Python3 for Security Professionals

Steiner, Alexander and von Känel, Sacha (2020) Python3 for Security Professionals. Other thesis, HSR Hochschule für Technik Rapperswil.

Full text not available from this repository.

Abstract

Introduction:
14th December 2014, Yahoo reports the data breach of 3 billion user accounts consisting of unencrypted security questions and the corresponding answers that potentially allow hackers to break into the victims' online accounts. Sophisticated attacks like ransomware or other malware threaten it-infrastructure of governments require a detailed investigation of countermeasures to protect against them, increasing the unabated strong demand for security specialists furthermore.

Since 2018, the Swiss Federal Department of Defence responds to this lack of cybersecurity specialists by running a "Cyber Lehrgang" to recruit and train cyber-warriors. They must master at least one programming language. Our mission was to design and implement an applied Python3 cybersecurity curriculum with several Python3 programming exercises.

Approach / Technology:
The project was divided into three phases: research, implementation and testing. The curriculum was designed to prepare and forearm future cybersecurity-specialists with Python3 coding skills in the field of exploitation, reverse-engineering, forensics, threat intelligence and data aggregation.

Each exercise teaches background theory and applied Python3 programming skills. They follow a tutorial guide and a coding guideline based on the widespread "Python Enhancement Proposal" to ensure consistency and code quality across them.

The curriculum is hosted in Hacking-Lab 2.0, an online cybersecurity challenge and education platform to increase education and ethics in information security. The training is based on Kali Linux, a "hacker & developer ready" environment system.

Result:
As a result of this project, a Python3 programming course for cybersecurity specialists has been created. Eleven different exercises teach how to automate and run the cybersecurity tasks. The practice lab introduces and uses most recent, commonly known and accepted Python3 libraries. Since the curriculum is not designed for beginners, students should have some experience in at least one or more modern programming languages. The training will help participants to pursue a career in cybersecurity.

Item Type: Thesis (Other)
Subjects: Area of Application > Academic and Education
Area of Application > E-Learning
Technologies > Programming Languages > Python
Technologies > Security
Divisions: Bachelor of Science FHO in Informatik > Student Research Project
Depositing User: HSR Deposit User
Contributors:
Contribution
Name
Email
Thesis advisor
Bütler, Ivan
UNSPECIFIED
Date Deposited: 19 Mar 2021 09:40
Last Modified: 19 Mar 2021 09:40
URI: https://eprints.ost.ch/id/eprint/882

Actions (login required)

View Item
View Item