Evaluation of the Offensive Approach in Information Security Education

Abstract : There is a tendency in information security education at universities to not only teach protection measures but also attack techniques. Increasingly more universities offer hands-on labs, where students can experience both the attackers' and the administrators' view. Getting to know the attackers' view is thought to lead to a better understanding of information security and its problems compared to teaching only strategies for defense. The paper analyzes the situation of information security education at German and international universities. We present a method to measure knowledge in information security and - using this method in an empirical study - evaluate the offensive teaching approach. Analysis of the empirical data gathered in the study shows a tendency in favor of the offensive approach compared to the classic defensive security education.
Type de document :
Communication dans un congrès
Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.203-214, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_18〉
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054517
Contributeur : Hal Ifip <>
Soumis le : jeudi 7 août 2014 - 11:56:16
Dernière modification le : vendredi 11 août 2017 - 11:12:37
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 01:33:27

Fichier

17-Paper-206-Evaluation_of_the...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Martin Mink, Rainer Greifeneder. Evaluation of the Offensive Approach in Information Security Education. Kai Rannenberg; Vijay Varadharajan; Christian Weber. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. Springer, IFIP Advances in Information and Communication Technology, AICT-330, pp.203-214, 2010, Security and Privacy - Silver Linings in the Cloud. 〈10.1007/978-3-642-15257-3_18〉. 〈hal-01054517〉

Partager

Métriques

Consultations de la notice

208

Téléchargements de fichiers

249