course, including the setup and choice of the lab design, and the choice and organization of covered topics for this course. On one hand, we have limited space, budget and technical support for a course that relies heavily on hands-on exercises. Given the nature of this course, the lab activities are often "offensive" and lab operations demand administrative privileges, which cause compliance issues with the university's IT policies. On the other hand, given the vast variety of topics and the fast pace of the field, it is difficult to select and organize an essential set of knowledge units to ensure that students are exposed to current technologies and prepared to be industry-ready. We adopt two major design principles to address these challenges correspondingly. First, our choice of a hybrid Virtual Machine (VM)-based and Web-based labs provides students the full set of privileges to perform lab activities without posing threats to the campus network. The Web-based labs remove high cost of hardware and avoid overwhelming installations and configurations for the lab. Second, given the diversity of topics and fast developments in this field, we choose topics based on four criteria: representative, current, certification-related, and foundations for other covered concepts. The chosen topics are aligned with three EH certificates, and organized into twelve modules with clear intermodule and intra-module logic. This paper details the curriculum of this EH course and elaborates how our design principles are entailed in the course.

show abstract

Teaching students to hack

Cited by 22 publications

References 2 publications

Peran Ethical Hacking Dalam Memerangi Cyberthreats

Peran Ethical Hacking Dalam Memerangi Cyberthreats

WebGoat Plus: Uma Extensão da Ferramenta WebGoat

Developing an Undergraduate Course Curriculum for Ethical Hacking

Contact Info

Product

Resources

About