https://cisse.info/journal/index.php/cisse/issue/feed Journal of The Colloquium for Information Systems Security Education 2022-03-08T00:00:00+00:00 Erik Moore erik.moore@thecolloquium.org Open Journal Systems <p>The The Colloquium for Information Systems Security Education (CISSE) community meets every year at a different part of the Country in order to elaborate and further discuss the most effective means of maintaining a high standard of excellence in practice in cybersecurity education. In order to have any credibility as a source of new and evolving knowledge it is important that the highest academic standards apply to the presentation of new knowledge to the membership.</p> https://cisse.info/journal/index.php/cisse/article/view/133 Roadmap to overcoming the Challenges of Cyber Security and Forensics Education in the age of distance learning and the COVID-19 pandemic 2022-03-04T23:37:09+00:00 Geoffrey Elliott geoffreyelliott@gcet.edu.om Mazhar Hussain Malik mazhar@gcet.edu.om <p>This paper focuses on developing a pedagogic roadmap to overcoming the challenges of delivering cyber security and forensics education in colleges and universities through distance learning during the COVID-19 pandemic. The research in this paper identifies the challenges associated with distance learning, teaching and assessment in the Sultan of Oman. The research evidence was gathered through educational practice at the Global College of Engineering and Technology (GCET), in the Sultanate Oman; and this research and pedagogic reflection acts as a case study for developing the pedagogic roadmap. The validation of evidence for the strategies suggested, and outcomes revealed and used at GCET, is through student feedback and questionnaires and satisfaction surveys. The adopted strategies enabled students to continue their learning during the pandemic. The strategies are validated with student satisfaction survey results, independently conducted by the college, which cover teaching and learning methods, assessment strategies, and overall satisfaction.</p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/134 A Study of Video Conferencing Software Risks and Mitigation Strategies 2022-03-04T23:42:55+00:00 Yelena Arishina yaarishina@nsu.edu Yen-Hung (Frank) Hu yhu@nsu.edu Mary Ann Hoppa mahoppa@nsu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Due to the recent pandemic, video conferencing platforms – once niche products aimed at limited communities have become a pervasive way of conducting business and sustaining social connections on a global scale. This project explored cybersecurity vulnerabilities and risks faced by these platforms – their data, hardware, and the information exchanged during virtual meetings – and explains some ways these issues can be mitigated. Published research was compiled and analyzed to uncover general risks, vulnerabilities, and security measures. Then, three popular platforms – Zoom, Skype and GoToMeeting were subjected to closer scrutiny. Findings show that platform vendors, business organizations, education institutions, and end users all bear responsibility to train themselves and their constituents on specific cybersecurity steps to enhance video conferencing security. Targeted recommendations are shared, along with some opportunities to build upon this research in the future.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Due to the recent pandemic, video conferencing platforms – once niche products aimed at limited communities have become a pervasive way of conducting business and sustaining social connections on a global scale. This project explored cybersecurity vulnerabilities and risks faced by these platforms – their data, hardware, and the information exchanged during virtual meetings – and explains some ways these issues can be mitigated. Published research was compiled and analyzed to uncover general risks, vulnerabilities, and security measures. Then, three popular platforms – Zoom, Skype and GoToMeeting were subjected to closer scrutiny. Findings show that platform vendors, business organizations, education institutions, and end users all bear responsibility to train themselves and their constituents on specific cybersecurity steps to enhance video conferencing security. Targeted recommendations are shared, along with some opportunities to build upon this research in the future.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/135 A Vertically Integrated Pathway for Infusing Engineering Technicians with Industrial Cybersecurity Competencies 2022-03-04T23:52:28+00:00 Sean McBride SeanMcBride@isu.edu Corey Schou Schou@iri.isu.edu Jill Slay Jill.Slay@unisa.edu.au <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;This paper describes an effort to establish a vertically integrated pathway to identify and develop industrial control systems cybersecurity talent that extends from middle school to graduate degrees, leveraging the unique strengths of career and technical education. Educators and administrators seeking to ignite student interest in cybersecurity at a young age, and to provide a clear curriculum pathway to meet employer needs in the field of industrial cybersecurity may find this effort of use.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">This paper describes an effort to establish a vertically integrated pathway to identify and develop industrial control systems cybersecurity talent that extends from middle school to graduate degrees, leveraging the unique strengths of career and technical education. Educators and administrators seeking to ignite student interest in cybersecurity at a young age, and to provide a clear curriculum pathway to meet employer needs in the field of industrial cybersecurity may find this effort of use.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/136 Bridging the disconnect within Cybersecurity Workforce Supply Chain 2022-03-04T23:57:32+00:00 Olatunji Osunji o0o34411@marymount.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Within the Cybersecurity workforce supply chain, there continues to be a disconnect between the undergraduate curriculum and industry skill demand. The cybersecurity workforce framework of the National Initiative for Cybersecurity Education can serve as one of the tools to bridge this disconnect. Borrowing from the learnings in the training of students in medical school, this paper performs a qualitative literature review on some of the existing efforts to develop the cybersecurity workforce. By exploring the integration of the cybersecurity workforce framework and the curriculum guideline of the Joint Task Force on Cybersecurity Education, it recommends the introduction of Entrustable Professional Activities and mandatory apprenticeship as part of the curriculum guideline. The Entrustable Professional Activities could be based on workforce tasks defined by NICE and cybersecurity graduates will be expected to demonstrate capability to perform those activities. Industry participation is required across all levels of the supply chain.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Within the Cybersecurity workforce supply chain, there continues to be a disconnect between the undergraduate curriculum and industry skill demand. The cybersecurity workforce framework of the National Initiative for Cybersecurity Education can serve as one of the tools to bridge this disconnect. Borrowing from the learnings in the training of students in medical school, this paper performs a qualitative literature review on some of the existing efforts to develop the cybersecurity workforce. By exploring the integration of the cybersecurity workforce framework and the curriculum guideline of the Joint Task Force on Cybersecurity Education, it recommends the introduction of Entrustable Professional Activities and mandatory apprenticeship as part of the curriculum guideline. The Entrustable Professional Activities could be based on workforce tasks defined by NICE and cybersecurity graduates will be expected to demonstrate capability to perform those activities. Industry participation is required across all levels of the supply chain.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/137 Cyber as a Second Language? A Challenge to Cybersecurity Education 2022-03-05T00:01:13+00:00 Ben Scott ben.scott@scu.edu.au Raina Mason raina.mason@scu.edu.au <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Cybersecurity pedagogical approaches do not address the challenges faced by students with English as an additional language (EAL). Despite EAL students representing a critical labour force for this important global and multidisciplinary industry, there lacks both research and cohesive solutions to address this issue. Via student interviews and semi-thematic analysis, this paper demonstrates that EAL cybersecurity students express challenges with aspects of cybersecurity content. Secondly, it is shown that predominant cybersecurity education bodies of knowledge and frameworks do not address challenges faced by EAL cybersecurity students.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Cybersecurity pedagogical approaches do not address the challenges faced by students with English as an additional language (EAL). Despite EAL students representing a critical labour force for this important global and multidisciplinary industry, there lacks both research and cohesive solutions to address this issue. Via student interviews and semi-thematic analysis, this paper demonstrates that EAL cybersecurity students express challenges with aspects of cybersecurity content. Secondly, it is shown that predominant cybersecurity education bodies of knowledge and frameworks do not address challenges faced by EAL cybersecurity students.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/138 Cybersecurity Education 2022-03-05T01:03:02+00:00 W. V. Maconachy vicmacon@thecolloquium.org D. Kinsey denise.kinsey@thecolloquium.org <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Recent cyber events within the U. S. cyber ecosystem present the alarming fact that attacks with both denial of service and kinetic consequences are now prevalent in non-governmental systems. This paper examines the need to expand studies of cyber and other warfare modalities into the cybersecurity curricula now being taught in American universities.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Recent cyber events within the U. S. cyber ecosystem present the alarming fact that attacks with both denial of service and kinetic consequences are now prevalent in non-governmental systems. This paper examines the need to expand studies of cyber and other warfare modalities into the cybersecurity curricula now being taught in American universities.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/139 Cybersecurity Laboratory Education Research 2022-03-05T01:07:44+00:00 Jason M. Pittman jason.pittman@umgc.edu Reilly Kobbe rkobbe@hpu.edu Taylor Lynch tlynch1@hpu.edu Helen G. Barker helen.barker@umgc.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Is cybersecurity laboratory education research a lush ecosystem or an elephant graveyard? The value of such a question cuts to the health of a research field. Further, the health of a research field stems from the lineage of work extending into the past and present. In other words, mature and robust fields of knowledge exhibit interlinked research with dense pockets of follow-up. In contrast, nascent or limited fields lack such linking or association measurable by the frequency of new research extended results. These interlinks and associations are indeed quantifiable through the meta-study of bibliometrics. In fact, prior research discovered that only thirty percent of computer science research - a strongly related field - are extended after publication. However, no work to date has examined cybersecurity laboratory education for the same phenomenon. To that end, this work evaluated 400 articles with the goal of ascertaining to what degree three operationalized follow-up categories occur in the literature. The results indicate 62.5% of articles do not extend existing research. The conclusions and recommendations included at the end of this work offer potential insights into why cybersecurity&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Is cybersecurity laboratory education research a lush ecosystem or an elephant graveyard? The value of such a question cuts to the health of a research field. Further, the health of a research field stems from the lineage of work extending into the past and present. In other words, mature and robust fields of knowledge exhibit interlinked research with dense pockets of follow-up. In contrast, nascent or limited fields lack such linking or association measurable by the frequency of new research extended results. These interlinks and associations are indeed quantifiable through the meta-study of bibliometrics. In fact, prior research discovered that only thirty percent of computer science research - a strongly related field - are extended after publication. However, no work to date has examined cybersecurity laboratory education for the same phenomenon. To that end, this work evaluated 400 articles with the goal of ascertaining to what degree three operationalized follow-up categories occur in the literature. The results indicate 62.5% of articles do not extend existing research. The conclusions and recommendations included at the end of this work offer potential insights into why cybersecurity</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/140 Design Hands-on Lab Exercises for Cyber-physical Systems Security Education 2022-03-05T01:14:10+00:00 Hongmei Chi hongmei.chi@famu.edu Jinwei Liu jinwei.liu@famu.edu Weifeng Xu wxu@ubalt.edu Mingming Peng mingming1.peng@famu.edu Jon deGoicoechea jon.degoicoechea@famu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;The integration of cyber-physical systems (CPS) has been extremely advantageous to society, it merges the attention of cybersecurity for vehicles as a timely concern as a matter of public and individual. The failure of any vehicle system could have a serious impact on vehicle control and cause undesired consequences. With the growing demand for security in CPS, there are few hands-on labs/modules available for training current students, future engineers, or IT professionals to understand cybersecurity in CPS. This study describes the execution of a free security testbed to replicate a vehicle’s network system and the implementation of this testbed via hands-on lab designed to introduce concepts of vehicle control systems. The hands-on lab simulates insider threat scenarios where students had to use can-utils toolkits and SavvyCAN to send, modify, and capture the network packet and exploit the system vulnerability threats such as replay attacks and fuzzing attacks on the vehicle system. We conducted a case study with 21 university-level students, and all students completed the hands-on lab, pretest, posttest, and a satisfaction survey as part of a non-graded class assignment. The experimental results show that most students were not familiar with cyber-physical systems and vehicle control systems and never had the chance to do any hands-on lab in this field before. Furthermore, students reported that the hands-on lab helped them learn about CAN-bus and rated high scores for enjoyment. We discussed the design of an affordable tool to teach about vehicle control systems and proposed directions for future work.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">The integration of cyber-physical systems (CPS) has been extremely advantageous to society, it merges the attention of cybersecurity for vehicles as a timely concern as a matter of public and individual. The failure of any vehicle system could have a serious impact on vehicle control and cause undesired consequences. With the growing demand for security in CPS, there are few hands-on labs/modules available for training current students, future engineers, or IT professionals to understand cybersecurity in CPS. This study describes the execution of a free security testbed to replicate a vehicle’s network system and the implementation of this testbed via hands-on lab designed to introduce concepts of vehicle control systems. The hands-on lab simulates insider threat scenarios where students had to use can-utils toolkits and SavvyCAN to send, modify, and capture the network packet and exploit the system vulnerability threats such as replay attacks and fuzzing attacks on the vehicle system. We conducted a case study with 21 university-level students, and all students completed the hands-on lab, pretest, posttest, and a satisfaction survey as part of a non-graded class assignment. The experimental results show that most students were not familiar with cyber-physical systems and vehicle control systems and never had the chance to do any hands-on lab in this field before. Furthermore, students reported that the hands-on lab helped them learn about CAN-bus and rated high scores for enjoyment. We discussed the design of an affordable tool to teach about vehicle control systems and proposed directions for future work.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/141 DISSAV 2022-03-05T01:20:27+00:00 Erik Akeyson eakeyson@uncc.edu Harini Ramaprasad hramapra@uncc.edu Meera Sridhar msridhar@uncc.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;This paper describes DISSAV: Dynamic Interactive Stack Smashing Attack Visualization, a program visualization tool for teaching stack smashing attacks. DISSAV is a web-based application built with ReactJS. DISSAV provides a simulated attack scenario that guides the user through a three-part stack smashing attack. Our tool allows the user to create a program, construct a payload for it, and execute the program to simulate an attack scenario. We aim to improve student learning of advanced cyber security topics, more specifically, stack smashing attacks, by increasing student engagement and interaction. We incorporate previously researched techniques of Program Visualization tools such as dynamic user input and interactive views to achieve these goals.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">This paper describes DISSAV: Dynamic Interactive Stack Smashing Attack Visualization, a program visualization tool for teaching stack smashing attacks. DISSAV is a web-based application built with ReactJS. DISSAV provides a simulated attack scenario that guides the user through a three-part stack smashing attack. Our tool allows the user to create a program, construct a payload for it, and execute the program to simulate an attack scenario. We aim to improve student learning of advanced cyber security topics, more specifically, stack smashing attacks, by increasing student engagement and interaction. We incorporate previously researched techniques of Program Visualization tools such as dynamic user input and interactive views to achieve these goals.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/142 Galore 2022-03-05T01:25:39+00:00 Abhishek Parakh aparakh@unomaha.edu Mahadevan Subramaniam msubramaniam@unomaha.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;The use of customizable learning objects in multiple different formats such as visual, auditory, text, interactive widgets and newly defined learning objects called gamelets have a potential to tremendously enhance experiential learning. A parameterized environment, called Galore, that integrates such learning objects into a seamless experience based on student learning styles and preferences for teaching difficult counter and intuitive concepts in quantum communications is described.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">The use of customizable learning objects in multiple different formats such as visual, auditory, text, interactive widgets and newly defined learning objects called gamelets have a potential to tremendously enhance experiential learning. A parameterized environment, called Galore, that integrates such learning objects into a seamless experience based on student learning styles and preferences for teaching difficult counter and intuitive concepts in quantum communications is described.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/143 Guided Inquiry Collaborative Learning (GICL) for Online Teaching in Cybersecurity: Challenges and Recommendations 2022-03-05T14:05:21+00:00 Yuming He yhe004@odu.edu Wu He whe@odu.edu Lida Xu lxu@odu.edu Xin Tian xtian2@kennesaw.edu Xiaohong Yuan xhyuan@ncat.edu Li Yang Li-Yang@utc.edu Jennifer T. Ellis Jennifer-T-Ellis@utc.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;The COVID-19 pandemic has required many educators to offer online courses. Given the evidence of the effectiveness of the Process-Oriented Guided Inquiry Learning (POGIL), many educators are interested in implementing POGIL in online environments. This paper first discusses the challenges of using the POGIL approach to teach courses. Then we share our experience and our proposed approach (GICL) for teaching cybersecurity topics via the Zoom platform in the online environment. Recommendations for overcoming some of these challenges for online teaching are provided.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">The COVID-19 pandemic has required many educators to offer online courses. Given the evidence of the effectiveness of the Process-Oriented Guided Inquiry Learning (POGIL), many educators are interested in implementing POGIL in online environments. This paper first discusses the challenges of using the POGIL approach to teach courses. Then we share our experience and our proposed approach (GICL) for teaching cybersecurity topics via the Zoom platform in the online environment. Recommendations for overcoming some of these challenges for online teaching are provided.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/144 Hands-on Educational Labs for Cyber Defense Competition Training 2022-03-05T14:12:24+00:00 Animesh Pattanayak animesh@pnnl.gov Stu Steiner ssteiner@ewu.edu Daniel Conte de Leon dcontedeleon@ieee.org <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Cyber Defense Competitions provide students with challenging, hands-on, fun, and close to real world opportunities to learn, practice, and perform tasks that they will be expected to complete as cybersecurity professionals. The current availability of training resources focused on Cyber Defense Competitions is limited. We introduce CYOTEE: CYbersecurity Oriented Training Environment and Exercises. CYOTEE provides a set of nine fully modifiable and freely available hands-on laboratory activities intended to help students gain skills needed to be successful at Cyber Defense Competitions. This article provides details for two of those hands-on labs: (1) Linux Hardening and (2) Windows Active Directory Hardening. CYOTEE lab descriptions and setup scripts may be found on the GitHub repository (https://github.com/CenterForSecureAndDependableSystems/CYOTEE).&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Cyber Defense Competitions provide students with challenging, hands-on, fun, and close to real world opportunities to learn, practice, and perform tasks that they will be expected to complete as cybersecurity professionals. The current availability of training resources focused on Cyber Defense Competitions is limited. We introduce CYOTEE: CYbersecurity Oriented Training Environment and Exercises. CYOTEE provides a set of nine fully modifiable and freely available hands-on laboratory activities intended to help students gain skills needed to be successful at Cyber Defense Competitions. This article provides details for two of those hands-on labs: (1) Linux Hardening and (2) Windows Active Directory Hardening. CYOTEE lab descriptions and setup scripts may be found on the GitHub repository (https://github.com/CenterForSecureAndDependableSystems/CYOTEE).</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/145 Healthcare in the Balance 2022-03-05T14:16:36+00:00 Susan Helser helse1s@cmich.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;The mandate for cybersecurity crosses disciplines. The deficit in the number of cybersecurity professionals required to fill current and future positions represents a growing challenge. Cybersecurity readiness presents significant ever-changing issues with possible long-term or perhaps life-threatening consequences. Cybersecurity experts who possess critical knowledge in another field such as healthcare where a combined or blended understanding of key information is integral to the industry are in short supply. In healthcare, as is the case in a host of other sectors, not only is it necessary that systems and data are protected, but the business must be compliant with existing law as well. It is imperative that action be taken to address the problem in order not to limit access to healthcare. The focus of this research is to study the serious shortage of cybersecurity professionals in the field of healthcare, the impact that this issue has on the availability of healthcare, and to suggest a solution that could provide immediate relief.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">The mandate for cybersecurity crosses disciplines. The deficit in the number of cybersecurity professionals required to fill current and future positions represents a growing challenge. Cybersecurity readiness presents significant ever-changing issues with possible long-term or perhaps life-threatening consequences. Cybersecurity experts who possess critical knowledge in another field such as healthcare where a combined or blended understanding of key information is integral to the industry are in short supply. In healthcare, as is the case in a host of other sectors, not only is it necessary that systems and data are protected, but the business must be compliant with existing law as well. It is imperative that action be taken to address the problem in order not to limit access to healthcare. The focus of this research is to study the serious shortage of cybersecurity professionals in the field of healthcare, the impact that this issue has on the availability of healthcare, and to suggest a solution that could provide immediate relief.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/146 High School Cybersecurity? Challenge Accepted – Radford University’s RUSecure CTF Contest for High School Students 2022-03-05T14:20:12+00:00 J. D. Chase jchase@radford.edu Prem Uppuluri puppuluri@radford.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Given the demand for Cybersecurity workforce, the goal of the RUSecure project at Radford University is to increase the pipeline of students who plan to pursue Computer Science/IT as a major with Cybersecurity as their focus. We identified a variety of challenges to the introduction of Cybersecurity topics in high school including lack of qualified teachers, limited number of students motivated to study IT topics, large number of prerequisite topics and scarcity of computing resources required for such topics. Even an introductory Cybersecurity course requires students to have a wide array of foundational knowledge in topics such as networks. Hence, Cybersecurity programs in schools/colleges are multi-semester efforts where the first couple of semesters focus on the foundations – thus only drawing motivated students as it takes multiple semesters before students work on security problems. In response to these challenges, we developed a strategy that is exciting, rigorous and easy to adapt for high school students. This strategy employs active learning in the form of capture-the-flag (CTF) contests to drive learning. Teams of three to five students work on security challenges while competing with teams from around the state, region, and Nation. Foundational knowledge is introduced on a just-in-time basis. This paper describes these contests and their effectiveness.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Given the demand for Cybersecurity workforce, the goal of the RUSecure project at Radford University is to increase the pipeline of students who plan to pursue Computer Science/IT as a major with Cybersecurity as their focus. We identified a variety of challenges to the introduction of Cybersecurity topics in high school including lack of qualified teachers, limited number of students motivated to study IT topics, large number of prerequisite topics and scarcity of computing resources required for such topics. Even an introductory Cybersecurity course requires students to have a wide array of foundational knowledge in topics such as networks. Hence, Cybersecurity programs in schools/colleges are multi-semester efforts where the first couple of semesters focus on the foundations – thus only drawing motivated students as it takes multiple semesters before students work on security problems. In response to these challenges, we developed a strategy that is exciting, rigorous and easy to adapt for high school students. This strategy employs active learning in the form of capture-the-flag (CTF) contests to drive learning. Teams of three to five students work on security challenges while competing with teams from around the state, region, and Nation. Foundational knowledge is introduced on a just-in-time basis. This paper describes these contests and their effectiveness.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/147 Intelligent Interaction Honeypots for Threat Hunting within the Internet of Things 2022-03-05T14:23:55+00:00 James Gregory Surber surberjames@cityuniversity.edu Morgan Zantua zantuamorgan@cityu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;As the Internet of Things (IoT) grows exponentially, security is falling farther and farther behind. Several new initiatives show promise for expanding the privacy and security around these devices in the future. But what about the billions of devices already out there in the wild? Security researchers are responsible for developing the tools and procedures for discovering these devices quickly, understanding the risks they bring with them, and developing tools to mitigate those risks to more manageable levels. Honeypots and honeynets have traditionally supported this work in traditional IT. However, the challenges faced by the highly distributed, incredibly heterogeneous Internet of Things make deploying such tools difficult and costly. Recent research in honeypot architectures explicitly designed for the chaotic nature of the IoT ecosystem brings a new sense of hope that may lead to significant improvements in IoT security. There is still much work to do, but research continues. IoT cybersecurity experts and threat hunters are developing strategies for securing this new frontier of technology. This study will lay the foundations for an intelligent and highly interactive honeypot solution that can scale with the researchers' requirements, providing a much-needed framework for deploying targeted IoT honeypots.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">As the Internet of Things (IoT) grows exponentially, security is falling farther and farther behind. Several new initiatives show promise for expanding the privacy and security around these devices in the future. But what about the billions of devices already out there in the wild? Security researchers are responsible for developing the tools and procedures for discovering these devices quickly, understanding the risks they bring with them, and developing tools to mitigate those risks to more manageable levels. Honeypots and honeynets have traditionally supported this work in traditional IT. However, the challenges faced by the highly distributed, incredibly heterogeneous Internet of Things make deploying such tools difficult and costly. Recent research in honeypot architectures explicitly designed for the chaotic nature of the IoT ecosystem brings a new sense of hope that may lead to significant improvements in IoT security. There is still much work to do, but research continues. IoT cybersecurity experts and threat hunters are developing strategies for securing this new frontier of technology. This study will lay the foundations for an intelligent and highly interactive honeypot solution that can scale with the researchers' requirements, providing a much-needed framework for deploying targeted IoT honeypots.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/148 Introducing Penetration Test with Case Study and Course Project in Cybersecurity Education 2022-03-05T14:29:32+00:00 Xinli Wang wangx@gvsu.edu Yan Bai yanb@uw.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Teaching college students ethical hacking skills is considered a necessary component of a computer security curriculum and an effective method for teaching defensive techniques. However, there is a shortage of textbooks and technical papers that describe the teaching materials and implementation of penetration testing techniques for hands-on exercises. In our teaching practice, we have been using case studies and course projects as a means to help students learn the fundamental concepts of, primary techniques and commonly used tools for penetration testing. We think this is a beneficiary complement of a cybersecurity course that is taught in a defensive approach. Through these activities, students have gained hands-on experience and developed their ethical hacking skills. Feedback from them is positive and student learning outcomes are promising. In this paper, we describe the principles of developing and implementing case studies and course projects along with associated considerations for specified educational objectives when introducing penetration test. An example case study and course project that we have been using in our courses are described to introduce the major design ideas and activities to complete them. Experience, lessons and the feedback from students are discussed. Our results will provide a good point of reference for those educators who teach a cybersecurity course at a college or university and would like to offer an introduction to ethical hacking. This work can also be a reference for a college that wants to integrate&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Teaching college students ethical hacking skills is considered a necessary component of a computer security curriculum and an effective method for teaching defensive techniques. However, there is a shortage of textbooks and technical papers that describe the teaching materials and implementation of penetration testing techniques for hands-on exercises. In our teaching practice, we have been using case studies and course projects as a means to help students learn the fundamental concepts of, primary techniques and commonly used tools for penetration testing. We think this is a beneficiary complement of a cybersecurity course that is taught in a defensive approach. Through these activities, students have gained hands-on experience and developed their ethical hacking skills. Feedback from them is positive and student learning outcomes are promising. In this paper, we describe the principles of developing and implementing case studies and course projects along with associated considerations for specified educational objectives when introducing penetration test. An example case study and course project that we have been using in our courses are described to introduce the major design ideas and activities to complete them. Experience, lessons and the feedback from students are discussed. Our results will provide a good point of reference for those educators who teach a cybersecurity course at a college or university and would like to offer an introduction to ethical hacking. This work can also be a reference for a college that wants to integrate</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/149 Knowledge Gaps in Curricular Guidance for ICS Security 2022-03-05T14:32:40+00:00 Ida Ngambeki ingambek@purdue.edu Sean McBride SeanMcBride@isu.edu Jill Slay Jill.Slay@unisa.edu.au <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Industrial Control Systems are an essential mechanism to manage complex computer systems necessary for modern life. These include everything from water treatment and transportation to energy systems and manufacturing. These systems are becoming increasingly integrated and more complex, and they are being used to manage even more of the elements that make our everyday lives possible. They are therefore becoming both more attractive to cyber criminals and more vulnerable to cyber-attacks. More attention needs to be paid to increasing resources and capability in industrial cybersecurity (ICSS). A major element of this is to significantly improve both the quality and availability of education in this area. The process of development of these educational initiatives is aided by curriculum guidance documents. Of necessity ICSS has largely evolved in industrial settings. This exploratory study examines the curricular guidance available for ICSS research and compares it to industry requirements to identify gaps in curricular guidance. Specifically, this paper looks at the three leading guiding documents, the NICE Cybersecurity Workforce Framework, the Joint Task Force on Cybersecurity Education curriculum guidance, and the NSA CAE knowledge units. These are then compared to requirements identified from ICSS related job postings. We found that the primary cybersecurity curriculum guidance documents do not sufficiently address industry requirements for ICSS.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Industrial Control Systems are an essential mechanism to manage complex computer systems necessary for modern life. These include everything from water treatment and transportation to energy systems and manufacturing. These systems are becoming increasingly integrated and more complex, and they are being used to manage even more of the elements that make our everyday lives possible. They are therefore becoming both more attractive to cyber criminals and more vulnerable to cyber-attacks. More attention needs to be paid to increasing resources and capability in industrial cybersecurity (ICSS). A major element of this is to significantly improve both the quality and availability of education in this area. The process of development of these educational initiatives is aided by curriculum guidance documents. Of necessity ICSS has largely evolved in industrial settings. This exploratory study examines the curricular guidance available for ICSS research and compares it to industry requirements to identify gaps in curricular guidance. Specifically, this paper looks at the three leading guiding documents, the NICE Cybersecurity Workforce Framework, the Joint Task Force on Cybersecurity Education curriculum guidance, and the NSA CAE knowledge units. These are then compared to requirements identified from ICSS related job postings. We found that the primary cybersecurity curriculum guidance documents do not sufficiently address industry requirements for ICSS.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/150 Leveraging Browser-Based Virtual Machines to Teach Operating System Fundamentals 2022-03-05T14:36:07+00:00 Matt Ruff mvr5567@psu.edu Nicklaus A. Giacobe nxg13@psu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;In this paper, we identify challenges in delivering cybersecurity labs, including the overhead costs of delivering virtual machines to students. We propose instead to use JavaScript driven Browser-Based Virtual Machines (BBVMs) to overcome the challenges of Type I and II hypervisors, as well as vendor- specific cybersecurity lab ranges. BBVMs deliver configured VMs at lower cost to the student’s web browser and are much easier for students to use. BBVMs require no hardware or infrastructure for students besides an Internet-connected device. As such, labs delivery via BBVMs can be run on mobile phones, tablets, or computers with limited resources. With this in mind, the authors detail BBVM implementation for cybersecurity labs. With very little physical infrastructure, programming, and systems administration, an educational institution at any level may implement a cybersecurity lab in such an environment. Our examples focus on addressing learning the Linux command line, introducing different Linux commands, and deepen student understanding of the Linux operating system itself. We combine BBVMs with previous work to address configuration, repeatability, assessment, academic integrity/cheating, and other similar constraints using our polymorphic configuration methodology called PolyLab. Lastly, we include a step-by-step procedure to implement BBVMs and show use-cases for cybersecurity education.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">In this paper, we identify challenges in delivering cybersecurity labs, including the overhead costs of delivering virtual machines to students. We propose instead to use JavaScript driven Browser-Based Virtual Machines (BBVMs) to overcome the challenges of Type I and II hypervisors, as well as vendor- specific cybersecurity lab ranges. BBVMs deliver configured VMs at lower cost to the student’s web browser and are much easier for students to use. BBVMs require no hardware or infrastructure for students besides an Internet-connected device. As such, labs delivery via BBVMs can be run on mobile phones, tablets, or computers with limited resources. With this in mind, the authors detail BBVM implementation for cybersecurity labs. With very little physical infrastructure, programming, and systems administration, an educational institution at any level may implement a cybersecurity lab in such an environment. Our examples focus on addressing learning the Linux command line, introducing different Linux commands, and deepen student understanding of the Linux operating system itself. We combine BBVMs with previous work to address configuration, repeatability, assessment, academic integrity/cheating, and other similar constraints using our polymorphic configuration methodology called PolyLab. Lastly, we include a step-by-step procedure to implement BBVMs and show use-cases for cybersecurity education.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/151 LUCID Network Monitoring and Visualization Application 2022-03-05T14:39:49+00:00 Claude Turner cturner@nsu.edu Dwight Richards dwight.richards@csi.cuny.edu Ruth Agada ragada@bowiestate.edu Jie Yan jyan@bowiestate.edu Rolston Jeremiah gtec.oses@gmail.com Thomas Chapman t.h.chapman74485@nsu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;This work presents LUCID Network Monitoring and Visualization Application (LNMVA), a comprehensive visualization software application for cyber security visualization. The application consists of five component types: components for monitoring network traffic, components for reporting various network messages, data storage components plus a visualization component and an automated animation reporting component. LNMVA can serve as an aid in teaching complex concepts in cybersecurity or to visually demonstrate active security events on a network to an audience or participants in the classroom or cyber defense competitions at near real-time speed. Its flexibility enables it to visualize different kinds of cybersecurity concepts, protocols and ideas. LNMVA is a sub-system of LUCID, a visualization and broadcasting system that aims to improve understanding and sense-making to participants or an audience. The system is targeted to intermediary or expert users engaged in cyber security exercises. Preliminary results from subject testing show that LNMVA with embodied virtual commentator provided an engaging environment to improve participants’ understanding and sense-making in active security events.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">This work presents LUCID Network Monitoring and Visualization Application (LNMVA), a comprehensive visualization software application for cyber security visualization. The application consists of five component types: components for monitoring network traffic, components for reporting various network messages, data storage components plus a visualization component and an automated animation reporting component. LNMVA can serve as an aid in teaching complex concepts in cybersecurity or to visually demonstrate active security events on a network to an audience or participants in the classroom or cyber defense competitions at near real-time speed. Its flexibility enables it to visualize different kinds of cybersecurity concepts, protocols and ideas. LNMVA is a sub-system of LUCID, a visualization and broadcasting system that aims to improve understanding and sense-making to participants or an audience. The system is targeted to intermediary or expert users engaged in cyber security exercises. Preliminary results from subject testing show that LNMVA with embodied virtual commentator provided an engaging environment to improve participants’ understanding and sense-making in active security events.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/152 On Teaching Malware Analysis on Latest Windows 2022-03-05T14:52:33+00:00 Lan Luo lukachan@knights.ucf.edu Cliff Zou czou@cs.ucf.edu Sashan Narain sashank_narain@uml.edu Xinwen Fu xinwen_fu@uml.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Microsoft Windows operating systems are the most popular desktop operating systems. 83% of malware attacks target Windows. Windows 10 has a market share of 78.45% out of all Windows versions on the market. However, we find security related courses are often taught on Linux or run on older Windows versions. In this paper, we present our practice of teaching malware analysis on the latest Windows (10). We are among the first using the latest Windows (10) for teaching malware analysis. We design the labs and assignments on the pre-configured Windows 10 VM supplemented by the Kali VM. A virtual Cyber Range is created for students to access the two VMs over a cloud. We present our curriculum and learning assessment scheme. Our practice has been validated through surveys on both face-to-face and online classes.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Microsoft Windows operating systems are the most popular desktop operating systems. 83% of malware attacks target Windows. Windows 10 has a market share of 78.45% out of all Windows versions on the market. However, we find security related courses are often taught on Linux or run on older Windows versions. In this paper, we present our practice of teaching malware analysis on the latest Windows (10). We are among the first using the latest Windows (10) for teaching malware analysis. We design the labs and assignments on the pre-configured Windows 10 VM supplemented by the Kali VM. A virtual Cyber Range is created for students to access the two VMs over a cloud. We present our curriculum and learning assessment scheme. Our practice has been validated through surveys on both face-to-face and online classes.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/153 Providing A Hands-on Advanced Persistent Threat Learning Experience Through Ethical Hacking Labs 2022-03-05T15:20:42+00:00 Yen-Hung (Frank) Hu yhu@nsu.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;Advanced persistent threats are causing several serious cybersecurity events due to their highly stealthy characteristics, advanced technology and tools, and complicated attacking strategies, making them an imminent challenge to cybersecurity professionals. To conquer such a challenge, a thorough and dedicated defense plan must be addressed, and we believe engaging advanced persistent threat learning experiences to computer science and cybersecurity students in the early stages of their college education will be the most important part of the plan. Since there is a lack of promising approaches for engaging students in learning of advanced persistent threats, it is now an emerging issue for cybersecurity educators and researchers to investigate and develop doable and affordable advanced persistent threat learning platforms. Hands-on learning has been adopted by several fields and demonstrated promising performance improvements in the learners. Therefore, integrating hands-on learning knowledge and experiences in advanced persistent threat training for computer science and cybersecurity students will be a potential solution for mitigating such an issue. In this research, we recognize the importance of improving students’ learning of advanced persistent threats. To develop a learning platform for students to learn the knowledge, skills, and abilities of advanced persistent threats, we adopt the NDG ethical hacking lab series with appropriate supplemental lectures to each stage of the lifecycle of an advanced persistent threat. We ensure our model could comply with the required knowledge units listed on NICE Cybersecurity Workforce Framework. Students are expected to connect their advanced persistent threat learning experiences to real world cybercrime cases once they have successfully completed the learning process.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">Advanced persistent threats are causing several serious cybersecurity events due to their highly stealthy characteristics, advanced technology and tools, and complicated attacking strategies, making them an imminent challenge to cybersecurity professionals. To conquer such a challenge, a thorough and dedicated defense plan must be addressed, and we believe engaging advanced persistent threat learning experiences to computer science and cybersecurity students in the early stages of their college education will be the most important part of the plan. Since there is a lack of promising approaches for engaging students in learning of advanced persistent threats, it is now an emerging issue for cybersecurity educators and researchers to investigate and develop doable and affordable advanced persistent threat learning platforms. Hands-on learning has been adopted by several fields and demonstrated promising performance improvements in the learners. Therefore, integrating hands-on learning knowledge and experiences in advanced persistent threat training for computer science and cybersecurity students will be a potential solution for mitigating such an issue. In this research, we recognize the importance of improving students’ learning of advanced persistent threats. To develop a learning platform for students to learn the knowledge, skills, and abilities of advanced persistent threats, we adopt the NDG ethical hacking lab series with appropriate supplemental lectures to each stage of the lifecycle of an advanced persistent threat. We ensure our model could comply with the required knowledge units listed on NICE Cybersecurity Workforce Framework. Students are expected to connect their advanced persistent threat learning experiences to real world cybercrime cases once they have successfully completed the learning process.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education https://cisse.info/journal/index.php/cisse/article/view/154 Using Complexity Theory to Identify K-12+ Pedagogical Misalignment With a Security Mindset 2022-03-05T15:24:10+00:00 Holly Hanna holly.hanna@wilkes.edu Jane Blanken-Webb jane.blankenwebb@wilkes.edu <p><span data-sheets-value="{&quot;1&quot;:2,&quot;2&quot;:&quot;The current state of growing connectivity in society calls for a security mindset for K-12 and post-secondary (K-12+) populations. A security mindset offers an important approach to support security and can usefully be understood through the lens of complexity theory. Complexity theory also provides a helpful lens for identifying limitations inherent within some common pedagogical frameworks and practices in K-12+ education systems that may pose challenges for the cultivation of a security mindset. Hence, this paper brings awareness to examples of some of the most prominent pedagogical frameworks and practices that stand in potential misalignment with a security mindset when they are implemented in an imposing, monolithic manner. These include: rigid, prescriptive curricula; binary thinking, compliance, and standardized assessments; and disciplinary constraints. By identifying ways that common pedagogical practices stand to potentially undermine the cultivation of a security mindset, this paper contributes to clearing the way forward for K-12+ educational systems to design for emergence in support of building a more secure society.&quot;}" data-sheets-userformat="{&quot;2&quot;:15297,&quot;3&quot;:{&quot;1&quot;:0},&quot;9&quot;:0,&quot;10&quot;:0,&quot;11&quot;:3,&quot;12&quot;:0,&quot;14&quot;:{&quot;1&quot;:2,&quot;2&quot;:0},&quot;15&quot;:&quot;Calibri&quot;,&quot;16&quot;:11}">The current state of growing connectivity in society calls for a security mindset for K-12 and post-secondary (K-12+) populations. A security mindset offers an important approach to support security and can usefully be understood through the lens of complexity theory. Complexity theory also provides a helpful lens for identifying limitations inherent within some common pedagogical frameworks and practices in K-12+ education systems that may pose challenges for the cultivation of a security mindset. Hence, this paper brings awareness to examples of some of the most prominent pedagogical frameworks and practices that stand in potential misalignment with a security mindset when they are implemented in an imposing, monolithic manner. These include: rigid, prescriptive curricula; binary thinking, compliance, and standardized assessments; and disciplinary constraints. By identifying ways that common pedagogical practices stand to potentially undermine the cultivation of a security mindset, this paper contributes to clearing the way forward for K-12+ educational systems to design for emergence in support of building a more secure society.</span></p> 2022-03-08T00:00:00+00:00 Copyright (c) 2022 The Colloquium for Information Systems Security Education