Application and Evaluation of Visual CPU Simulator to Support Information Security Education

抄録

This paper proposes a new approach to improve and support Information Security Education based on a visual CPU simulator. Our visual CPU simulator can provide suitable demonstration for learners to comprehend how buffer overflow causes some remarkable effects for security matter. At the first stage of Information Security Education, a normal program including subroutine call and its return has been graphically and correctly executed by the visual CPU simulator, secondly demonstration of buffer overflow phenomena can be performed by the simulator through stack overwriting in order for learners to understand typical software vulnerability. Learners will be able to recognize how such an overflow phenomena easily occur some violence of stack replacement and exordinary program execution through utilization of the CPU simulator. This approach to visualize Information Security Education with our CPU simulator has been evaluated through questionnaire by learners in classroom lectures. It is confirmed that approach to visualize Information Security Education has been effective for learners to study buffer overflow phenomena by means of qualitative and quantitative analysis of the result of questionnaire.