skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


  • NSF Public Access
  • Search Results
  • Knowledge, Skills, and Abilities for Specialized Curricula in Cyber Defense: Results from Interviews with Cyber Professionals
Title: Knowledge, Skills, and Abilities for Specialized Curricula in Cyber Defense: Results from Interviews with Cyber Professionals
More specialized cybersecurity education programs are needed to address workforce needs, but it is unclear which knowledge, skills, and abilities (KSAs) fulfil industry needs. We interviewed 48 professionals within four cyber defense specialty areas: (1) Cyber Network Defense Analysis, (2) Cyber Network Defense Infrastructure Support, (3) Incident Response, and (4) Vulnerability Assessment and Management. The professionals rated a number of specialized KSAs along two dimensions: how important the KSA was to their job and how difficult the KSA was to learn. Overall, communication and other non-technical skills were rated as being very important for all cyber defense jobs. Findings indicated that, for some specialty areas, technical knowledge and skills vary considerably between jobs and so the ability to teach oneself is more valuable than proficiency in any one KSA. Findings may be used to inform the development of general cybersecurity curricula, as well as curricula that focus on Cyber Network Defense Analysis, Cyber Network Defense Infrastructure Support, or Vulnerability Assessment and Management.  more » « less
Award ID(s):
1516636 1723765 1564293
PAR ID:
10281814
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
ACM Transactions on Computing Education
Volume:
20
Issue:
4
ISSN:
1946-6226
Page Range / eLocation ID:
1 to 25
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; (, International Joint Conference on Neural Networks 2021 (IJCNN 2021))
    Cyber-defense systems are being developed to automatically ingest Cyber Threat Intelligence (CTI) that contains semi-structured data and/or text to populate knowledge graphs. A potential risk is that fake CTI can be generated and spread through Open-Source Intelligence (OSINT) communities or on the Web to effect a data poisoning attack on these systems. Adversaries can use fake CTI examples as training input to subvert cyber defense systems, forcing the model to learn incorrect inputs to serve their malicious needs. In this paper, we automatically generate fake CTI text descriptions using transformers. We show that given an initial prompt sentence, a public language model like GPT-2 with fine-tuning, can generate plausible CTI text with the ability of corrupting cyber-defense systems. We utilize the generated fake CTI text to perform a data poisoning attack on a Cybersecurity Knowledge Graph (CKG) and a cybersecurity corpus. The poisoning attack introduced adverse impacts such as returning incorrect reasoning outputs, representation poisoning, and corruption of other dependent AI-based cyber defense systems. We evaluate with traditional approaches and conduct a human evaluation study with cybersecurity professionals and threat hunters. Based on the study, professional threat hunters were equally likely to consider our fake generated CTI as true. 
    more » « less
  2. ; ; ; ; (, Construction Robotics)
    Abstract Robotic automation in construction has created the need for new competencies that will enable the workforce to engage with robots safely and effectively. However, differing perceptions between industry professionals and academia make aligning academic programs with industry needs challenging. This study evaluates these perceptions to guide the design of HRC training programs. A three-round Delphi study was conducted separately with panels of industry professionals and academic experts to assess their views on HRC competencies in construction. The findings revealed that both panels identified human–robot interfaces, HRC safety and standards, robot control systems, and construction robot applications as the top five HRC knowledge areas. Industry professionals also emphasized task planning knowledge, while academic experts focused on HRC ethics. Key HRC skills include effective communication, safety management, technical proficiency, and compliance with regulations and standards, with industry professionals prioritizing proficiency in task planning and academics emphasizing human–robot interface proficiency. Both expert panels prioritized teamwork, continuous learning, problem-solving, communication, and adaptability as top-rated HRC abilities. This study contributes to knowledge by defining key HRC competencies and identifying differences in priorities between industry and academia. These insights can guide the development of academic curricula that better align with industry needs, supporting the creation of training programs that equip the workforce with the competencies required for safe and effective robotic collaboration. The study also promotes collaboration between industry and academia, fostering innovation in HRC and robotics in construction. Future research directions are proposed to explore innovative training methods to equip the future workforce with HRC competencies. 
    more » « less
  3. ; ; ; ; ; (, Interservice/Industry Training, Simulation and Education Conference (I/ITSEC))
    null (Ed.)
    As the world becomes more interconnected and our lives increasingly depend on the cyber world, the increasing threat of cyberattacks and cybercrimes make it critical for us to provide better and practical training of the cybersecurity workforce. In recent years, cybersecurity competition has become one of the most effective and attractive way for educating and training college students or professionals. In this paper, we first systematically introduce in details the step-by-step procedure and technical knowledge on how we take use of the ongoing DoD cyber-range environment called Persistent Cyber Training Environment (PCTE) to set up cyber competition virtualization environment, configure and install operating systems and popular services with various well-representative vulnerabilities, and set up the participant’s access and scoring system. Then we introduce the cybersecurity competition successfully organized by us in I/ITSEC 2019 conference, and the experience and lessons learned from this real-world competition event. The technical details and knowledge presented in this paper could help other researchers and educators to set up their own cyber competition environment or event to better train the future cybersecurity workforce. 
    more » « less
  4. ; ; ; ; (, Disaster Prevention and Management: An International Journal)
    Purpose Social vulnerability in the context of disaster management refers to the sociodemographic characteristics of a population and the physical, social, economic, and environmental factors that increase their susceptibility to adverse disaster outcomes and capacity to anticipate, cope with, resist, and recover from disaster events. Because disasters do not impact people equally, researchers, public health practitioners, and emergency managers need training to meet the complex needs of vulnerable populations. Design/methodology/approach To address gaps in current education, the CONVERGE initiative, headquartered at the Natural Hazards Center at the University of Colorado Boulder, developed the Social Vulnerability and Disasters Training Module. This free online course draws on decades of research to examine the factors that influence social vulnerability to disasters. Examples of studies and evidence-based programs are included to illuminate common methods for studying social vulnerability and ways that research can guide practice. To evaluate the module, all trainees completed a pre- and post-training questionnaire. Findings Between July 2019 and September 2021, 1,089 people completed the module. Wilcoxon signed rank tests demonstrated a significant perceived increase in self-rated knowledge, skills, and attitudes (KSA). Students, members of historically underrepresented populations, and those new to or less experienced in the field, had the greatest perceived increase. Practical implications This training module can help participants understand the specific needs of socially vulnerable populations to help reduce human suffering from disasters. Originality/value This article describes a novel web-based training and offers evaluation data showing how it can help educate a broad hazards and disaster workforce on an important topic for disaster management. 
    more » « less
  5. ; ; ; ; ; (, 21st IEEE International Conference on Machine Learning and Applications)
    Cyber defense exercises are an important avenue to understand the technical capacity of organizations when faced with cyber-threats. Information derived from these exercises often leads to finding unseen methods to exploit vulnerabilities in an organization. These often lead to better defense mechanisms that can counter previously unknown exploits. With recent developments in cyber battle simulation platforms, we can generate a defense exercise environment and train reinforcement learning (RL) based autonomous agents to attack the system described by the simulated environment. In this paper, we describe a two-player game-based RL environment that simultaneously improves the performance of both the attacker and defender agents. We further accelerate the convergence of the RL agents by guiding them with expert knowledge from Cybersecurity Knowledge Graphs on attack and mitigation steps. We have implemented and integrated our proposed approaches into the CyberBattleSim system. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email