• DocumentCode
    694325
  • Title

    Research on developing a lab environment for cross site request forgery: Attack and defense education in higher vocational colleges

  • Author

    Huangcun Zeng

  • Author_Institution
    Dept. of Inf. Technol., Guangdong Teachers´ Coll. of Foreign Language & Arts, Guangzhou, China
  • fYear
    2013
  • fDate
    12-13 Oct. 2013
  • Firstpage
    56
  • Lastpage
    60
  • Abstract
    Cross Site Request Forgery (CSRF) is among the most exploited Web security vulnerabilities. Yet it has received comparatively less attention. It´s a must for Web site administrators to protect their Web sites from CSRF attacks. In order to let the students master the attack and defense skills of CSRF, it´s essential to let them have the opportunity to truly practice the attacks as hackers do, and to practice the defenses as web site administrators do. Yet we haven´t seen much research done in the area of developing lab environments to facilitate CSRF education in higher vocational colleges. In this paper, we have shown how teachers in higher vocational colleges can develop a simple lab environment for CSRF attack and defense education. We believe that the developed lab environment will facilitate the education of CSRF attack and defense. And we suggest that a lot more researches need to be done in the area of developments of attack and defense lab environments to improve the outcomes of network security education in higher vocational colleges.
  • Keywords
    Web sites; computer network security; computer science education; educational institutions; vocational training; CSRF attack and defense education; CSRF attacks; Web security vulnerabilities; Web site administrators; Web site protection; attack and defense lab environments; attack and defense skills; cross-site request forgery; higher vocational colleges; lab environment development; network security education; Communication networks; Computer hacking; Computers; Educational institutions; Web sites; attack; cross site request forgery; defense; higher vocational college; lab environment; network security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Science and Network Technology (ICCSNT), 2013 3rd International Conference on
  • Conference_Location
    Dalian
  • Type

    conf

  • DOI
    10.1109/ICCSNT.2013.6967063
  • Filename
    6967063