Teaching Security Using Hands-on Exercises in 2015 (Abstract Only)

We see teaching cybersecurity through hands-on, interactive exercises as a way to engage students. Some of the exercises that we have seen require significant preparation on the part of the instructor. Having a community makes it easier to share exercises, knowing what works and what problems students and instructors have encountered. The purpose of this BOF is to bring together instructors who have developed hands-on exercises, those who have used them and those who would like to. We recognize that few CS programs can afford new required courses, so we will discuss ways to integrate security-related exercises into existing ones. This could include networking, OS, computer architecture, programming languages, software engineering, algorithms and programming. The questions we will ask are, "What exercises have you tried? What are your experiences? What are you looking for?"

Recent hiring forecasts indicate that there is still a tremendous need for skilled information security experts. Security is one of the core areas in the ACM/IEEE COMPUTER SCIENCE 2013 Curricula. It is particularly important to share stories from the classroom (what worked and what didn't), discuss ethical hacking, and discuss how to teach analytical skills. We plan to share experiences, practices and ongoing efforts, including our own (e.g., our teaching experiences, the SISMAT program, Security Injections, the Seattle Platform, the Security Knitting Kit project, EDURange and the dissemination of infosec interactive exercises).