TY - CONF
T1 - Students who don’t understand information flow should be eaten
T2 - 5th Workshop on Cyber Security Experimentation and Test, CSET 2012
AU - Ensafi, Roya
AU - Jacobi, Mike
AU - Crandall, Jedidiah R.
N1 - Funding Information:
We would like to thank Nick Aase, the CSET anonymous reviewers, and our shepherd, Sean Peisert, for valuable feedback. We would also like to thank the students in our Spring 2012 CS 444/544 “Introduction to Cybersecurity” class for their input and patience. Finally, we would like to thank the UNM Department of Computer Science for supporting Mike Jacobi with a teaching assistantship. This material is based upon work supported by the National Science Foundation under Grant Nos. #0844880, #0905177, and #1017602.
Funding Information:
We would like to thank Nick Aase, the CSET anonymous reviewers, and our shepherd, Sean Peisert, for valuable feedback. We would also like to thank the students in our Spring 2012 CS 444/544 “Introduction to Cyber-security” class for their input and patience. Finally, we would like to thank the UNM Department of Computer Science for supporting Mike Jacobi with a teaching assistantship. This material is based upon work supported by the National Science Foundation under Grant Nos. #0844880, #0905177, and #1017602.
Publisher Copyright:
© 2012 USENIX Association. All rights reserved.
PY - 2012
Y1 - 2012
N2 - Information flow is still relevant, from browser privacy to side-channel attacks on cryptography. However, many of the seminal ideas come from an era when multi-level secure systems were the main subject of study. Students have a hard time relating the material to today’s familiar commodity systems. We describe our experiences developing and utilizing an online version of the game Werewolves of Miller’s Hollow (a variant of Mafia). To avoid being eaten, students must exploit inference channels on a Linux system to discover “werewolves” among a population of “townspeople.” Because the werewolves must secretly discuss and vote about who they want to eat at night, they are forced to have some amount of keystroke and network activity in their remote shells at this time. In each instance of the game the werewolves are chosen at random from among the townspeople, creating an interesting dynamic where students must think about information flow from both perspectives and keep adapting their techniques and strategies throughout the semester. This game has engendered a great deal of enthusiasm among our students, and we have witnessed many interesting attacks that we did not anticipate. We plan to release the game under an open source software license.
AB - Information flow is still relevant, from browser privacy to side-channel attacks on cryptography. However, many of the seminal ideas come from an era when multi-level secure systems were the main subject of study. Students have a hard time relating the material to today’s familiar commodity systems. We describe our experiences developing and utilizing an online version of the game Werewolves of Miller’s Hollow (a variant of Mafia). To avoid being eaten, students must exploit inference channels on a Linux system to discover “werewolves” among a population of “townspeople.” Because the werewolves must secretly discuss and vote about who they want to eat at night, they are forced to have some amount of keystroke and network activity in their remote shells at this time. In each instance of the game the werewolves are chosen at random from among the townspeople, creating an interesting dynamic where students must think about information flow from both perspectives and keep adapting their techniques and strategies throughout the semester. This game has engendered a great deal of enthusiasm among our students, and we have witnessed many interesting attacks that we did not anticipate. We plan to release the game under an open source software license.
UR - http://www.scopus.com/inward/record.url?scp=85084160079&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85084160079&partnerID=8YFLogxK
M3 - Paper
AN - SCOPUS:85084160079
Y2 - 6 August 2012
ER -