Students of network security, hacking skills necessary to teach them to “know your enemy” and were prepared for the threats of the real world. But educators and experts add that in the course of training emphasis is on law and ethics, so that students do not “overstepped the line” and have not used their skills to harm.
Liu Chin-Chuan, head of the course ” Diploma in Infocomm Security Management “(DISM), Singapore Polytechnic, said that the curriculum includes teaching students the techniques of hacking in order to ensure that they understand how hackers are conducted and what countermeasures can be taken to oppose them .
“As stated in the” Art of War “by Sun Tzu, to defeat the enemy, you need to study it. Thus, knowledge of the techniques that are used by hackers, it is very important for effective protection from their attacks,” – said Liu Chin-Chuan on the question of a reporter.
The course, founded in 2006, aims to produce professionals with skills and knowledge that will enable them to recognize in time to react and minimize the threat. In addition to ethical hacking techniques in the course includes such topics as network security, application security, operational security, security policy, computer forensics, IT audit, law and ethics, business continuity and disaster recovery planning.
Colin McLean, professor of ethics at the University of burglary Ebert Dundee in Scotland, agreed and added that an effective means to study the behavior of cybercriminals in the future use of the most effective measures against their activities. University courses in the area is known for Ethical hacking and counter it , going from 2006 and 2008, respectively.
“In every area of ??life the defender must first understand the tactics and behavior of the attacker before he can effectively defend against it,” – explained in an interview with Maclean. “To protect your home from robbery, a person must first put yourself in the burglar and decide how he snuck in to his own house. Only then will we fully appreciate where you should install locks and alarm sensors to help escape from assault. Computer protection in this respect no different from protecting homes. ”
McLean added: “Only a man with a solid knowledge of tools and techniques that are used by hackers will be able to fully help companies protect themselves from hacking their systems. Our goal is to produce professionals with all the necessary knowledge.”
Improve the training of real-life scenarios
McLean also said that the university is always actively looking for companies facing difficulties in terms of security, that is always in the know and use all new cases of hacking to improve training.
For example, a representative of the security personnel from NCR’s leading university guest lectures, receiving in exchange the results of research work, which leads the company .
Liu Chin-Chuan from Singapore Polytechnic said that it was essential to supply the students as realistic examples of how this is possible. The use of artificial and real examples greatly improves the training of students and their offensive, defensive and research skills in dealing with the various threats that will meet them in their future endeavors.
For example, laboratory safety, Singapore Polytechnic infokummunikatsionnoy equipped with network devices, servers and virtual machines, able to simulate the real work of networks and systems. These systems are intended to protect not been so students can practice their offensive and defensive skills.
Liu added that the training facilities will soon be updated to create even greater for students learning spaces of various sizes, compositions and complexities. Model “of the game in voynushka” will also be used, and with it will be two-sided test of student skills.
Students will also enhance skills through an internship, which is the apex of the course.
Gayom Lowe, general manager of the laboratory to respond to the threat of Fortinet’s FortiGuard also supports the idea of ??studying and simulating real-world situations in preparation of students.
In the e-mail interview with Lowe said that for students “very important” learning by those mistakes that are made by different companies to protect themselves from hackers.
He also noted that the practical training in attack or defense computer should be an integral part of the curriculum and that they add to the training element of competition in the spirit of “Capture the Flag”.
The emphasis on legality and ethics
On the question of how to combine elements of learning without the risk of adversely affect the student’s choice and make it a real hacker, not the defense against hackers, Lowe recommended that all of the same simulation confrontation between students, as in paintball.
“People do not shoot at each other on the streets of a real weapon after they have played paintball. But if they are attacked, the skills acquired by them during the game, can save their lives,” – said Lowe.
Teachers also talk about the need assurance that the students in the future will not use their knowledge of the harm and stress that apart from the mainstream of education, legal and ethical issues must also be an integral part of the curriculum.
That students in the future not passed the line, at the Singapore Polytechnic uses a special approach. Among other measures, to apply the complete isolation of the Institute of networks of networks on campus and there are firm rules on the behavior of students in the process of learning systems.
However, purely technical control techniques is not enough and that’s why students are taught the law and ethics.
At these sessions the students talk about Singapore’s laws and punishments that threaten them for cybercrime. In addition, each student signs a code of conduct in the first year and throughout the course.
Liu said: “To secure a solid alumni ethical values, a holistic view of security infocommunication. That is why they are taught not only the methods used by hackers, but also ways to detect and protect against attacks. It helps them realize the fact that there might also calculate their own, once they abuse the knowledge that they are in the process of learning. ”
“At the University of Ebert’s lab allows students to experiment in a safe environment. It played real cases of burglary, so students can fully appreciate the actions of real hackers, not breaking any laws,” – said McLean.
He also noted that on admission to the institute, each student passes a medical examination and have been thoroughly checked. In addition, students take a test on knowledge of the laws relating to computer crimes. Thus the law and ethics are integral parts of what is learned at university.
Lowe concludes: “As long as there is a strong emphasis on ethics in learning hacking skills, which in future will be to guard the network security, there is nothing wrong.”