원문정보
초록
영어
Web application security education that can provide practical experience is needed to reduce damage caused by the recent increase in web application vulnerabilities and to strengthen security. In this paper, we proposed a scenario-based web application education method, applied the proposed method to classes, and analyzed the results. In order to increase the effectiveness of scenario-based education, a real-life practice environment to perform scenarios and instructions to be performed by learners are needed. As an example of the proposed method, instructions to be performed by learners from the viewpoint of the attacker and the victim were shown in a practice environment to teach XSS and SQL injection vulnerabilities. After applying the proposed method to the class for students majoring in cyber security, when the lecture evaluation results were analyzed, it was shown that the learner's interest, understanding, and major ability all improved.
목차
1. Introduction
2. Related Works
2.1 Web Application Security Vulnerability Inspection Criteria and Diagnosis
2.2 The Researches for the Development of Contents for Cyber Security Education
3. Scenario of Web Vulnerability Education
3.1 Cross-Site Scripting (XSS)
3.2 SQL Injection Vulnerability
4. Analysis of the Effectiveness of the Proposed Method
5. Conclusion
Acknowledgement
References