Cyber security is a dynamic topic: new vulnerabilities and types of attacks are reported in the media almost daily and are immediately exploited by attackers. This large volume and fast-moving nature makes it difficult for lecturers to recognize the relevance of current reports and to decide which ones should be addressed for teaching purposes. In particular, the question arises whether a novel attack concept has been developed and used, or whether it is "just" the exploitation of a programming error. A similar problem regarding detection also affects students at their future workplace in the field of cyber security, both in the area of attacks (penetration tester) and in the area of defense (cyber security specialist). They need to be able to decide frequently and quickly whether a newly disclosed vulnerability is relevant for the IT system of their employer or customer, and whether measures need to be taken against it.
The goal of this project is to develop a sustainable methodology that recognizes new attack concepts in theoretical research and facilitates the detection of their occurrence in practical attacks. A classification will be developed, validated, and optimized by means of a literature review. Furthermore, the methodology will be periodically applied by lecturers to update their own teaching modules and to develop new projects. In parallel, students should also learn and apply this method in order to be able to quickly recognize relevant developments in their future professional life.