theme image
Webseclab security education workbenchWebseclab security education workbench
  1. publications
  2. web security

Webseclab security education workbench

Available Media

Publication (Pdf)

Slides (pdf)

ConferenceCyber Security Experimentation and Test (CEST) - 2010
AuthorsElie Bursztein , Baptiste Gourdin , Celine Fabry ,
Citation

Bibtex Citation

@inproceedings{ BURSZTEIN2010WEBSECLAB,title = {Webseclab security education workbench},author = {"Elie, Bursztein" and "Baptiste, Gourdin" and "Celine, Fabry" and "Jason, Bau" and "Gustav, Rydstedt" and "Hristo, Bojinov" and "Dan, Boneh" and "John C., Mitchell"},booktitle = {Cyber Security Experimentation and Test},year = {2010},organization = {Usenix}}

We have developed and tested a virtual-machine-based web-application security student laboratory, Webseclab, comprising a LAMP (Linux, Apache, MySQL, PHP) stack, a variety of development tools, and the three most popular browsers for the Linux platform. This environment, tested in weekly participatory labs and weekly homework, hosts a teaching framework, exercise sets and labs, and a sandboxed student development environment. Eighty incremental exercises based on recent security research, and challenge projects, including one based on real open-source applications, teach the major web application vulnerabilities and defenses, in an encapsulated environment that allows students to experiment freely without interfering with each other or with public networks. In contrast to problems experienced with hands-on projects used in previous years, student response to this platform and its contained exercises has been remarkably positive.

Recent

newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.