HOST EXPLOITATION AND MAINTENANCE ACCESS – ESSENTIAL PENETRATION HANDS-ON LABS FOR ENHANCING INFORMATION ASSURANCE EDUCATION

Information assurance has been one of the most demanded areas in computer science education since the fast growth of technology, especially the emergence of the Internet. Consequently, information assurance education becomes critical and is among the most significant area in computer science curriculum. In order to enhance students’ learning performance, hands-on laboratories play an important role in reaching the objectives of information assurance education. However, it is challenging to design information assurance hands-on labs, especially if the labs are offered for online students who have limited access to hardware and software resources. In this paper, we first discuss the challenges each institution faces when designing hands-on labs; second, we describe the contents that are essential for information assurance education; third, we design a lab platform which is convenient and easy to use; finally, we propose three hands-on labs which are designed for both online and on-campus students with minimum required resources. These labs include network recon and scanning, vulnerabilities and host exploitation, and maintenance access with rootkit. With these new designed offensive hands-on lab exercises, the challenges that most institutions face can be met, and academic goals can be reached. In addition, our survey results show that our students are satisfied with the hands-on labs and their learning performance is improved as well.