Using Challenge-based Tasks for Testing the Security of Web Applications
Keywords:
challenge-based tasks, web security, web applications, owasp, code-entry challengesAbstract
This paper explores the integration of challenge-based tasks in the education of cybersecurity and software engineers for the testing of the security of web applications. It provides an overview of security education and web application security, highlights the importance of challenge-based tasks, and details their implementation in the curricula. Specific tasks and their solutions are presented, along with future plans for improving these educational methods. The study emphasizes the critical role of hands-on, practical approaches in bridging the gap between theoretical knowledge and practical skills.
References
Z. Čović, Z. Papp, H. Manojlović and J. Simon, "Hackathon-based Teaching Method in the Training of Software Engineers", Proceedings of the 12th International Conference on Applied Internet and Information Technologies AIIT 2022, Zrenjanin, Serbia, 2022, pp. 108-116
Cheung, R. S., Cohen, J. P., Lo, H. Z., & Elia, F. (2011). Challenge based learning in cybersecurity education. Athens: The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).
G. Bombaerts, D. Martin and K. Doulougeri, "Structured and open Challenge-Based Learning in Engineering Ethics Education," 2022 IEEE Frontiers in Education Conference (FIE), Uppsala, Sweden, 2022, pp. 1-8, doi: 10.1109/FIE56618.2022.9962652.
Gasiba, T., Lechner, U., Pinto-Albuquerque, M., Zouitni, A. (2020). Design of Secure Coding Challenges for Cybersecurity Education in the Industry. In: Shepperd, M., Brito e Abreu, F., Rodrigues da Silva, A., Pérez-Castillo, R. (eds) Quality of Information and Communications Technology. QUATIC 2020. Communications in Computer and Information Science, vol 1266. Springer, Cham. https://doi.org/10.1007/978-3-030-58793-2_18
Čović, Z. (2024). Threats and Vulnerabilities in Web Applications and How to Avoid Them. In: Kovács, T.A., Nyikes, Z., Berek, T., Daruka, N., Tóth, L. (eds) Critical Infrastructure Protection in the Light of the Armed Conflicts. HCC 2022. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-47990-8_9
A. J. A. Wang, "Security testing in software engineering courses," 34th Annual Frontiers in Education, 2004. FIE 2004., Savannah, GA, USA, 2004, pp. F1C-13, doi: 10.1109/FIE.2004.1408561.
Downloads
Published
Issue
Section
License
Copyright (c) 2024 Bánki Közlemények (Bánki Reports)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Bánki Közlemények is loyal to open access for academic work. All the original articles and review papers published in this journal are free to access immediately from the date of publication. We don’t charge any fees for any reader to download articles and reviews for their own scholarly use.
The Bánki Közlemények also operates under the Creative Commons Licence CC-BY-NC-ND. This allows for the reproduction of articles, free of charge, for non-commercial use only and with the appropriate citation information. All authors publishing with the Bánki Közlemények accept these as the terms of publication.