Exportar Publicação
A publicação pode ser exportada nos seguintes formatos: referência da APA (American Psychological Association), referência do IEEE (Institute of Electrical and Electronics Engineers), BibTeX e RIS.
Gasiba, Tiago, Lechner, Ulrike, Pinto-Albuquerque, M. & Zouitni, Alae (2020). Design of secure coding challenges for cybersecurity education in the industry. In Shepperd M., Brito e Abreu F., Rodrigues da Silva A., Pérez-Castillo R. (Ed.), Quality of Information and Communications Technology. QUATIC 2020.: Springer Verlag (Germany).
T. E. Gasiba et al., "Design of secure coding challenges for cybersecurity education in the industry", in Quality of Information and Communications Technology. QUATIC 2020., Shepperd M., Brito e Abreu F., Rodrigues da Silva A., Pérez-Castillo R., Ed., Springer Verlag (Germany), 2020, vol. 1266
@inproceedings{gasiba2020_1734957168723, author = "Gasiba, Tiago and Lechner, Ulrike and Pinto-Albuquerque, M. and Zouitni, Alae", title = "Design of secure coding challenges for cybersecurity education in the industry", booktitle = "Quality of Information and Communications Technology. QUATIC 2020.", year = "2020", editor = "Shepperd M., Brito e Abreu F., Rodrigues da Silva A., Pérez-Castillo R.", volume = "1266", number = "", series = "", doi = "10.1007/978-3-030-58793-2_18", publisher = "Springer Verlag (Germany)", address = "", organization = "", url = "https://link.springer.com/bookseries/7899" }
TY - CPAPER TI - Design of secure coding challenges for cybersecurity education in the industry T2 - Quality of Information and Communications Technology. QUATIC 2020. VL - 1266 AU - Gasiba, Tiago AU - Lechner, Ulrike AU - Pinto-Albuquerque, M. AU - Zouitni, Alae PY - 2020 DO - 10.1007/978-3-030-58793-2_18 UR - https://link.springer.com/bookseries/7899 AB - To minimize the possibility of introducing vulnerabilities in source code, software developers in the industry may attend security awareness and secure coding training. One promising novel approach to raise awareness is to use cybersecurity challenges in a capture-the-flag event. In order for this to be effective, the types of challenges must be adequately designed to address the target group. In this work we look at how to design challenges for software developers in an industrial context, based on survey given to security experts by gathering their experience on the field. While our results show that traditional methods seem to be adequate, they also reveal a new class of challenges based on code entry and interaction with an automated coach. ER -