Incorporating Lab Experience into Computer Security Courses: Three Case Studies

We describe different approaches taken to teaching security labs at ECPI University (ECPI), University of Maryland University College (UMUC) and Western Michigan University (WMU).These three approaches are then compared in various perspectives such as the type of the educational institution offering them; the lab platform, its accessibility and performance; instructional support and materials; software installation and configuration effort; as well as cost and implementation issues. We believe that an academic institution designing and building a security lab would benefit from reviewing our comparison and examining all three approaches: a pure virtual lab at UMUC, the traditional physical computing lab at WMU, and a hybrid approach at ECPI University. Selecting the appropriate deployment model should then be based on the individual institutional requirements. In addition, we briefly present the challenges we faced and lessons we learned while integrating security labs into the curriculum. Finally, we provide our rationale and conclude that security labs should be an essential part of the curriculum.