The threat environment is rapidly changing and the cyber security skill shortage is a widely acknowledged problem. However, teaching such skills and keeping professionals up-to-date is not trivial. New malware types appear daily, and it requires significant time and effort by a teacher to prepare a unique, current and challenging courses in the malware reverse engineering. Novel teaching methods and tools are required. This paper describes an experience with an automated hands-on learning environment in a malware reverse engineering class taught at Tallinn University of Technology in Estonia. Our hands-on practical lab is using a fully automated Cyber Defense Competition platform Intelligent Training Exercise Environment (i-tee) [1] combined with typical Capture-The-Flag competition structure and open-source tools where possible. We describe the process of generating a unique and comparable reverse-engineering challenge and measuring the students’ progress through the process of analysis, reporting flags and debugging data, recording and taking into account their unique approach to the task. We aim to measure the students’ using the Bloom’s taxonomy, i.e., mastering the art of malware reverse engineering at the higher cognitive levels. The presented teaching and assessment method builds foundation for enhancing the future malware reverse engineering training quality and impact.
[1]
Kaido Kikkas,et al.
A Live Virtual Simulator for Teaching Cybersecurity to Information Technology Students
,
2016,
HCI.
[2]
J. Hohwy.
The Predictive Mind
,
2013
.
[3]
Robin A. Gandhi,et al.
Reverse engineering: is it art?
,
2012,
INROADS.
[4]
Pam Frost Gorder.
Multicore Processors for Science and Engineering
,
2007,
Computing in Science & Engineering.
[5]
Qijun Gu,et al.
Analysis and Exercises for Engaging Beginners in Online CTF Competitions for Security Education
,
2017,
ASE @ USENIX Security Symposium.
[6]
Chris Eagle.
Computer Security Competitions: Expanding Educational Outcomes
,
2013,
IEEE Security & Privacy.
[7]
David Brumley,et al.
PicoCTF: A Game-Based Computer Security Competition for High School Students
,
2014,
3GSE.
[8]
Clark Taylor,et al.
A Tool for Teaching Reverse Engineering
,
2016,
ASE @ USENIX Security Symposium.
[9]
Adam R. Bryant,et al.
Modeling information flow for an autonomous agent to support reverse engineering work
,
2017
.
[10]
Olaf Maennel,et al.
i-tee: A fully automated Cyber Defense Competition for Students
,
2015,
SIGCOMM.
[11]
Kevin F. Collis,et al.
Evaluating the Quality of Learning: The SOLO Taxonomy
,
1977
.