Web penetration testing embodies both the understanding of attack and defense philosophies. By learning malicious hacking activities, students will understand the perspectives of attackers and realize how to defend a Web application system. To foster information security education, it is important to introduce the attack understanding philosophy. Using student group projects, this study aims to measure student learning effectiveness in Web application security and to discover how students perceive learning given the attack understanding philosophy. In support of triangulation, this research will employ pre-test and post-test study along with the grounded theory approach. The future research findings will propose a framework to improve student learning effectiveness and student learning perception in Web application security.
- Web application security,
- Web penetration testing,
- Information security education
Available at: http://works.bepress.com/hweejoo/6/