{"title":"大学生社会工程夺旗比赛","authors":"Aunshul Rege, Rachel Bleiman","doi":"10.1109/eCrime54498.2021.9738746","DOIUrl":null,"url":null,"abstract":"Social engineering (SE) is an essential, yet often over-looked, field within cybersecurity, particularly in the context of education, training, and awareness. While there are investments in cybersecurity education programs, they tend to have a primarily technical focus, including within classroom curricula and Capture the Flag (CTF) competitions. Because the current technical CTFs do not emphasize the relevance of the human-socio-psychological aspects of cyberattacks and cybersecurity, the researchers organized and hosted a Collegiate SECTF grounded in the social sciences, which offered a timely and unique platform for students to learn about social engineering topics, such as OSINT, phishing, and vishing, in a hands-on, engaging, and ethical manner. This paper details the planning and logistics of the virtual SECTF event which took place October 2020 at Temple University and hosted 6 teams of undergraduate students from across the world. Students’ experiences while participating in this event are described in detail, with insight on teams’ preparations, group formation and dynamics, strategies and adaptations, learning benefits, and thoughts on each individual flag. The success and positive student responses from the inaugural SECTF provide a proof of concept, demonstrating that experiential learning can be used to teach students about SE.","PeriodicalId":228129,"journal":{"name":"2021 APWG Symposium on Electronic Crime Research (eCrime)","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Collegiate Social Engineering Capture the Flag Competition\",\"authors\":\"Aunshul Rege, Rachel Bleiman\",\"doi\":\"10.1109/eCrime54498.2021.9738746\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Social engineering (SE) is an essential, yet often over-looked, field within cybersecurity, particularly in the context of education, training, and awareness. While there are investments in cybersecurity education programs, they tend to have a primarily technical focus, including within classroom curricula and Capture the Flag (CTF) competitions. Because the current technical CTFs do not emphasize the relevance of the human-socio-psychological aspects of cyberattacks and cybersecurity, the researchers organized and hosted a Collegiate SECTF grounded in the social sciences, which offered a timely and unique platform for students to learn about social engineering topics, such as OSINT, phishing, and vishing, in a hands-on, engaging, and ethical manner. This paper details the planning and logistics of the virtual SECTF event which took place October 2020 at Temple University and hosted 6 teams of undergraduate students from across the world. Students’ experiences while participating in this event are described in detail, with insight on teams’ preparations, group formation and dynamics, strategies and adaptations, learning benefits, and thoughts on each individual flag. The success and positive student responses from the inaugural SECTF provide a proof of concept, demonstrating that experiential learning can be used to teach students about SE.\",\"PeriodicalId\":228129,\"journal\":{\"name\":\"2021 APWG Symposium on Electronic Crime Research (eCrime)\",\"volume\":\"66 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 APWG Symposium on Electronic Crime Research (eCrime)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/eCrime54498.2021.9738746\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 APWG Symposium on Electronic Crime Research (eCrime)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/eCrime54498.2021.9738746","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Collegiate Social Engineering Capture the Flag Competition
Social engineering (SE) is an essential, yet often over-looked, field within cybersecurity, particularly in the context of education, training, and awareness. While there are investments in cybersecurity education programs, they tend to have a primarily technical focus, including within classroom curricula and Capture the Flag (CTF) competitions. Because the current technical CTFs do not emphasize the relevance of the human-socio-psychological aspects of cyberattacks and cybersecurity, the researchers organized and hosted a Collegiate SECTF grounded in the social sciences, which offered a timely and unique platform for students to learn about social engineering topics, such as OSINT, phishing, and vishing, in a hands-on, engaging, and ethical manner. This paper details the planning and logistics of the virtual SECTF event which took place October 2020 at Temple University and hosted 6 teams of undergraduate students from across the world. Students’ experiences while participating in this event are described in detail, with insight on teams’ preparations, group formation and dynamics, strategies and adaptations, learning benefits, and thoughts on each individual flag. The success and positive student responses from the inaugural SECTF provide a proof of concept, demonstrating that experiential learning can be used to teach students about SE.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
