Part of the book series:IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 674))
Included in the following conference series:
955Accesses
Abstract
In this paper, we report on designing and deploying an on-campus, highly practical ethical hacking course using the foundation of Kungl. Tekniska Högskolan’s (KTH) existing, well-established, distance-based course. We explain our course organization, structure, and delivery and present the students’ formative and summative feedback and their results. Moreover, we justify the choice of our platform, a customgcp-based cyber range with twelve capture the flag exercises designed for an online ethical hacking course, and how our on-campus course was implemented around it. Our ethical hacking course is organized around ten mandatory lectures, seven flag reports and three lectures on ethics, two demonstrations, and four guest lectures. The student evaluation is continuous and based on the flags captured. Our collected data indicates the amount of effort spent on each exercise, the used hints, and for how long most of the students were actively solving the exercises. The students’ feedback indicates they were overwhelmingly satisfied with the course elements and teaching staff. Finally, we propose changes to elements of our ethical hacking course. The course was delivered at Karlstad University over nine weeks between January and March 2023 for 24 students.
This is a preview of subscription content,log in via an institution to check access.
Access this chapter
Subscribe and save
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
Buy Now
- Chapter
- JPY 3498
- Price includes VAT (Japan)
- eBook
- JPY 13727
- Price includes VAT (Japan)
- Softcover Book
- JPY 17159
- Price includes VAT (Japan)
- Hardcover Book
- JPY 17159
- Price includes VAT (Japan)
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
- 4.
https://darknetdiaries.com/, episodes 47, 49, 82, 87, and 88.
- 5.
- 6.
TheErasmus students do not receive the link.
- 7.
References
Blankenship, L.: The conscience of a hacker. Phrack1(7) (1986)
Fischer-Hübner, S., et al.: A MOOC on privacy by design and the GDPR. In: Drevin, L., Theocharidou, M. (eds.) WISE 2018. IAICT, vol. 531, pp. 95–107. Springer, Cham (2018).https://doi.org/10.1007/978-3-319-99734-6_8
Friedl, S., Glas, M., Englbrecht, L., Böhm, F., Pernul, G.: ForCyRange: an educational IoT cyber range for live digital forensics. In: Drevin, L., Miloslavskaya, N., Leung, W.S., von Solms, S. (eds.) WISE 2022. IFIPAICT, vol. 650, pp. 77–91. Springer, Cham (2022).https://doi.org/10.1007/978-3-031-08172-9_6
Kakouros, N., Johnson, P., Lagerström, R.: Detecting plagiarism in penetration testing education. In: Nordsec, 25th Nordic Conference on Secure IT Systems (2020)
Krathwohl, D.: A revision of bloom’s taxonomy: an overview. Theory Pract.41(4), 212–218 (2002)
KTH: Course Information (2023).https://www.kth.se/cs/nse/studies/online-course-in-ethical-hacking-7-5-hp/course-information-1.819016. Accessed 24 Mar 2023
Levy, S.: Hackers: Heroes of the Computer Revolution, vol. 14. Anchor Press, Doubleday Garden City (1984)
Lindskog, S., Hedbom, H., Martucci, L.A., Fischer-Hübner, S.: Experiences from educating practitioners in vulnerability analysis. In: Futcher, L., Dodge, R. (eds.) WISE 2007. IAICT, vol. 237, pp. 73–80. Springer, New York (2007).https://doi.org/10.1007/978-0-387-73269-5_10
Mason, R.O.: Applying ethics to information technology issues. Commun. ACM38(12), 55–57 (1995)
Tucker, B., Stronge, J.: Linking teacher evaluation and student learning. Association for Supervision and Curriculum Development (2005)
Acknowledgements
We thank Pontus Jonhson, Nikolaos Kakouros, and Sotirios Katsikeas fromkth for sharing their cyber range and invaluable expertise and guidance. Additionally, we are grateful for the support of our colleague Tobias Vehkajärvi. Our ethical hacking course was influenced, in part, by our experience in developing courses on vulnerability analysis andmoocs [2,8].
Author information
Authors and Affiliations
Karlstad University, Karlstad, Sweden
Leonardo A. Martucci, Jonathan Magnusson & Mahdi Akil
- Leonardo A. Martucci
You can also search for this author inPubMed Google Scholar
- Jonathan Magnusson
You can also search for this author inPubMed Google Scholar
- Mahdi Akil
You can also search for this author inPubMed Google Scholar
Corresponding author
Correspondence toLeonardo A. Martucci.
Editor information
Editors and Affiliations
University of Nottingham, Nottingham, UK
Steven Furnell
University of Plymouth, Plymouth, UK
Nathan Clarke
Rights and permissions
Copyright information
© 2023 IFIP International Federation for Information Processing
About this paper
Cite this paper
Martucci, L.A., Magnusson, J., Akil, M. (2023). On-Campus Hands-On Ethical Hacking Course. In: Furnell, S., Clarke, N. (eds) Human Aspects of Information Security and Assurance. HAISA 2023. IFIP Advances in Information and Communication Technology, vol 674. Springer, Cham. https://doi.org/10.1007/978-3-031-38530-8_7
Download citation
Published:
Publisher Name:Springer, Cham
Print ISBN:978-3-031-38529-2
Online ISBN:978-3-031-38530-8
eBook Packages:Computer ScienceComputer Science (R0)
Share this paper
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative
