International Science Index


New Curriculum Approach in Teaching Network Security Subjects for ICT Courses in Malaysia

Abstract:This paper discusses a curriculum approach that will give emphasis on practical portions of teaching network security subjects in information and communication technology courses. As we are well aware, the need to use a practice and application oriented approach in education is paramount. Research on active learning and cooperative groups have shown that students grasps more and have more tendency towards obtaining and realizing soft skills like leadership, communication and team work as opposed to the more traditional theory and exam based teaching and learning. While this teaching and learning paradigm is relatively new in Malaysia, it has been practiced widely in the West. This paper examines a certain approach whereby students learning wireless security are divided into and work in small and manageable groups where there will be 2 teams which consist of black hat and white hat teams. The former will try to find and expose vulnerabilities in a wireless network while the latter will try their best to prevent such attacks on their wireless networks using hardware, software, design and enforcement of security policy and etc. This paper will try to show that the approach taken plus the use of relevant and up to date software and hardware and with suitable environment setting will hopefully expose students to a more fruitful outcome in terms of understanding of concepts, theories and their motivation to learn.
[1] D. T. Tohmatsu, "2007 Global Security Survey," Deloitte Touche Tohmatsu 2007.
[2] W. Yurcik and D. Doss, "Different approaches in the teaching of Information Systems Security," in Information Systems Education Conference (ISECON) Cincinnati, Ohio, 2001.
[3] I. Hassan, M. R. Ayob, M. Sulaiman, A. S. Md Tahir, and M. R. Nordin, Practice and Application Oriented Education in KUTKM: Penerbit Universiti, Kolej Universiti Teknikal Malaysia Melaka, 2005.
[4] J. M. D. Hill, C. A. Carver Jr., J. W. Humphries, and U. W. Pooch, "Using an isolated network laboratory to teach advanced networks and security," SIGCSE Bull., vol. 33, pp. 36-40, 2001.
[5] S. Lindskog, U. Lindqvist, and E. Johnsson, "IT Security research and education in synergy," in 1st World Conference on Information Security Education Stockholm, Sweden, 1999.
[6] B. Hartpence, "Teaching wireless security for results," in Proceedings of the 6th Conference on Information Technology Education Newark, NJ, USA: ACM, 2005.
[7] W. I. Bullers, S. Burd, and A. F. Seazzu, "Virtual machines - An idea whose time has returned: Application to network, security, and database courses," in Proceedings of the 37th SIGCSE Technical Symposium on Computer Science Education Houston, Texas, USA: ACM, 2006.
[8] H. J. Mattord and M. E. Whitman, "Planning, building and operating the information security and assurance laboratory," in Proceedings of the 1st annual Conference on Information Security Curriculum Development Kennesaw, Georgia: ACM, 2004.
[9] IPPTN, "Masalah pengangguran di kalangan siswazah," National Higher Education Research Institute (IPPTN), 2003, p. 10.
[10] IPPTN, "University curriculum: An evaluation on preparing graduates for employment," National Higher Education Research Institute (IPPTN), 2004, p. 22.
[11] P. Y. Logan and A. Clarkson, "Teaching students to hack: Curriculum issues in information security," in Proceedings of the 36th SIGCSE Technical Symposium on Computer Science Education St. Louis, Missouri, USA: ACM, 2005.
[12] B. Pashel, A., "Teaching students to hack: Ethical implications in teaching students to hack at the university level," in Proceedings of the 3rd annual Conference on Information Security Curriculum Development Kennesaw, Georgia: ACM, 2006.
[13] M. E. Whitman and H. J. Mattord, "Designing and teaching information security curriculum," in Proceedings of the 1st annual Conference on Information Security Curriculum Development Kennesaw, Georgia: ACM, 2004.
[14] G. Vigna, "Teaching network security through live exercises," in Security education and critical infrastructures: Kluwer Academic Publishers, 2003, pp. 3-18.