Developing and Delivering Hands-On Information Assurance Exercises: Experiences with the Cyber Defense Lab at UMBC

dc.contributor.authorSherman, Alan T.
dc.contributor.authorRoberts, Brian O.
dc.contributor.authorByrd, William E.
dc.contributor.authorBaker, Matthew R.
dc.contributor.authorSimmons, John
dc.date.accessioned2019-03-05T19:46:19Z
dc.date.available2019-03-05T19:46:19Z
dc.date.issued2005-06-10
dc.descriptionWorkshop on Information Assurance and Securityen_US
dc.description.abstractIn summer 2003, we developed four new hands-on information assurance educational exercises for use in the UMBC undergraduate and graduate curricula. Exercise topics comprise buffer overflow attacks, vulnerability scanning, password security and policy, and flaws in the Wired Equivalent Privacy (WEP) protocol. During each exercise, each student carries out structured activities using a laptop from a mobile cart that can be rolled into any classroom. These dedicated, isolated machines permit a student to make mistakes safely, even while acting as the system administrator, without adversely affecting any other user. Each exercise is organized in a modular fashion to facilitate varied use for different courses, levels, and available time. Our experiences delivering these exercises show that practical hands-on activities motivate students and enhance learning. In this paper we describe our exercises and share lessons learned, including the importance of careful planning, ethical considerations, the rapid obsolescence of tools, and the difficulty of including exercises in already busy courses.en_US
dc.description.urihttps://ieeexplore.ieee.org/document/1437823en_US
dc.format.extent8 pagesen_US
dc.genreconference proceedings and papers preprintsen_US
dc.identifierdoi:10.13016/m2gbsj-hlk4
dc.identifier.citationAlan T. Sherman, Brian O. Roberts, William E. Byrd, Matthew R. Baker, John Simmons, Developing and Delivering Hands-On Information Assurance Exercises: Experiences with the Cyber Defense Lab at UMBC, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004., DOI: 10.1109/IAW.2004.1437823en_US
dc.identifier.urihttps://doi.org/10.1109/IAW.2004.1437823
dc.identifier.urihttp://hdl.handle.net/11603/12937
dc.language.isoen_USen_US
dc.publisherIEEEen_US
dc.relation.isAvailableAtThe University of Maryland, Baltimore County (UMBC)
dc.relation.ispartofUMBC Center for Research and Exploration in Space Sciences & Technology II (CRSST II)
dc.relation.ispartofUMBC Computer Science and Electrical Engineering Department
dc.rightsThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
dc.rights©2004 IEEE
dc.subjectbuffer overflowen_US
dc.subjectcomputer security educationen_US
dc.subjectcyber defense exercisesen_US
dc.subjectinformation assurance educationen_US
dc.subjectpassword securityen_US
dc.subjectscanning vulnerabilitiesen_US
dc.subjectUMBC Cyber Defense Laben_US
dc.subjectwired equivalent privacy (WEP)en_US
dc.titleDeveloping and Delivering Hands-On Information Assurance Exercises: Experiences with the Cyber Defense Lab at UMBCen_US
dc.typeTexten_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
ShermanWestpoint2004.pdf
Size:
164.65 KB
Format:
Adobe Portable Document Format
Description:

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2.56 KB
Format:
Item-specific license agreed upon to submission
Description: