Computer Sciences Commons^™

Using A Game To Improve Phishing Awareness, Patrickson Weanquoi, Jaris Johnson, Jinghua Zhang

Journal of Cybersecurity Education, Research and Practice

Cybersecurity education has become increasingly critical as we spend more of our everyday lives online. Research shows that college students are mostly unaware of the many online dangers. To teach students about cybersecurity using their preferred medium, gaming, we developed an educational 2D game called “Bird’s Life” that aims to teach college students, as well as general interest individuals, about phishing. Players will come to understand phishing attacks and how to avoid them in real-world scenarios through a fun gaming context. The game can be deployed to multiple platforms such as PC, web, and mobile devices. To measure the effect …

An Examination Of Cybersecurity Knowledge Transfer: Teaching, Research, And Website Security At U.S. Colleges And Universities, Aditya Gupta, James R. Wolf

Journal of Cybersecurity Education, Research and Practice

This work seeks to answer the question: Does faculty cybersecurity knowledge gained from teaching and research transfer to other IT units in the university? Specifically, do colleges and universities that excel in cybersecurity teaching and research have more secure websites? This work explores a unique setting where the knowledge of the source and recipient are both directly related and observable without outside intervention. Our study employed data from 591 U.S. colleges and universities, the National Centers of Academic Excellence (CAE) program, accepted paper data from the ACM Conference on Computer and Communications Security (CCS) and the IEEE Symposium on Security …

Assessment Of Two Pedagogical Tools For Cybersecurity Education, Pranita Deshpande

University of New Orleans Theses and Dissertations

Cybersecurity is an important strategic areas of computer science, and a difficult discipline to teach effectively. To enhance and provide effective teaching and meaningful learning, we develop and assess two pedagogical tools: Peer instruction, and Concept Maps. Peer instruction teaching methodology has shown promising results in core computer science courses by reducing failure rates and improving student retention in computer science major. Concept maps are well-known technique for improving student-learning experience in class. This thesis document presents the results of implementing and evaluating the peer instruction in a semester-long cybersecurity course, i.e., introduction to computer security. Development and evaluation of …

Evaluating An Educational Cybersecurity Playable Case Study, Tanner West Johnson

Theses and Dissertations

The realities of cyberattacks have become more and more prevalent in the world today. Due to the growing number of these attacks, the need for highly trained individuals has also increased. Because of a shortage of qualified candidates for these positions, there is an increasing need for cybersecurity education within high schools and universities. In this thesis, I discuss the development and evaluation of Cybermatics, an educational simulation, or playable case study, designed to help students learn and develop skills within the cybersecurity discipline.

This playable case study was designed to allow students to gain an understanding of the field …

Designing Cybersecurity Competitions In The Cloud: A Framework And Feasibility Study, Chandler Ryan Newby

Theses and Dissertations

Cybersecurity is an ever-expanding field. In order to stay current, training, development, and constant learning are necessary. One of these training methods has historically been competitions. Cybersecurity competitions provide a method for competitors to experience firsthand cybersecurity concepts and situations. These experiences can help build interest in, and improve skills in, cybersecurity.

While there are diverse types of cybersecurity competitions, most are run with on-premise hardware, often centralized at a specific location, and are usually limited in scope by available hardware. This research focuses on the possibility of running cybersecurity competitions, specifically CCDC style competitions, in a public cloud environment. …

Information Security Concepts And Administration (Ksu), Meng Han, Lei Li, Zhigang Li, Svetana Peltsverger, Ming Yang, Guangzhi Zheng

Computer Science and Information Technology Grants Collections

This Grants Collection for Information Security Concepts and Administration was created under a Round Ten ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Database Security And Auditing (Ksu), Lei Li, Rebecca H. Rutherfoord, Svetana Peltsverger, Richard Halstead-Nussloch, Jack Zheng, Zhigang Li

Computer Science and Information Technology Grants Collections

This Grants Collection for Database Security and Auditing was created under a Round Eleven ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

A Nonlinear Systems Framework For Cyberattack Prevention For Chemical Process Control Systems, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Recent cyberattacks against industrial control systems highlight the criticality of preventing future attacks from disrupting plants economically or, more critically, from impacting plant safety. This work develops a nonlinear systems framework for understanding cyberattack-resilience of process and control designs and indicates through an analysis of three control designs how control laws can be inspected for this property. A chemical process example illustrates that control approaches intended for cyberattack prevention which seem intuitive are not cyberattack-resilient unless they meet the requirements of a nonlinear systems description of this property.

Suas: Cybersecurity Threats, Vulnerabilities, And Exploits, Philip Craiger, Gary Kessler, William Rose

National Training Aircraft Symposium (NTAS)

The FAA predicts that purchases of hobbyist small unmanned aerial systems (sUAS) will grow from 1.9 million in 2016 to 4.3 million by 2020, and commercial sUAS to increase from 600,000 in 2016 to 2.7 million by 2020. sUAS, often referred to as 'drones,' are comprised of aeronautical hardware, a CPU, RAM, onboard storage, radio frequency communications, sensors, a camera, and a controller used by the pilot-in-command (PIC). Some have argued that a sUAS is essentially a flying computer. As such, sUAS are sometimes susceptible to many of the types of attacks that are often used on PC-based computers attached …

State Measurement Spoofing Prevention Through Model Predictive Control Design, Helen Durand

Chemical Engineering and Materials Science Faculty Research Publications

Security of chemical process control systems against cyberattacks is critical due to the potential for injuries and loss of life when chemical process systems fail. A potential means by which process control systems may be attacked is through the manipulation of the measurements received by the controller. One approach for addressing this is to design controllers that make manipulating the measurements received by the controller in any meaningful fashion very difficult, making the controllers a less attractive target for a cyberattack of this type. In this work, we develop a model predictive control (MPC) implementation strategy that incorporates Lyapunov-based stability …

The Present And Future Of Cybercrime, Cyberterrorism, And Cybersecurity, Kyung-Shick Choi, Claire Seungeun Lee

International Journal of Cybersecurity Intelligence & Cybercrime

Cybercriminology combines knowledge from criminology, psychology, sociology, computer science, and cybersecurity to provide an in-depth understanding of cybercrime. Cybercrime and cybersecurity are interconnected across many places, platforms, and actors. Cybercrime issues are continuously and expeditiously changing and developing, especially with the advent of new technologies. The International Journal of Cybersecurity Intelligence and Cybercrime (IJCIC) aims to contribute to the growing field of cybercriminology and cybersecurity. The IJCIC is eager to work with scholars, policy analysts, practitioners, and others to enhance theory, methods, and practice within cybercrime and cybersecurity at the regional, national, and international levels.

An Argument For Interdisciplinary Programs In Cybersecurity, Dennis Giever

International Journal of Cybersecurity Intelligence & Cybercrime

In this commentary Dr. Giever presents a compelling argument for interdisciplinary programs in cybersecurity at the university level. He argues that we no longer have the luxury of allowing barriers to exist between those tasked with IT security and those who provide physical security. He recommends that any security program take an “all possible paths” or “balanced approach” to the protection of assets within an organization. Students in computer science, criminal justice, business, human resources, and others should work collaboratively within education programs learning these necessary skills. A team effort is needed to accomplish the myriad of tasks necessary to …

Building Test Anonymity Networks In A Cybersecurity Lab Environment, John Schriner

Student Theses

This paper explores current methods for creating test anonymity networks in a laboratory environment for the purpose of improving these networks while protecting user privacy. We first consider how each of these networks is research-driven and interested in helping researchers to conduct their research ethically. We then look to the software currently available for researchers to set up in their labs. Lastly we explore ways in which digital forensics and cybersecurity students could get involved with these projects and look at several class exercises that help students to understand particular attacks on these networks and ways they can help to …

Voice Hacking: Using Smartphones To Spread Ransomware To Traditional Pcs, Bryson R. Payne, Leonardo I. Mazuran, Tamirat Abegaz

Journal of Cybersecurity Education, Research and Practice

This paper presents a voice hacking proof of concept that demonstrates the ability to deploy a sequence of hacks, triggered by speaking a smartphone command, to launch ransomware and other destructive attacks against vulnerable Windows computers on any wireless network the phone connects to after the voice command is issued. Specifically, a spoken, broadcast, or pre-recorded voice command directs vulnerable Android smartphones or tablets to a malicious download page that compromises the Android device and uses it as a proxy to run software designed to scan the Android device’s local area network for Windows computers vulnerable to the EternalBlue exploit, …

Experiential Learning Builds Cybersecurity Self-Efficacy In K-12 Students, Abdullah Konak

Journal of Cybersecurity Education, Research and Practice

In recent years, there have been increased efforts to recruit talented K-12 students into cybersecurity fields. These efforts led to many K-12 extracurricular programs organized by higher education institutions. In this paper, we first introduce a weeklong K-12 program focusing on critical thinking, problem-solving, and igniting interest in information security through hands-on activities performed in a state-of-the-art virtual computer laboratory. Then, we present an inquiry-based approach to design hands-on activities to achieve these goals. We claim that hands-on activities designed based on this inquiry-based framework improve K-12 students’ self-efficacy in cybersecurity as well as their problem-solving skills. The evaluation of …

Survey Results On Adults And Cybersecurity Education, Frank Breitinger, Joseph Ricci, Ibrahim Baggili

Electrical & Computer Engineering and Computer Science Faculty Publications

Cyberattacks and identity theft are common problems nowadays where researchers often say that humans are the weakest link in the security chain. Therefore, this survey focused on analyzing the interest for adults for ‘cyber threat education seminars’, e.g., how to project themselves and their loved ones. Specifically, we asked questions to understand a possible audience, willingness for paying / time commitment, or fields of interest as well as background and previous training experience. The survey was conducted in late 2016 and taken by 233 participants. The results show that many are worried about cyber threats and about their children exploring …

Analyzing Global Cyber Attack Correlates Through An Open Database, Brady Benjamin Aiello

Master's Theses

As humanity becomes more reliant on digital storage and communication for every aspect of life, cyber attacks pose a growing threat. However, cyber attacks are generally understood as individual incidents reported in technological circles, sometimes tied to a particular vulnerability. They are not generally understood through the macroscopic lens of statistical analysis spanning years over several countries and sectors, leaving researchers largely ignorant of the larger trends and correlates between attacks. This is large part due to the lack of a coherent and open database of prominent attacks. Most data about cyber attacks has been captured using a repository of …

Low Latency Intrusion Detection In Smart Grids, Israel Zairi Akingeneye

Graduate Theses and Dissertations

The transformation of traditional power grids into smart grids has seen more new technologies such as communication networks and smart meters (sensors) being integrated into the physical infrastructure of the power grids. However, these technologies pose new vulnerabilities to the cybersecurity of power grids as malicious attacks can be launched by adversaries to attack the smart meters and modify the measurement data collected by these meters. If not timely detected and removed, these attacks may lead to inaccurate system state estimation, which is critical to the system operators for control decisions such as economic dispatch and other related functions.

This …

Ethical Hacking: Network Security And Penetration Testing, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking: Network Security and Penetration Testing was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Ethical Hacking For Effective Defense, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca H. Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Ethical Hacking for Effective Defense was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Wireless Security, Lei Li, Zhigang Li, Hossain Shahriar, Rebecca Rutherfoord, Svetana Peltsverger, Dawn Tatum

Computer Science and Information Technology Grants Collections

This Grants Collection for Wireless Security was created under a Round Eight ALG Textbook Transformation Grant.

Affordable Learning Georgia Grants Collections are intended to provide faculty with the frameworks to quickly implement or revise the same materials as a Textbook Transformation Grants team, along with the aims and lessons learned from project teams during the implementation process.

Documents are in .pdf format, with a separate .docx (Word) version available for download. Each collection contains the following materials:

• Linked Syllabus
• Initial Proposal
• Final Report

Cybersecurity And The New Era Of Space Activities, David P. Fidler

Articles by Maurer Faculty

No abstract provided.

Expanding The Artificial Intelligence-Data Protection Debate, Fred H. Cate, Christopher Kuner, Orla Lynskey, Christopher Millard, Nora Ni Loideain, Dan Jerker B. Svantesson

Articles by Maurer Faculty

No abstract provided.

Securing The Internet Of Healthcare, Michael Mattioli, Scott J. Shackelford, Steve Myers, Austin Brady, Yvette Wang, Stephanie Wong

Articles by Maurer Faculty

Cybersecurity, including the security of information technology (IT), is a critical requirement in ensuring society trusts, and therefore can benefit from, modern technology. Problematically, though, rarely a day goes by without a news story related to how critical data has been exposed, exfiltrated, or otherwise inappropriately used or accessed as a result of supply chain vulnerabilities. From the Russian government's campaign to influence the 2016 U.S. presidential election to the September 2017 Equifax breach of more than 140-million Americans' credit reports, mitigating cyber risk has become a topic of conversation in boardrooms and the White House, on Wall Street and …