Just reading the news is enough to understand how critical cybersecurity and cybersecurity-education have become. Many job positions remain unfilled due to a shortage of a skilled workforce, and universities have opened courses on cybersecurity-related topics to keep up with market demands. In turn, educators are reshaping their educational material and activities to cover both the standard theory of the field and the practice. However, organizing hands-on cybersecurity training is laborious and time consuming. We present Chad, a tool we developed to support instructors in the development and deployment of practical cybersecurity exercises. Chad, an open-source project written in Python, allows teachers to generate multiple different instances of an exercise, guaranteeing that they all share the same difficulty and require the same knowledge to be solved. Our tool also supports the testing of generated exercises, and their deployment, by leveraging technologies like Docker, Wireguard and iptables. Chad has been integrated with Github classroom and field-tested, during a.y. 2021/2022, in the context of a university course on binary analysis. However, its adoption is not limited to such topics or formal education. Indeed, the Github repository contains examples of reversingengineering challenges for Linux and Windows, and a simple web challenge.
Automatic Challenge Generation for Hands-on Cybersecurity Training
Lagorio, Giovanni;Ribaudo, Marina
2022-01-01
Abstract
Just reading the news is enough to understand how critical cybersecurity and cybersecurity-education have become. Many job positions remain unfilled due to a shortage of a skilled workforce, and universities have opened courses on cybersecurity-related topics to keep up with market demands. In turn, educators are reshaping their educational material and activities to cover both the standard theory of the field and the practice. However, organizing hands-on cybersecurity training is laborious and time consuming. We present Chad, a tool we developed to support instructors in the development and deployment of practical cybersecurity exercises. Chad, an open-source project written in Python, allows teachers to generate multiple different instances of an exercise, guaranteeing that they all share the same difficulty and require the same knowledge to be solved. Our tool also supports the testing of generated exercises, and their deployment, by leveraging technologies like Docker, Wireguard and iptables. Chad has been integrated with Github classroom and field-tested, during a.y. 2021/2022, in the context of a university course on binary analysis. However, its adoption is not limited to such topics or formal education. Indeed, the Github repository contains examples of reversingengineering challenges for Linux and Windows, and a simple web challenge.File | Dimensione | Formato | |
---|---|---|---|
Automatic_Challenge_Generation_for_Hands-on_Cybersecurity_Training.pdf
accesso chiuso
Descrizione: Contributo in atti di convegno
Tipologia:
Documento in Post-print
Dimensione
170.1 kB
Formato
Adobe PDF
|
170.1 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.