Using a CTF Activity to Teach Cloud and Web Security Coffman, Joel Romano, Zachary Windsor, Jennifer Vanderpol, Mathew 2021-12-24T17:25:46Z 2021-12-24T17:25:46Z 2022-01-04
dc.description.abstract While cloud computing is an attractive option in terms of price, availability, and scalability, cloud consumers must also weigh the security concerns of a cloud environment. In particular, security breaches due to misconfiguration are common, and this prevalence starts with inadequate education and training. Consequently, we incorporated a capture the flag (CTF) activity into an existing course to illuminate the potential pitfalls and consequences of cloud misconfiguration and to encourage participants to protect against such issues in their own applications. In this paper, we report on the effectiveness of the CTF activity to achieve these goals. Our evaluation specifically focuses on participants' interests, self-perceptions, and application of essential security practices (e.g., defensive programming techniques) to defend against common types of attacks. Our results indicate that the CTF activity was perceived favorably by students, but participants performed comparably to their peers on independent assessments, including test questions related to web security and securing a web application developed as part of a course project. We examine these issues and suggest a path forward to address them, particularly by better aligning the CTF activity with the stated course outcomes in conjunction with collecting additional data in future semesters.
dc.format.extent 10 pages
dc.identifier.doi 10.24251/HICSS.2022.129
dc.identifier.isbn 978-0-9981331-5-7
dc.language.iso eng
dc.relation.ispartof Proceedings of the 55th Hawaii International Conference on System Sciences
dc.rights Attribution-NonCommercial-NoDerivatives 4.0 International
dc.subject Industry, Quality, and Social Issues (IQSI)
dc.subject capture the flag (ctf)
dc.subject cloud security
dc.subject education
dc.title Using a CTF Activity to Teach Cloud and Web Security
dc.type.dcmi text
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
319.29 KB
Adobe Portable Document Format