Why Phishing Works: Project for an Information Security Capstone Course
نویسندگان
چکیده
This paper presents a project which was conducted in a capstone course in Information Security. The project focused on conducting research concerning the various aspects of phishing, such as why phishing works and who is more likely to be deceived by phishing. Students were guided through the process of conducting research: finding background and related work on the topic, determining the hypothesis, development of the survey system, data collection, analysis of the results, and writing of the academic paper. This project was very successful in that students gained in-depth knowledge about phishing, developed an understanding of research and academic writing, and learned to statistically analyze data to support or refute their hypothesis. Educators who are teaching a capstone course in Information Security may be interested in this project because it is an appropriate level for undergraduate seniors, it can be accomplished in one semester, and the participants can be other students at the institution.
منابع مشابه
Development of Capstone Projects on Secure Communications for Engineering Students
A capstone project is a compulsory requirement for passing the last course and obtaining the bachelor’s degree. In order to make students develop their own self-learning capabilities, it is important to offer them real life projects, helping them in the process of combining already acquired information with new knowledge. In this contribution, we present the details of a real capstone project a...
متن کاملIntegrating IS Curriculum Knowledge through a Cluster-Computing Project: A Successful Experiment
MIS curricula in business schools are challenged to provide MIS courses that give students a strong practical understanding of the basic technologies, while also providing enough hands-on experience to solve real life problems. As an experimental capstone MIS course, the authors developed a cluster-computing project to expose business students to the technologies of distributed computing, paral...
متن کاملLaboratory Design For Demonstrating Phishing
Hands-on laboratory exercises are a very important component of computer security and information assurance education. This paper reports the laboratory exercises we designed to demonstrate two ways of conducting phishing attack: 1) Embedding a hyperlink in a fake email which redirects the victim to a fake website; 2) Using ARP cache poisoning to redirect web access to a fake website. The two w...
متن کاملExperiential Service Learning Using Real Client Projects in a Capstone IT Course
Senior students in an information technology (IT) program at a university in southeastern United States participate in a capstone project management course to graduate. Student teams develop and manage information technology-related service learning projects for community partners who have needs for IT products such as websites, databases, computer training, etc. In spring 2008, one capstone te...
متن کاملPhishing website detection using weighted feature line embedding
The aim of phishing is tracing the users' s private information without their permission by designing a new website which mimics the trusted website. The specialists of information technology do not agree on a unique definition for the discriminative features that characterizes the phishing websites. Therefore, the number of reliable training samples in phishing detection problems is limited. M...
متن کامل