New Curriculum Approach in Teaching Network Security Subjects for ICT Courses in Malaysia
Abstract:This paper discusses a curriculum approach that will
give emphasis on practical portions of teaching network security
subjects in information and communication technology courses. As
we are well aware, the need to use a practice and application oriented
approach in education is paramount. Research on active learning and
cooperative groups have shown that students grasps more and have
more tendency towards obtaining and realizing soft skills like
leadership, communication and team work as opposed to the more
traditional theory and exam based teaching and learning. While this
teaching and learning paradigm is relatively new in Malaysia, it has
been practiced widely in the West. This paper examines a certain
approach whereby students learning wireless security are divided into
and work in small and manageable groups where there will be 2
teams which consist of black hat and white hat teams. The former
will try to find and expose vulnerabilities in a wireless network while
the latter will try their best to prevent such attacks on their wireless
networks using hardware, software, design and enforcement of
security policy and etc. This paper will try to show that the approach
taken plus the use of relevant and up to date software and hardware
and with suitable environment setting will hopefully expose students
to a more fruitful outcome in terms of understanding of concepts,
theories and their motivation to learn.
 D. T. Tohmatsu, "2007 Global Security Survey," Deloitte Touche
 W. Yurcik and D. Doss, "Different approaches in the teaching of
Information Systems Security," in Information Systems Education
Conference (ISECON) Cincinnati, Ohio, 2001.
 I. Hassan, M. R. Ayob, M. Sulaiman, A. S. Md Tahir, and M. R. Nordin,
Practice and Application Oriented Education in KUTKM: Penerbit
Universiti, Kolej Universiti Teknikal Malaysia Melaka, 2005.
 J. M. D. Hill, C. A. Carver Jr., J. W. Humphries, and U. W. Pooch,
"Using an isolated network laboratory to teach advanced networks and
security," SIGCSE Bull., vol. 33, pp. 36-40, 2001.
 S. Lindskog, U. Lindqvist, and E. Johnsson, "IT Security research and
education in synergy," in 1st World Conference on Information Security
Education Stockholm, Sweden, 1999.
 B. Hartpence, "Teaching wireless security for results," in Proceedings of
the 6th Conference on Information Technology Education Newark, NJ,
USA: ACM, 2005.
 W. I. Bullers, S. Burd, and A. F. Seazzu, "Virtual machines - An idea
whose time has returned: Application to network, security, and database
courses," in Proceedings of the 37th SIGCSE Technical Symposium on
Computer Science Education Houston, Texas, USA: ACM, 2006.
 H. J. Mattord and M. E. Whitman, "Planning, building and operating the
information security and assurance laboratory," in Proceedings of the 1st
annual Conference on Information Security Curriculum Development
Kennesaw, Georgia: ACM, 2004.
 IPPTN, "Masalah pengangguran di kalangan siswazah," National Higher
Education Research Institute (IPPTN), 2003, p. 10.
 IPPTN, "University curriculum: An evaluation on preparing graduates
for employment," National Higher Education Research Institute
(IPPTN), 2004, p. 22.
 P. Y. Logan and A. Clarkson, "Teaching students to hack: Curriculum
issues in information security," in Proceedings of the 36th SIGCSE
Technical Symposium on Computer Science Education St. Louis,
Missouri, USA: ACM, 2005.
 B. Pashel, A., "Teaching students to hack: Ethical implications in
teaching students to hack at the university level," in Proceedings of the
3rd annual Conference on Information Security Curriculum
Development Kennesaw, Georgia: ACM, 2006.
 M. E. Whitman and H. J. Mattord, "Designing and teaching information
security curriculum," in Proceedings of the 1st annual Conference on
Information Security Curriculum Development Kennesaw, Georgia:
 G. Vigna, "Teaching network security through live exercises," in
Security education and critical infrastructures: Kluwer Academic
Publishers, 2003, pp. 3-18.