Title :
Helping Students 0wn Their Own Code
Author :
Locasto, Michael E.
Author_Institution :
George Mason Univ., Fairfax, VA
Abstract :
It´s a difficult mental exercise to simultaneously envision how a system could be forced to fail while you´re busy designing how it´s meant to work. At George Mason University, instructors give their students practice at this skill by requiring them to write attack scripts for all their assignments. Creating an attack script is a mental exercise for the student in which they align themselves with an attacker´s perspective to formulate a structured plan of attack: a series of tasks and experiments that gain information about the internal state of the probed system. The purpose of this exercise is to help the student nurture a mindset in which they can appreciate how systems might be attacked in all their aspects, from design and implementation to runtime configuration.
Keywords :
computer science education; software engineering; George Mason University; software engineering professionals; Certification; Computer errors; Computer science; Education; Java; Reflection; Robustness; Runtime; Software systems; Writing; Education; attack scripts; coding; privacy; security;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2009.66
