Search for: All records

The main objective of authentic learning is to offer students an exciting and stimulating educational setting that provides practical experiences in tackling real-world security issues. Each educational theme is composed of pre-lab, lab, and post-lab activities. Through the application of authentic learning, we create and produce portable lab equipment for AI Security and Privacy on Google CoLab. This enables students to access and practice these hands-on labs conveniently and without the need for time-consuming installations and configurations. As a result, students can concentrate more on learning concepts and gain more experience in hands-on problem-solving abilities 

The primary goal of the authentic learning approach is to engage and motivate students in learning real world problem solving. We report our experience in developing k-nearest neighbor (KNN) classification for anomaly user behavior detection, one of the authentic machine learning for cybersecurity (ML4Cybr) learning modules based on 10 cybersecurity (CybrS) cases with machine learning (ML) solutions. All portable labs are made available on Google CoLab. So students can access and practice these hands-on labs anywhere and anytime without software installation and configuration which will engage students in learning concepts immediately and getting more experience for hands-on problem solving skills. 

Machine Learning (ML) analyze, and process data and develop patterns. In the case of cybersecurity, it helps to better analyze previous cyber attacks and develop proactive strategy to detect, prevent the security threats. Both ML and cybersecurity are important subjects in computing curriculum but ML for security is not well presented there. We design and develop case-study based portable labware on Google CoLab for ML to cybersecurity so that students can access, share, collaborate, and practice these hands-on labs anywhere and anytime without time tedious installation and configuration which will help students more focus on learning of concepts and getting more experience for hands-on problem solving skills. 

While the number of mobile and web applications is growing exponentially, the mobile and web security threat landscape is growing explosively. Malicious malware may attack vulnerable applications and obtain personal or enterprise confidential data anywhere and anytime. Most vulnerabilities should be addressed and fixed during the early stages of software development. However, many software development professionals lack the awareness of the importance of security vulnerabilities and the necessary knowledge and skills at the software development stage. This paper addresses the needs and challenges of the lack of pedagogical materials and real-world learning environment in ProActive Control for Software Security (PASS) through effective, engaging, and investigative authentic learning approaches. 

Denial of Service (DoS) is one of the common attempts in security hacking for making computation resources unavailable or to impair geographical networks. In this paper, we detect Denial of Service (DoS) attack from publicly available datasets using Logistic regression, Naive Bayes algorithm and artificial neural networks. The results from our experiments indicate that the accuracy, ROC curve and balanced accuracy of artificial neural network were higher than Naive Bayes algorithm and logistic regression for slightly imbalanced distribution dataset. 

A set of Information Assurance and Security hands-on learning modules is developed and open to the public. Topics include networking security, database security, defensive programming, web security, system fundamentals, mobile security, malware detection using Machine learning, and big data analytics on network intrusion detection. The design follows hands-on casebased pedagogical model, which yields a satisfaction rate up to 92.5% for self-learners. 

This Innovative Practice Work in Progress presents a plugin tool named DroidPatrol. It can be integrated with the Android Studio to perform tainted data flow analysis of mobile applications. Most vulnerabilities should be addressed and fixed during the development phase. Computer users, managers, and developers agree that we need software and systems that are “more secure”. Such efforts require support from both the educational institutions and learning communities to improve software assurance, particularly in writing secure code. Many open source static analysis tools help developers to maintain and clean up the code. However, they are not able to find potential security bugs. Our work is aimed to checking of security issues within Android applications during implementation. We provide an example hands-on lab based on DroidPatrol prototype and share the initial evaluation feedback from a classroom. The initial results show that the plugin based hands-on lab generates interests among learners and has the promise of acting as an intervention tool for secure software development. 

This Innovative Practice Work in Progress presents a plugin tool named DroidPatrol. It can be integrated with the Android Studio to perform tainted data flow analysis of mobile applications. Most vulnerabilities should be addressed and fixed during the development phase. Computer users, managers, and developers agree that we need software and systems that are “more secure”. Such efforts require support from both the educational institutions and learning communities to improve software assurance, particularly in writing secure code. Many open source static analysis tools help developers to maintain and clean up the code. However, they are not able to find potential security bugs. Our work is aimed to checking of security issues within Android applications during implementation. We provide an example hands-on lab based on DroidPatrol prototype and share the initial evaluation feedback from a classroom. The initial results show that the plugin based hands-on lab generates interests among learners and has the promise of acting as an intervention tool for secure software development. 

This Innovative Practice Work in Progress presents a plugin tool named DroidPatrol. It can be integrated with the Android Studio to perform tainted data flow analysis of mobile applications. Most vulnerabilities should be addressed and fixed during the development phase. Computer users, managers, and developers agree that we need software and systems that are “more secure”. Such efforts require support from both the educational institutions and learning communities to improve software assurance, particularly in writing secure code. Many open source static analysis tools help developers to maintain and clean up the code. However, they are not able to find potential security bugs. Our work is aimed to checking of security issues within Android applications during implementation. We provide an example hands-on lab based on DroidPatrol prototype and share the initial evaluation feedback from a classroom. The initial results show that the plugin based hands-on lab generates interests among learners and has the promise of acting as an intervention tool for secure software development.