Evaluation of the Offensive Approach in Information Security Education

Abstract : There is a tendency in information security education at universities to not only teach protection measures but also attack techniques. Increasingly more universities offer hands-on labs, where students can experience both the attackers' and the administrators' view. Getting to know the attackers' view is thought to lead to a better understanding of information security and its problems compared to teaching only strategies for defense. The paper analyzes the situation of information security education at German and international universities. We present a method to measure knowledge in information security and - using this method in an empirical study - evaluate the offensive teaching approach. Analysis of the empirical data gathered in the study shows a tendency in favor of the offensive approach compared to the classic defensive security education.
Document type :
Conference papers
Liste complète des métadonnées

Cited literature [16 references]  Display  Hide  Download

https://hal.inria.fr/hal-01054517
Contributor : Hal Ifip <>
Submitted on : Thursday, August 7, 2014 - 11:56:16 AM
Last modification on : Friday, August 11, 2017 - 11:12:37 AM
Document(s) archivé(s) le : Wednesday, November 26, 2014 - 1:33:27 AM

File

17-Paper-206-Evaluation_of_the...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Martin Mink, Rainer Greifeneder. Evaluation of the Offensive Approach in Information Security Education. 25th IFIP TC 11 International Information Security Conference (SEC) / Held as Part of World Computer Congress (WCC), Sep 2010, Brisbane, Australia. pp.203-214, ⟨10.1007/978-3-642-15257-3_18⟩. ⟨hal-01054517⟩

Share

Metrics

Record views

282

Files downloads

305