{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,5]],"date-time":"2025-11-05T06:20:56Z","timestamp":1762323656857,"version":"3.41.2"},"reference-count":25,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2013,10,7]],"date-time":"2013-10-07T00:00:00Z","timestamp":1381104000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,10,7]]},"abstract":"Purpose<\/jats:title>\u2013 Teaching information systems security features some peculiarities, compared to other scientific fields, as the trainees have to design and protect systems against both known and unknown attacks. Moreover, the so far established stereotypes present the potential intruders as being ingenious and able to penetrate almost every system. The paper aims to discuss these issues.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>\u2013 Within the scope of two different modules in higher education institutes, the students' involvement into practical pre-designed scenarios was attempted, in order for them to understand the way intruders think, the methodologies they follow and the liabilities one may face for the flawed security of network applications and\/or the supporting infrastructure. For this reason, an educational software tool was developed (named \u201cHackademic Challenges\u201d), which comprised a variety of realistic scenarios, where the student had to locate and exploit various vulnerabilities, in order to successfully complete the challenge. Evaluation of the developed tool was attempted through an online, anonymous questionnaire.<\/jats:p><\/jats:sec>Findings<\/jats:title>\u2013 The results show that the students embraced this approach and have benefited significantly from going through these exercises.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>\u2013 The contribution consists of findings that may be useful to other instructors teaching similar subjects.<\/jats:p><\/jats:sec>","DOI":"10.1108\/imcs-11-2011-0056","type":"journal-article","created":{"date-parts":[[2013,10,18]],"date-time":"2013-10-18T09:01:48Z","timestamp":1382086908000},"page":"315-338","source":"Crossref","is-referenced-by-count":3,"title":["A framework for teaching network security in academic environments"],"prefix":"10.1108","volume":"21","author":[{"given":"Alexandros","family":"Papanikolaou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vasileios","family":"Vlachos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andreas","family":"Venieris","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Christos","family":"Ilioudis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Konstantinos","family":"Papapanagiotou","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Anastasios","family":"Stasinopoulos","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2022012919591187300_b1","doi-asserted-by":"crossref","unstructured":"Ariyapperuma, S. and Minhas, A. (2005), \u201cInternet security games as a pedagogic tool for teaching network security\u201d, 35th ASEE\/IEEE Frontiers in Education Conference, Indianapolis, IN, USA, pp. S2D-1-S2D-5.","DOI":"10.1109\/FIE.2005.1612218"},{"key":"key2022012919591187300_b2","unstructured":"Bontchev, V. (2003), \u201cShould we teach virus writing?\u201d, paper presented at 6th Association of Anti Virus Asia Researchers Conference (AVAR 2003), Sydney, Australia."},{"key":"key2022012919591187300_b3","unstructured":"Campbell, J. (1972), A Hero with a Thousand Faces, Princeton University Press, Princeton, NJ."},{"key":"key2022012919591187300_b4","doi-asserted-by":"crossref","unstructured":"Catuogno, L. and De Santis, A. (2008), \u201cAn internet role-game for the laboratory of network security course\u201d, 13th Annual Conference on Innovation and Technology in Computer Science Education (ITiCSE '08), ACM Press, New York, NY, pp. 240-244.","DOI":"10.1145\/1384271.1384336"},{"key":"key2022012919591187300_b5","doi-asserted-by":"crossref","unstructured":"Conklin, A. (2006), \u201cCyber defense competitions and information security education: an active learning solution for a capstone course\u201d, 39th Annual Hawaii International Conference on System Sciences (HICSS '06), Vol. 9, p. -.","DOI":"10.1109\/HICSS.2006.110"},{"key":"key2022012919591187300_b6","doi-asserted-by":"crossref","unstructured":"Delmas, G. , Champagnat, R. and Augeraud, M. (2007), \u201cBringing interactivity into Campbell's hero's journey\u201d, Virtual Storytelling: Using Virtual Reality Technologies for Storytelling, Vol. 4871 of LNCS, Springer, Berlin, pp. 187-195.","DOI":"10.1007\/978-3-540-77039-8_17"},{"key":"key2022012919591187300_b7","unstructured":"Du, W. , Jayraman, K. and Gaubatz, N.B. (2010), 5th Annual Symposium on Information Assurance (ASIA '10), Albany, NY, Best Paper Award, pp. 56-61, Enhancing Security Education with Hands-on Laboratory Exercise's."},{"key":"key2022012919591187300_b8","unstructured":"Fung, W.S.L. and Fung, R.Y.K. (2010), \u201cAn inter-organizational community of practice for information security\u201d, 4th International Conference on New Trends in Information and Service Science (NISS), Gyeongju, pp. 236-241."},{"key":"key2022012919591187300_b9","doi-asserted-by":"crossref","unstructured":"Hill, J.M.D. , Carver, C.A. Jr , Humphries, J.W. and Pooch, U.W. (2001), \u201cUsing an isolated network laboratory to teach advanced networks and security\u201d, 32nd SIGCSE Technical Symposium on Computer Science Education, Charlotte, NC, USA, pp. 36-40.","DOI":"10.1145\/366413.364533"},{"key":"key2022012919591187300_b10","doi-asserted-by":"crossref","unstructured":"Irvine, C.E. , Levin, T.E. , Nguyen, T.D. and Dinolt, G.W. (2004), \u201cThe trusted computing exemplar project\u201d, 2004 IEEE Systems Man and Cybernetics Information Assurance Workshop, West Point, NY, pp. 109-115.","DOI":"10.1109\/IAW.2004.1437805"},{"key":"key2022012919591187300_b11","doi-asserted-by":"crossref","unstructured":"Marks, A. and Rezgui, Y. (2009), \u201cA comparative study of information security awareness in higher education based on the concept of design theorizing\u201d, International Conference on Management and Service Science (MASS '09), pp. 1-7.","DOI":"10.1109\/ICMSS.2009.5302667"},{"key":"key2022012919591187300_b12","doi-asserted-by":"crossref","unstructured":"Mateti, P. (2003), \u201cA laboratory-based course on internet security\u201d, 34th SIGCSE Technical Symposium on Computer Science Education, ACM Press, New York, NY, pp. 252-256.","DOI":"10.1145\/792548.611982"},{"key":"key2022012919591187300_b13","doi-asserted-by":"crossref","unstructured":"Mitchener, W.G. and Vahdat, A. (2001), \u201cA chat room assignment for teaching network security\u201d, 32nd SIGCSE Technical Symposium on Computer Science Education, ACM Press, Charlotte, NC, pp. 31-35.","DOI":"10.1145\/366413.364532"},{"key":"key2022012919591187300_b14","doi-asserted-by":"crossref","unstructured":"Moreno-Ger, P. , Burgos, D. , Mart\u00ednez-Ortiz, I. , Sierra, J.L. and Fern\u00e1ndez-Manj\u00f3n, B. (2008), \u201cEducational game design for online education\u201d, Computers in Human Behavior, Vol. 24 No. 6, pp. 2530-2540.","DOI":"10.1016\/j.chb.2008.03.012"},{"key":"key2022012919591187300_b15","doi-asserted-by":"crossref","unstructured":"O'Leary, M. (2006), 37th SIGCSE Technical Symposium on Computer Science Education (SIGCSE '06), ACM, New York, NY, pp. 2-6, A Laboratory Based Capstone Course in Computer Security for Undergraduates.","DOI":"10.1145\/1121341.1121346"},{"key":"key2022012919591187300_b16","doi-asserted-by":"crossref","unstructured":"Pastor, V. , D\u00edaz, G. and Castro, M. (2010), \u201cState-of-the-art simulation systems for information security education, training and awareness\u201d, IEEE Education Engineering 2010 \u2013 The Future of Global Learning Engineering Education (EDUCON), Madrid, Spain, pp. 1907-1916.","DOI":"10.1109\/EDUCON.2010.5492435"},{"key":"key2022012919591187300_b17","unstructured":"Puhakainen, P. (2006), A Design Theory for Information Security Awareness, Oulu University Press, Oulu."},{"key":"key2022012919591187300_b18","doi-asserted-by":"crossref","unstructured":"Scarfone, K. , Souppaya, M. , Cody, A. and Orebaugh, A. (2008), Technical Guide to Information Security Testing and Assessment, NIST Special Publication 800-15, National Institute of Standards and Technology, Gaithersburg, MD.","DOI":"10.6028\/NIST.SP.800-115"},{"key":"key2022012919591187300_b19","unstructured":"Spafford, E. (2001), Cyber Security \u2013 How Can We Protect American Computer Networks From Attack?, Testimony before the House Science Committee. available at: http:\/\/spaf.cerias.purdue.edu\/usgov\/house01.pdf (accessed 23 November 2011)."},{"key":"key2022012919591187300_b20","unstructured":"Tikekar, R. (2003), \u201cThe challenges of designing lab exercises for a curriculum in computer security\u201d, Journal of Computing in Small Colleges, Vol. 18 No. 5, pp. 175-183."},{"key":"key2022012919591187300_b21","doi-asserted-by":"crossref","unstructured":"Vigna, G. (2003a), \u201cTeaching hands-on network security: testbeds and live exercises\u201d, Journal of Information Warfare, Vol. 3 No. 2, pp. 8-25.","DOI":"10.1007\/978-0-387-35694-5_2"},{"key":"key2022012919591187300_b22","doi-asserted-by":"crossref","unstructured":"Vigna, G. (2003b), \u201cTeaching network security through live exercises\u201d, World Conference on Information Security Education, pp. 3-18.","DOI":"10.1007\/978-0-387-35694-5_2"},{"key":"key2022012919591187300_b23","doi-asserted-by":"crossref","unstructured":"Wagner, P.J. and Wudi, J.M. (2004), \u201cDesigning and implementing a cyberwar laboratory exercise for a computer security course\u201d, 35th SIGCSE Technical Symposium on Computer Science Education, ACM Press, New York, NY, pp. 402-406.","DOI":"10.1145\/1028174.971438"},{"key":"key2022012919591187300_b24","doi-asserted-by":"crossref","unstructured":"Wilson, M. and Hash, J. (2003), Building an Information Technology Security Awareness and Training Program, NIST Special Publication 800-50, National Institute of Standards and Technology, Gaithersburg, MD.","DOI":"10.6028\/NIST.SP.800-50"},{"key":"key2022012919591187300_b25","unstructured":"Yap, J. (2011), \u201cHacking boosts students' infosec skills\u201d, ZDNet Asia, available at: www.zdnet.com.au\/hacking-boosts-students-infosec-skills-339323402.htm (accessed 23 November 2011)."}],"container-title":["Information Management & Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/IMCS-11-2011-0056","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMCS-11-2011-0056\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/IMCS-11-2011-0056\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,24]],"date-time":"2025-07-24T21:50:49Z","timestamp":1753393849000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/21\/4\/315-338\/185548"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,10,7]]},"references-count":25,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2013,10,7]]}},"alternative-id":["10.1108\/IMCS-11-2011-0056"],"URL":"https:\/\/doi.org\/10.1108\/imcs-11-2011-0056","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[2013,10,7]]}}}