Teaching DNS Spoofing Attack Using a Hands-on Cybersecurity Approach Based on Virtual Kali Linux Platform

Zouheir Trabelsi, Medha Mohan Ambali Parambil, Tariq Qayyum, Ban Alomar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The realm of academic security education is primarily focused on defensive strategies. However, there's a growing acceptance of offensive techniques, initially crafted by hackers. Several educators in the field of information security believe that incorporating offensive strategies into the curriculum creates more adept security professionals than focusing solely on defensive methods. Students in information security courses must engage in offensive and defensive tactics to effectively handle malicious activities and devise suitable security measures. This paper presents a case study on executing an in-depth, practical cybersecurity laboratory exercise centered on a prevalent network attack, the DNS spoofing attack, which is vital for network security training. The primary educational goal of this hands-on lab exercise is to equip students with the skills to conduct a DNS spoofing attack within a controlled, virtual network environment using Kali Linux. The introduction of this offensive cybersecurity lab exercise resulted in enhanced student performance; however, it also raised significant ethical issues. Consequently, the paper outlines several measures that academic institutions should consider to mitigate the risks associated with teaching offensive strategies in information security education programs.

Original languageEnglish
Title of host publicationEDUCON 2024 - IEEE Global Engineering Education Conference, Proceedings
PublisherIEEE Computer Society
ISBN (Electronic)9798350394023
DOIs
Publication statusPublished - 2024
Event15th IEEE Global Engineering Education Conference, EDUCON 2024 - Kos Island, Greece
Duration: May 8 2024May 11 2024

Publication series

NameIEEE Global Engineering Education Conference, EDUCON
ISSN (Print)2165-9559
ISSN (Electronic)2165-9567

Conference

Conference15th IEEE Global Engineering Education Conference, EDUCON 2024
Country/TerritoryGreece
CityKos Island
Period5/8/245/11/24

Keywords

  • Cybersecurity education
  • DNS spoofing attack
  • Ethical hacking
  • Virtual Kali Linux platform

ASJC Scopus subject areas

  • Information Systems and Management
  • Education
  • General Engineering

Fingerprint

Dive into the research topics of 'Teaching DNS Spoofing Attack Using a Hands-on Cybersecurity Approach Based on Virtual Kali Linux Platform'. Together they form a unique fingerprint.

Cite this