Paper Info
Title
Developing and Assessing a Web-Based Interactive Visualization Tool to Teach Buffer Overflow Concepts
Abstract
This Innovative Practice Full Paper presents a new way to teach buffer overflow concepts. Historically, buffer overflow has been the number one security vulnerability in applications for many years. More recently, advances in protection methods including non-executable stack, canaries, ASLR, and Windows DEP have made buffer overflow attacks a much smaller security concern, but they are still a serious issue in embedded systems and micro-controllers. Therefore, it is still very important to teach students this topic. There are several tools available for teaching buffer overflow attacks, but there are no easily accessible interactive teaching tools to help students understand the concepts. We developed a web-based interactive visualization tool that aims to help students gain a deeper understanding of buffer overflow concepts. There are six learning components that build upon one another as well as an assessment after each component for immediate learning feedback. There is also a space shooter mini-game between each learning component. To evaluate the impact of this online visualization tool on students’ learning, we developed in-game assessments, a pre-test, a post-test and a survey. This tool was used in two classes at Winston-Salem State University (WSSU) and North Carolina A&T State University (NC A&T) in Fall 2019. The classroom experience reports and focus group discussion show that this tool helped students improve their understanding of buffer overflow concepts.
Year
DOI
Venue
2020
10.1109/FIE44824.2020.9274239
2020 IEEE Frontiers in Education Conference (FIE)
Keywords
DocType
ISSN
Cybersecurity,Visualization,Buffer Overflow
Conference
1539-4565
ISBN
Citations 
PageRank 
978-1-7281-8962-8
0
0.34
References 
Authors
0
5
Name
Order
Citations
PageRank
Jinghua Zhang1204.89
Xiaohong Yuan216926.72
Jaris Johnson300.34
Jinsheng Xu43910.46
Mounika Vanamala500.34