A framework for teaching network security in academic environments
Purpose ‐ Teaching information systems security features some peculiarities, compared to other scientific fields, as the trainees have to design and protect systems against both known and unknown attacks. Moreover, the so far established stereotypes present the potential
intruders as being ingenious and able to penetrate almost every system. The paper aims to discuss these issues. Design/methodology/approach ‐ Within the scope of two different modules in higher education institutes, the students' involvement into practical pre-designed scenarios
was attempted, in order for them to understand the way intruders think, the methodologies they follow and the liabilities one may face for the flawed security of network applications and/or the supporting infrastructure. For this reason, an educational software tool was developed (named "Hackademic
Challenges"), which comprised a variety of realistic scenarios, where the student had to locate and exploit various vulnerabilities, in order to successfully complete the challenge. Evaluation of the developed tool was attempted through an online, anonymous questionnaire. Findings ‐
The results show that the students embraced this approach and have benefited significantly from going through these exercises. Originality/value ‐ The contribution consists of findings that may be useful to other instructors teaching similar subjects.