skip to main content

This content will become publicly available on February 27, 2025

Title: An Analysis of Prerequisites for Artificial Intelligence / Machine Learning-Assisted Malware Analysis Learning Modules

This paper presents the findings of action research conducted to evaluate new modules created to teach learners how to apply machine learning (ML) and artificial intelligence (AI) techniques to malware data sets. The trend in the data suggest that learners with cybersecurity competencies may be better prepared to complete the AI/ML modules’ exercises than learners with AI/ML competencies. We describe the challenge of identifying prerequisites that could be used to determine learner readiness, report our findings, and conclude with the implications for instructional design and teaching practice.

more » « less
Award ID(s):
Author(s) / Creator(s):
; ; ;
Publisher / Repository:
Journal of The Colloquium for Information Systems Security Education
Date Published:
Journal Name:
Journal of The Colloquium for Information Systems Security Education
Page Range / eLocation ID:
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. This Innovative Practice Work-in-Progress paper presents a virtual, proactive, and collaborative learning paradigm that can engage learners with different backgrounds and enable effective retention and transfer of the multidisciplinary AI-cybersecurity knowledge. While progress has been made to better understand the trustworthiness and security of artificial intelligence (AI) techniques, little has been done to translate this knowledge to education and training. There is a critical need to foster a qualified cybersecurity workforce that understands the usefulness, limitations, and best practices of AI technologies in the cybersecurity domain. To address this import issue, in our proposed learning paradigm, we leverage multidisciplinary expertise in cybersecurity, AI, and statistics to systematically investigate two cohesive research and education goals. First, we develop an immersive learning environment that motivates the students to explore AI/machine learning (ML) development in the context of real-world cybersecurity scenarios by constructing learning models with tangible objects. Second, we design a proactive education paradigm with the use of hackathon activities based on game-based learning, lifelong learning, and social constructivism. The proposed paradigm will benefit a wide range of learners, especially underrepresented students. It will also help the general public understand the security implications of AI. In this paper, we describe our proposed learning paradigm and present our current progress of this ongoing research work. In the current stage, we focus on the first research and education goal and have been leveraging cost-effective Minecraft platform to develop an immersive learning environment where the learners are able to investigate the insights of the emerging AI/ML concepts by constructing related learning modules via interacting with tangible AI/ML building blocks. 
    more » « less
  2. Contribution: A novel proactive and collaborative learning paradigm was proposed to engage learners with different backgrounds and enable effective retention and transfer of the multidisciplinary artificial intelligence (AI)-cybersecurity knowledge. Specifically, the proposed learning paradigm contains: 1) an immersive learning environment to motivate the students for exploring AI/machine learning (ML) development in the context of real-world cybersecurity scenarios by constructing learning models with tangible objects and 2) a proactive education paradigm designed with the use of collaborative learning activities based on game-based learning and social constructivism. Background: Increasing evidence shows that AI techniques can be manipulated, evaded, and misled, which can result in new and profound security implications. There is an education and training gap to foster a qualified cyber-workforce that understands the usefulness, limitations, and best practices of AI technologies in the cybersecurity domain. Efforts have been made to incorporate a comprehensive curriculum to meet the demand. There still remain essential challenges for effectively educating students on the interaction of AI and cybersecurity. Intended Outcomes: A novel proactive and collaborative learning paradigm is proposed to educate and train a qualified cyber-workforce in this new era where security breaches, privacy violations, and AI have become commonplace. Application Design: The development of this learning paradigm is grounded in the pedagogical approaches of technology-mediated learning and social constructivism. Findings: Although the research work is still ongoing, the prototype learning paradigm has shown encouraging results in promoting the learners’ engagement in applied AI learning. 
    more » « less
  3. Learners of Biomedical Engineering (BME) programs report difficulties finding relevant jobs post-graduation and also express a disconnect between their training and future professional roles. In addition, because of the interdisciplinary nature of BME, there is a lack of shared understanding of the field between learners, departments, and employers. This lack of understanding further contributes to the disconnect between instruction and practice. To bridge the gap between curricular experiences and learners' understanding of career opportunities in BME, we developed a series of 1-credit (4-week) BME-In-Practice Modules that exposed biomedical learners to biomedical engineering practice. Each 1-credit module in the series was designed to run for four weeks and focused on different areas in BME such as Tissue engineering, Computational Modeling, Medical Device Development, Drug Development, Regulations, and Neural Engineering. Learners' enrolled in one or multiple modules and engaged in experiential learning for 4-weeks to gain knowledge and skills relevant to the BME area of focus in the module(s). Following the conclusion of the BME-In-Practice series, we collected survey data from learners who participated in the modules to address the following research questions: 1) What are learners' goals and motivations for enrolling in the BME-In-Practice Module(s)? and 2) How did learners' experiences with the module(s) align with their goals and influence their graduation plans? The survey was administered using Qualtrics and consisted of multiple open-ended questions examining learners' goals and motivations for participating in the BME-in-Practice Module(s) and questions assessing their experiences with the series. Responses to the open-ended survey questions were analyzed using a qualitative interpretive approach. Our results identify different goals related to learners' professional interests and competencies when enrolling in the module. Learners' reported gaining practical experiences as well as clarity and direction about their professional futures. We also discuss the graduation plans and outcomes reported by the learners' who participated in the modules, followed by implications for practice and future research. 
    more » « less
  4. As societies rely increasingly on computers for critical functions, the importance of cybersecurity becomes ever more paramount. Even in recent months there have been attacks that halted oil production, disrupted online learning at the height of COVID, and put medical records at risk at prominent hospitals. This constant threat of privacy leaks and infrastructure disruption has led to an increase in the adoption of artificial intelligence (AI) techniques, mainly machine learning (ML), in state-of-the-art cybersecurity approaches. Oftentimes, these techniques are borrowed from other disciplines without context and devoid of the depth of understanding as to why such techniques are best suited to solve the problem at hand. This is largely due to the fact that in many ways cybersecurity curricula have failed to keep up with advances in cybersecurity research and integrating AI and ML into cybersecurity curricula is extremely difficult. To address this gap, we propose a new methodology to integrate AI and ML techniques into cybersecurity education curricula. Our methodology consists of four components: i) Analysis of Literature which aims to understand the prevalence of AI and ML in cybersecurity research, ii) Analysis of Cybersecurity Curriculum that intends to determine the materials already present in the curriculum and the possible intersection points in the curricula for the new AI material, iii) Design of Adaptable Modules that aims to design highly adaptable modules that can be directly used by cybersecurity educators where new AI material can naturally supplement/substitute for concepts or material already present in the cybersecurity curriculum, and iv) Curriculum Level Evaluation that aims to evaluate the effectiveness of the proposed methodology from both student and instructor perspectives. In this paper, we focus on the first component of our methodology - Analysis of Literature and systematically analyze over 5000 papers that were published in the top cybersecurity conferences during the last five years. Our results clearly indicate that more than 78% of the cybersecurity papers mention AI terminology. To determine the prevalence of the use of AI, we randomly selected 300 papers and performed a thorough analysis. Our results show that more than 19% of the papers implement ML techniques. These findings suggest that AI and ML techniques should be considered for future integration into cybersecurity curriculum to better align with advancements in the field. 
    more » « less
  5. Creating pathways that stimulate high school learners’ interest in advanced topics with the goal of building a diverse, gender-balanced, future-ready workforce is crucial. To this end, we present the curriculum of a new, high school computer science course under development called Computer Science Frontiers (CSF). Building on the foundations set by the AP Computer Science Principles course, we seek to dramatically expand access, especially for high school girls, to the most exciting and emerging frontiers of computing, such as distributed computation, the internet of things (IoT), cybersecurity, and machine learning. The modular, open-access, hands-on curriculum provides an engaging introduction to these advanced topics in high school because currently they are accessible only to CS majors in college. It also focuses on other 21st century skills required to productively leverage computational methods and tools in virtually every profession. To address the dire gender disparity in computing, the curriculum was designed to engage female students by focusing on real world application domains, such as climate change and health, by including social applications and by emphasizing collaboration and teamwork. Our paper describes the design of curricular modules on Distributed Computing, IoT/Cybersecurity, and AI/Machine Learning. All project-based activities are designed to be collaborative, situated in contexts that are engaging to high school students, and often involve real-world world data. We piloted these modules in teacher PD workshops with 8 teachers from North Carolina, Tennessee, Massachusetts, Pennsylvania, and New York who then facilitated virtual summer camps with high school students in 2020 and 2021. Findings from teacher PD workshops as well as student camps indicate high levels of engagement in and enthusiasm for the curricular activities and topics. Post-intervention surveys suggest that these experiences generate student interest exploring these ideas further and connections to areas of interest to students. 
    more » « less