Enriching Security Education Hands-on Labs with Practical Exercises

Abstract

It is widely known that learning-by-doing could significantly enhance students' learning in information security. SEED (SEcurity EDucation) labs being developed at Syracuse University can be particularly useful for students to learn security principles. Although the current version of SEED labs is mainly for university education, the labs could be also useful for job seekers and new employees in information security, by adding practical exercises. This paper presents our hands-on labs that could help these people perform more practical, compared to SEED labs, exercises within risk-free environments. Currently, our labs deal with macro malware, vulnerability scanning and mitigation, layer-7 DDoS attacks, and OS fingerprinting. Our labs are designed with the consideration of possible integration with SEED labs.