theme image
Webseclab security education workbench Webseclab security education workbench
  1. publications
  2. web security

Webseclab security education workbench

Available Media

Publication (Pdf)

Slides (pdf)

Conference Cyber Security Experimentation and Test
Authors Elie Bursztein , Baptiste Gourdin , Celine Fabry ,

Bibtex Citation

@inproceedings{ BURSZTEIN2010WEBSECLAB,title = {Webseclab security education workbench},author = {"Elie, Bursztein" and "Baptiste, Gourdin" and "Celine, Fabry" and "Jason, Bau" and "Gustav, Rydstedt" and "Hristo, Bojinov" and "Dan, Boneh" and "John C., Mitchell"},booktitle = {Cyber Security Experimentation and Test},year = {2010},organization = {Usenix}}

We have developed and tested a virtual-machine-based web-application security student laboratory, Webseclab, comprising a LAMP (Linux, Apache, MySQL, PHP) stack, a variety of development tools, and the three most popular browsers for the Linux platform. This environment, tested in weekly participatory labs and weekly homework, hosts a teaching framework, exercise sets and labs, and a sandboxed student development environment. Eighty incremental exercises based on recent security research, and challenge projects, including one based on real open-source applications, teach the major web application vulnerabilities and defenses, in an encapsulated environment that allows students to experiment freely without interfering with each other or with public networks. In contrast to problems experienced with hands-on projects used in previous years, student response to this platform and its contained exercises has been remarkably positive.


newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.