Physical Sciences and Mathematics Commons^™

Integrity, Confidentiality, And Equity: Using Inquiry-Based Labs To Help Students Understand Ai And Cybersecurity, Richard C. Alexander, Liran Ma, Ze-Li Dou, Zhipeng Cai, Yan Huang

Journal of Cybersecurity Education, Research and Practice

Recent advances in Artificial Intelligence (AI) have brought society closer to the long-held dream of creating machines to help with both common and complex tasks and functions. From recommending movies to detecting disease in its earliest stages, AI has become an aspect of daily life many people accept without scrutiny. Despite its functionality and promise, AI has inherent security risks that users should understand and programmers must be trained to address. The ICE (integrity, confidentiality, and equity) cybersecurity labs developed by a team of cybersecurity researchers addresses these vulnerabilities to AI models through a series of hands-on, inquiry-based labs. Through …

Future Trends And Directions For Secure Infrastructure Architecture In The Education Sector: A Systematic Review Of Recent Evidence, Isaac Atta Senior Ampofo, Isaac Atta Junior Ampofo

Journal of Research Initiatives

The most efficient approach to giving large numbers of students’ access to computational resources is through a data center. A contemporary method for building the data center's computer infrastructure is the software-defined model, which enables user tasks to be processed in a reasonable amount of time and at a reasonable cost. The researcher examines potential directions and trends for a secured infrastructure design in this article. Additionally, interoperable, highly reusable modules that can include the newest trends in the education industry are made possible by cloud-based educational software. The Reference Architecture for University Education System Using AWS Services is presented …

Security Simulations In Undergraduate Education: A Review, Joseph Simpson, Aaron Brantly

Journal of Cybersecurity Education, Research and Practice

Several decades of research in simulation and gamification in higher education shows that simulations are highly effective in improving a range of outcomes for students including declarative knowledge and interest in the topic being taught. While there appears to be a broad array of options to provide education in an undergraduate setting related to security, no previous reviews have explored computer-based simulations covering all facets of security. Given the increasing importance and adoption of interdisciplinary educational programs, it is important to take stock of simulations as a tool to broaden the range of problems, perspectives, and solutions presented to students. …

From Degree To Chief Information Security Officer (Ciso): A Framework For Consideration, Wendi M. Kappers, Martha Nanette Harrell,

Publications

Educational entities are establishing program degree content designed to ensure cybersecurity and information security assurance skills are adequate and efficient for preparing students to be successful in this very important field. Many Master’s level programs include courses that address these skills in an attempt to provide a well-rounded program of study. However, undergraduates who are in the practitioner’s world have other alternatives to gain these skills. These individuals can gain various certifications, such as the Certified Information Systems Security Professional (CISSP) or the Certified Information Security Manager (CISM). Due to a perceived gap between academics and field knowledge, it appears …

Comprehending The Safety Paradox And Privacy Concerns With Medical Device Remote Patient Monitoring, Marc Doyle

CCE Theses and Dissertations

Medical literature identifies a number of technology-driven improvements in disease management such as implantable medical devices (IMDs) that are a standard treatment for candidates with specific diseases. Among patients using implantable cardiac defibrillators (ICD), for example, problems and issues are being discovered faster compared to patients without monitoring, improving safety. What is not known is why patients report not feeling safer, creating a safety paradox, and why patients identify privacy concerns in ICD monitoring.

There is a major gap in the literature regarding the factors that contribute to perceived safety and privacy in remote patient monitoring (RPM). To address this …

Using Case Studies To Teach Cybersecurity Courses, Yu Cai

Journal of Cybersecurity Education, Research and Practice

This paper introduces a holistic and case-analysis teaching model by integrating case studies into cybersecurity courses. The proposed model starts by analyzing real-world cyber breaches. Students look into the details of these attacks and learn how these attacks took place from the beginning to the end. During the process of case analysis, a list of security topics reflecting different aspects of these breaches is introduced. Through guided in-class discussion and hands-on lab assignments, student learning in lecture will be reinforced. Overall, the entire cybersecurity course is driven by case studies. The proposed model is great for teaching cybersecurity. First, the …

How Attitude Toward The Behavior, Subjective Norm, And Perceived Behavioral Control Affects Information Security Behavior Intention, David Philip Johnson

Walden Dissertations and Doctoral Studies

The education sector is at high risk for information security (InfoSec) breaches and in need of improved security practices. Achieving data protections cannot be through technical means alone. Addressing the human behavior factor is required. Security education, training, and awareness (SETA) programs are an effective method of addressing human InfoSec behavior. Applying sociobehavioral theories to InfoSec research provides information to aid IT security program managers in developing improved SETA programs. The purpose of this correlational study was to examine through the theoretical lens of the theory of planned behavior (TPB) how attitude toward the behavior (ATT), subjective norm (SN), and …

Teaching Android Security Through Examples: A Publicly Available Database Of Vulnerable Apps, Daniel E. Krutz, Samuel A. Malachowsky

Articles

Security is hard, and teaching security can be even harder. Here we describe a public educational activity to assist in the instruction of both students and developers in creating secure Android apps. Our set of activities includes example vulnerable applications, information about each vulnerability, steps on how to repair the vulnerabilities, and information about how to confirm that the vulnerability has been properly repaired. Our primary goal is to make these activities available to other instructors for use in their classrooms ranging from the K-12 to university settings. A secondary goal of this project is to foster interest in security …

The Utility Of Table-Top Exercises In Teaching Nuclear Security, Christopher Hobbs, Luca Lentini, Matthew Moran

International Journal of Nuclear Security

In the emerging field of nuclear security, those responsible for education and training are constantly seeking to identify and engage with tools and approaches that provide for a constructive learning environment. In this context, this paper explores the nature and value of Tabletop exercises (TTX) and how they can be applied in the nuclear security context. On the one hand, the paper dissects the key components of the TTX and considers the broader pedagogical benefits of this teaching method. On the other hand, the paper draws lessons from the authors’ experience of running TTXs as part of nuclear security professional …

Intrusion Detection System Of Industrial Control Networks Using Network Telemetry, Stanislav Ponomarev

Doctoral Dissertations

Industrial Control Systems (ICSs) are designed, implemented, and deployed in most major spheres of production, business, and entertainment. ICSs are commonly split into two subsystems - Programmable Logic Controllers (PLCs) and Supervisory Control And Data Acquisition (SCADA) systems - to achieve high safety, allow engineers to observe states of an ICS, and perform various configuration updates. Before wide adoption of the Internet, ICSs used "air-gap" security measures, where the ICS network was isolated from other networks, including the Internet, by a physical disconnect [1]. This level of security allowed ICS protocol designers to concentrate on the availability and safety of …

Singapore Management University Establishes A New Research Centre On Secure Mobile Computing Technologies And Solutions, Singapore Management University

SMU Press Releases

The Singapore Management University (SMU) has announced today the establishment of a new centre of research excellence that focuses on mobile computing security. Funded by Singapore’s National Research Foundation (NRF), the Secure Mobile Centre is developing efficient and scalable technologies and solutions that strengthen the security of mobile computing systems, applications and services. The Secure Mobile Centre is led by a team of five faculty members from SMU’s School of Information Systems who specialise in information security and trust: Professor Robert DENG (Centre Director), Professor PANG Hwee Hwa, Associate Professor LI Yingjiu, Associate Professor DING Xuhua and Assistant Professor Debin …

Security Risks And Protection In Online Learning: A Survey, Yong Chen, Wu He

Distance Learning Faculty & Staff Publications

This paper describes a survey of online learning which attempts to determine online learning providers' awareness of potential security risks and the protection measures that will diminish them. The authors use a combination of two methods: blog mining and a traditional literature search. The findings indicate that, while scholars have identified diverse security risks and have proposed solutions to mitigate the security threats in online learning, bloggers have not discussed security in online learning with great frequency. The differences shown in the survey results generated by the two different methods confirm that online learning providers and practitioners have not considered …