Chapter 1: Introduction

1.1 Introduction

For the past decade, partly due to the widespread use of the Internet, computer security has
become a top issue in industry, academia and government. The demand for well-trained
security professionals has grown dramatically. The integration of security into computing
curricula, however, has not kept up with this demand. There is a large discontinuity between
the demand for security professionals and the academic programs that produce them. This
deficiency deepens in undergraduate programs, where few have security courses. A related
problem is, despite the ubiquitous nature of security, most existing computing courses lack
security components. The problems are even more serious for smaller universities where
resources tend to be limited (Achar et al., 2004).

Computer security has become a critical issue that affects our everyday life. For this reason,
most universities and other educational institutions have devoted a consistent amount of
resources to develop courses and curricula that involve security training. Typical courses
include cryptography, general computer security, network security, and specialized topics, such
as firewalls, security of wireless networks, etc. Most of these courses are taught using standard
educational tools, such as textbooks, slides, and papers. In addition, assignment and tests are
mostly paper-based and theoretical (Vigna, 2003).

Nonetheless, teaching practical security is important because of the critical nature of the topic.
A security education curriculum that covers only the theoretical aspects of security does not
give the student the opportunity to experiment in practice with security technologies cannot
prepare the students to the complexity and difficulties of doing research and development in
the computer security field (Valeur et al., 2004).

With the increase of information security programs and curricula in recent years, the
importance of hands-on laboratory components in information security education has been
recognized (Wright, 2010). Although hands-on laboratory is important, the setup cost for the
laboratory is extremely high which is unaffordable for most universities and colleges.
Therefore, a cost-effective raspberry pi-based packet sniffer has been proposed. Cost effective
packet sniffer can be very useful for education purposes in colleges and universities. This
concept has motivated me to pursue my research in this field by implementing a prototype.
1.2 Initial Study

An initial study was carried out to determine the problem which would be addressed in this
research. This was done and completed to justify the domain ascertained in this research which
encompasses the problems that academicians faced in terms of cost to purchase the device.

Preliminary Study (Interview on Hands-on Laboratory)

In order to justify the purpose of this study, strong empirical evidence is needed. Prior to
conducting the research, a preliminary interview was conducted to investigate the importance
of having hands-on laboratory for computer security course as well as the benefits of cost
effective laboratory components. The interview was organized with lecturers from KDU
University College who were specialized in computer security. Questions asked are as below.

No. Questions
1 Why is there no dedicated hands-on computer security laboratory?
2 Do you think hands-on laboratory can improve learning environment?
3 Do you think cost effective devices can help in setting up a hands-on laboratory?
Table 1.0: Interview Questions

No. Questions
1 The cost of having a dedicated hands-on laboratory is high.
2 Yes. Having a hands-on laboratory can help to improve academic performance.
3 Yes. Cost effective devices not only help in setting up hands-on laboratory, it also
allows students to purchase their own devices.
Table 1.1: Interview Answers

1.3 Problem Statement

Teaching practical computer security requires the use of tools and techniques to support the
education process and to evaluate the students’ skills (Vigna, 2003). However, hands-on
laboratory for computer security are expensive to set up and to manage. For this reason, there
exists a lack of computer security components in many universities and colleges across the
world. Therefore, building affordable cost-effective devices using raspberry pi such as packet
sniffer able to bring benefits to academicians for education purposes in colleges and
universities.
1.4 Research Objective

1. To investigate the structure of existing packet sniffer.

2. To design and develop;
a. A cost-effective packet sniffer using raspberry pi for education.
b. An instructional packet sniffer laboratory sheet to support experiential learning.
3. To validate the effectiveness and usefulness of the packet sniffer prototype through a
usability test.

1.5 Research Questions

Based on the background above the research question to be discussed in this proposal can be
formulated as follow:

1. What are the features that a packet sniffer should have?

2. What are the purpose of design and develop a packet sniffer?
3. What are the aspects that validate the effectiveness and usefulness of the packet sniffer?

1.6 Scope of Study

The research focuses on design and develop a packet sniffing tool that can be used by
academicians for education purposes. The packet sniffer shall be cost effective and provide
significant functionality compared to the existing commercial packet sniffer.

The implementation of the packet sniffer will apply the raspberry pi a single-board computer.
It will be used to develop the packet sniffer in order to achieve cost effectiveness.

Level Description
Basic System is able to monitor network traffic
Intermediate System is able to capture and store packets
from the network
Advance System is able to decode packets
Table 1.2: Functionality
1.7 Limitation of Study

The research will be conducted in the School of Computing and Creative Media (SCCM) in
KDU University College, Malaysia. The research will focus on lecturers and students that
specialize in computer security. This group of respondents may not have prior knowledge on
packet sniffer. Besides, the sample size of this research is too small. The sample size should be
large in amount in order to make a general conclusion based on the cost effectiveness and
performance of packet sniffer by using raspberry pi.
1.8 Significance of Study

We all have seen the dramatic development of new and improved technologies. There has also
been an increase in the number, and sophistication, of Internet threats being produced by cyber
criminals. Information security has continuously been a top priority in many organizations.
This trend brings a great demand for qualified computer security and Information Assurance
(IA) professionals (Dodge, 2015).

To address national needs for computer security education, many universities and colleges have
incorporated computer and security courses into their undergraduate and graduate curricula
(Sharma, 2007). However, there exists a lack of computer security components in many
universities and colleges across the world due to the setup cost.

The proposed solution is able to provide a cost-effective solution for universities and colleges
in order to setup a computer security hands-on laboratory for students to conduct their practical
experiments.

Groups that could gain benefits from the tool developed in this study include:

 Students
 Lecturers
 Academicians