WebHOLE: Developing a web-based hands-on learning environment to assist beginners in learning web application security

被引:1
作者
Su, Jun-Ming [1 ]
机构
[1] Natl Univ Tainan, Dept Informat & Learning Technol, Tainan, Taiwan
关键词
Cybersecurity education; Web application security; Practical hands-on ability; Hands-on learning; Web-based learning; Portfolio analysis; CYBERSECURITY EDUCATION; FRAMEWORK; KNOWLEDGE;
D O I
10.1007/s10639-023-12090-z
中图分类号
G40 [教育学];
学科分类号
040101 ; 120403 ;
摘要
With the rapid growth of web applications, web application security (WAS) has become an important cybersecurity issue. For effective WAS protection, it is necessary to cultivate and train personnel, especially beginners, to develop correct concepts and practical hands-on abilities through cybersecurity education. At present, many methods offer vulnerable web environments to support practical hands-on training, including large-scale "Capture the Flag" mode (e.g., Cyber Range), pre-configured virtual machine images (e.g., Mutillidae), pre-built stand-alone applications (e.g., WebGoat), and web-based system (e.g., Damn Vulnerable Web Application). However, beginners need not only hands-on training tools and systems but also assistance to support effective learning. Moreover, pre-built training content and exercises are usually not easy to modify and thus lack the flexibility to meet specific teaching needs. Therefore, this study proposed and developed the Web-based Hands-On Learning Environment (WebHOLE) to efficiently assist beginners in learning WAS. To improve the flexibility of the training content, a web-based authoring tool was developed in WebHOLE to create customized hands-on learning exercises. Accordingly, learners can learn and practice the WAS training content online with learning assistance provided by the hands-on learning system. The hands-on abilities of the learners can be efficiently assessed by the hands-on testing system using online exams with progressive hints and automatic grading. Furthermore, to improve the effectiveness of teaching and testing, a portfolio analysis scheme using a data mining technique was developed to identify learning barriers and problematic test items. WebHOLE was applied to an actual beginner-level WAS course for undergraduate students. The experimental results showed the benefits of WebHOLE on WAS learning, with a significant improvement in learning outcomes. Students expressed high satisfaction with WebHOLE's learning assistance, rating it with average satisfaction scores above 4.0 out of 5.0. The portfolio analysis scheme also showed the effectiveness of WebHOLE in identifying learning problems and refining test items.
引用
收藏
页码:6579 / 6610
页数:32
相关论文
共 50 条
[41]   Including Indigenous Knowledge in Web-Based Learning [J].
Dumbrill, Gary C. ;
Green, Jacquie Rice .
JOURNAL OF TECHNOLOGY IN HUMAN SERVICES, 2007, 25 (1-2) :103-117
[42]   Improving web-based learning by means of narrative [J].
Dettori, Giuliana .
HYBRID LEARNING AND EDUCATION, PROCEEDINGS, 2008, 5169 :115-+
[43]   Development of Collaboration Environments for Web-Based Learning [J].
Yabuki, Taro ;
Sakuta, Hiroshi .
JOURNAL OF COMPUTERS, 2007, 2 (09) :1-6
[44]   Editorial: Web-Based Learning: Innovations and Challenges [J].
Wyne, Mudasser F. .
KNOWLEDGE MANAGEMENT & E-LEARNING-AN INTERNATIONAL JOURNAL, 2010, 2 (04) :337-339
[45]   Trust framework for web-based learning system [J].
Lertlum, W ;
Papasratorn, B .
INTERNATIONAL CONFERENCE ON POLITICS AND INFORMATION SYSTEMS: TECHNOLOGIES AND APPLICATIONS, VOL 1: INFORMATICS AND SOCIETY, 2004, :228-230
[46]   Knowledge Mining in Web-based Learning Environments [J].
Kerdprasop, Nittaya ;
Kerdprasop, Kittisak .
PROCEEDINGS OF WORLD ACADEMY OF SCIENCE, ENGINEERING AND TECHNOLOGY, VOL 29, 2008, 29 :246-250
[47]   Student Acceptance of Web-based Learning System [J].
Jong, Din ;
Wang, Tzong-Song .
2009 INTERNATIONAL SYMPOSIUM ON WEB INFORMATION SYSTEMS AND APPLICATIONS, PROCEEDINGS, 2009, :533-+
[48]   Teaching Dimension in Web-Based Learning Communities [J].
Pozzi, Francesca .
International Journal of Web-Based Learning and Teaching Technologies, 2008, 3 (03) :34-43
[49]   Improving Security of Web-Based Application Using ModSecurity and Reverse Proxy in Web Application Firewall [J].
Muzaki, Rizki Agung ;
Briliyant, Obrina Candra ;
Hasditama, Maulana Andika ;
Ritchi, Hamzah .
2020 5TH INTERNATIONAL WORKSHOP ON BIG DATA AND INFORMATION SECURITY (IWBIS 2020), 2020, :89-94
[50]   An Electronic Library-based Learning Environment for Supporting Web-based Problem-Solving Activities [J].
Tsai, Pei-Shan ;
Hwang, Gwo-Jen ;
Tsai, Chin-Chung ;
Hung, Chun-Ming ;
Huang, Iwen .
EDUCATIONAL TECHNOLOGY & SOCIETY, 2012, 15 (04) :252-264