Defeating Defenses
December 8, 2007
STARKVILLE, Miss –Students in the Bagley College of Engineering recently busied themselves by taking down the defenses of university computers. Encrypted and password protected information couldn’t stop them as they penetrated the computer systems and gathered information. Don’t panic though, there was nothing malicious about the students’ attempts to seize data. It is part of a classroom “capture the flag” exercise that allows computer security students to test the limits of the defenses they have studied all semester.
“The best way to teach defense is to show people how easy it is to break through certain kinds of defenses and how difficult it is to break through others,” explained Dr. Ray Vaughn, a computer security researcher and professor of the class.
After being divided into five teams, the students raced against each other to see which group could capture the most data, or “flags”. The information is hidden and protected on computers set-up by graduate assistants. The student teams are then encouraged to use the information and skills they were taught during the semester to work their way though the complex defenses and complete the exercise faster than the other teams.
“The students can win nice prizes in this competition, but more importantly, the winning team earns bragging rights. This is always one of the high points of our semester and our students look forward to it,” Vaughn said. “This hands on experience sticks with students a lot longer than pure classroom instruction. This is very active learning.”
For more information about the computer security class at Mississippi State, please contact Dr. Ray Vaughn. For information about the computer science and engineering department, please contact department head Dr. Julia Hodges.