Webseclab security education workbench

Elie Bursztein; Baptiste Gourdin; Celine Fabry; Jason Bau; Gustav Rydstedt; Hristo Bojinov; Dan Boneh; John C. Mitchell

We have developed and tested a virtual-machine-based web-application security student laboratory, Webseclab, comprising a LAMP (Linux, Apache, MySQL, PHP) stack, a variety of development tools, and the three most popular browsers for the Linux platform. This environment, tested in weekly participatory labs and weekly homework, hosts a teaching framework, exercise sets and labs, and a sandboxed student development environment. Eighty incremental exercises based on recent security research, and challenge projects, including one based on real open-source applications, teach the major web application vulnerabilities and defenses, in an encapsulated environment that allows students to experiment freely without interfering with each other or with public networks. In contrast to problems experienced with hands-on projects used in previous years, student response to this platform and its contained exercises has been remarkably positive.

Available Media	Publication (Pdf) Slides (pdf)
Conference	Cyber Security Experimentation and Test (CEST) - 2010
Authors	Elie Bursztein , Baptiste Gourdin , Celine Fabry , Jason Bau , Gustav Rydstedt , Hristo Bojinov , Dan Boneh , John C. Mitchell
Citation	Bibtex Citation @inproceedings{ BURSZTEIN2010WEBSECLAB,title = {Webseclab security education workbench},author = {"Elie, Bursztein" and "Baptiste, Gourdin" and "Celine, Fabry" and "Jason, Bau" and "Gustav, Rydstedt" and "Hristo, Bojinov" and "Dan, Boneh" and "John C., Mitchell"},booktitle = {Cyber Security Experimentation and Test},year = {2010},organization = {Usenix}}

Recent

AI for Cybersecurity: Get Started Today

AI Security: Top 5 Recommendations To Get Started Today

Generalized Power Attacks against Crypto Hardware using Long-Range Deep Learning

Get cutting edge research directly in your inbox.