HELO DarkSide: Breaking Free From Katas and Embracing the Adversarial Mindset in Cybersecurity Education

HELO DarkSide: Breaking Free From Katas and Embracing the Adversarial Mindset in Cybersecurity Education

연구 분야: Strategies

학회: SIGCSE 2022: Proceedings of the 53rd ACM Technical Symposium on Computer Science Education - Volume 1

The pedagogy of cybersecurity education presents an exciting challenge. Although cyber-warfare has existed for nearly four decades, we fail to adequately model the chaos of offensive cyber attacks in the classroom. Instead, coursework focuses on studying choreographed cyber-attack patterns. In this paper, we present an undergraduate cybersecurity course design that balances theoretical learning with an emphasis on exploring offensive tactics, techniques, and procedures. Labs consist of writing payloads and channels to evade detection, cobbling together operating system internals to achieve attack functionality, and developing survivable post-exploitation tools. In the exams, students develop malware capable of avoiding static and dynamic analysis and identify the strategic and tactical flaws that lead to the discovery of highly successful attack campaigns. We believe that sharing this experience will prove valuable for instructors who wish to explore offensive cyber tactics in the classroom.