More Like this

1. Advancing Blockchain Learning in STEM Education Through A Comprehensive Hands-On Educational Approach

   https://doi.org/10.1109/ISEC61299.2024.10665004  

   Hapuarachchi, Thushari; Mapkar, Mariyam; Rahouti, Mohamed; Xiong, Kaiqi (March 2024, IEEE)

   The escalating frequency of cybersecurity incidents and the critical importance of blockchain technology in modern society underscore the imperative for enriched, hands-on educational programs in undergraduate Computer Science and Engineering disciplines. This urgency is driven by the need to cultivate a workforce proficient in navigating and mitigating the complexities associated with digital security threats, alongside leveraging blockchain innovations for secure, decentralized solutions. Incorporating comprehensive, experiential learning opportunities into academic curricula will ensure that students are not only well-versed in theoretical knowledge but also proficient in applying practical solutions to real-world challenges, thereby significantly enhancing their preparedness for the demands of the tech industry. This work explores integrating blockchain technology into STEM education, focusing on cybersecurity through a hands-on learning approach. It aims to equip undergraduate students with practical experience in blockchain and cybersecurity, addressing the sector’s complexities and its growing significance. Our work is to develop new modules and lab experiments, fostering real-world skills in these rapidly evolving fields. This initiative highlights the critical role of hands-on learning in understanding blockchain’s foundational concepts and applications, preparing students for future challenges in technology and cybersecurity sectors. 

   more » « less
2. Development and Evaluation of Cybersecurity Education Games for High School Students

   Jin, Ge; Tu, M.; Kim, T.; Heffron, J.; White, J.; Trekles, A. (September 2018, International journal of engineering research & innovation)

   Cybersecurity workforce development is the key to protecting information and information systems, and yet more than 30% of companies are short on security expertise. To address this need, the current authors have developed four cybersecurity education games to teach social engineering, secure online behavior, cyber defense methods, and cybersecurity first principles. These games are intended to recruit the next generation cybersecurity workforce by developing an innovative cybersecurity curriculum and pedagogical methods to provide high school students with hands-on activities in a game-based learning environment. Purdue University Northwest (PNW) offered high school summer camps for 181 high school students in June of 2016 and June of 2017. Out of 181 high school participants, 107 were underrepresented minority students, including African Americans, Hispanics, Asians, and Native Americans. To evaluate the effectiveness of the cybersecurity education games, post-camp surveys were conducted with 154 camp participants. The survey results indicated that the games were very effective in cybersecurity awareness training. Furthermore, the cybersecurity education games were more effective for male students than female students in raising student interest in computer science and cybersecurity. 

   more » « less
3. Work-in-Progress: Enabling Secure Programming in C++ & Java through Practice Oriented Modules

   Kenneth Andrew Guernsey; Jacob Matthew; Quamar Niyaz; Xiaoli Yang; Ahmad Y Javaid; Sidike Paheding (August 2022, ASEE Annual Conference proceedings)

   Nowadays, cyberattack incidents are happening on a daily basis. As a result, the demand for a larger and more challenging workforce is increasing. To handle this demand, academic institutions offer cybersecurity courses and degree programs into their curricula; however, more efforts are needed to address the high demand of the cybersecurity workforce. This work aims to bridge the gap between workforce shortage and the number of qualified graduates to fill the positions. We approach this by introducing cybersecurity concepts at the early stage of undergraduate curricula of computer science and engineering programs. Secure programming is critical as many cybersecurity incidents happen due to software vulnerabilities. However, most UG-level programming courses pay little attention to secure programming practices. As a result, many students graduate with limited knowledge of security vulnerabilities that might plague the developed software. Our goal in this work is to introduce secure programming at introductory level programming courses so that students should be aware of cybersecurity issues and use this security mindset in advanced level courses and projects in their degree programs. To accomplish this goal, we developed intuitive and interactive modules emphasizing secure programming in C++ and Java courses to help students become secure software developers. These modules will be used alongside the coursework to emphasize certain vulnerabilities within the programming environment of a specific language and allow students to learn cybersecurity topics, enforcing a solid foundation and understanding. We developed cybersecurity educational modules for C++ and Java as they are amongst the popular languages and used in introductory programming courses. While designing these modules, we kept in mind that the topics must be relevant to real-world issues in the software industry. We used a variety of resources and benchmarks to ensure the authenticity of our chosen topics, including Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE). While choosing module topics to develop, we had some restrictions. For example, the topics must be introductory and easy to understand. These modules are geared towards freshman or sophomore-level UG students who have just started programming. The developed security modules have four components: power-point slides, lab description, code template for the lab, and complete solution. The complete solution for each module will be provided to the instructors to check students’ work if they adopt the modules in their courses. The modules developed for a C++ programming course include labs on input validation, integer overflow, random number generation, function call with incorrect argument type, and dangling pointers. In Java, we developed lab modules for input validation, integer overflow, null object reference, random number generator, and data encapsulation. 

   more » « less
4. Enhancing Cybersecurity Education and Workforce Through Colorado-Washington Security Scholar Program

   Bai, Yan; Chang, Sang-Yoon; Lew, Ken; Wuthier, Simeon (January 2021, Journal of computing sciences in colleges)

   Colorado-Washington Security Scholars Program (CWSSP) is a scholarship program for training and educating cybersecurity engineering students. Hosted in two universities for the students in the cybersecurity degree programs, the cross-campus program emphasizes virtual teamwork and collaborations in learning cybersecurity and executing the cybersecurity projects. This paper explains how the CWSSP program uniquely enhances the cybersecurity education and workforce development particularly focusing on the mechanisms to incorporate collaborations for the student scholars' training and the outcomes of the collaborations. We share our experience and insights from delivering the scholarship program in this paper. 

   more » « less
5. DeapSECURE: Empowering Students for Data- and Compute-Intensive Research in Cybersecurity through Training

   https://doi.org/10.1145/3332186.3332247  

   Purwanto, Wirawan; Wu, Hongyi; Sosonkina, Masha; Arcaute, Karina (January 2019, Proceedings of ACM Practical Experience in Advanced Research Computing Conference (PEARC’19))

   As the volume and sophistication of cyber-attacks grow, cybersecurity researchers, engineers and practitioners rely on advanced cyberinfrastructure (CI) techniques like big data and machine learning, as well as advanced CI platforms, e.g., cloud and high-performance computing (HPC) to assess cyber risks, identify and mitigate threats, and achieve defense in depth. There is a training gap where current cybersecurity curricula at many universities do not introduce advanced CI techniques to future cybersecurity workforce. At Old Dominion University (ODU), we are bridging this gap through an innovative training program named DeapSECURE (Data-Enabled Advanced Training Program for Cyber Security Research and Education). We developed six non-degree training modules to expose cybersecurity students to advanced CI platforms and techniques rooted in big data, machine learning, neural networks, and high-performance programming. Each workshop includes a lecture providing the motivation and context for a CI technique, which is then examined during a hands-on session. The modules are delivered through (1) monthly workshops for ODU students, and (2) summer institutes for students from other universities and Research Experiences for Undergraduates participants. Future plan for the training program includes an online continuous learning community as an extension to the workshops, and all learning materials available as open educational resources, which will facilitate widespread adoption, adaptations, and contributions. The project leverages existing partnerships to ensure broad participation and adoption of advanced CI techniques in the cybersecurity community. We employ a rigorous evaluation plan rooted in diverse metrics of success to improve the curriculum and demonstrate its effectiveness. 

   more » « less