Archives

Gamification in education presents a number of benefits that can theoretically facilitate higher engagement and motivation among students when learning complex, technical concepts. As an innovative, high-potential educational tool, many educators and researchers are attempting to implement more effective gamification into undergraduate coursework. Cyber Security Operations (CSO) education is no exception. CSO education traditionally requires comprehension of complex concepts requiring a high level of technical and abstract thinking. By properly applying gamification to complex CSO concepts, engagement in students should see an increase. While an increase is expected, no comprehensive study of CSO gamification applications (GA) has yet been undertaken to fully synthesize the use and outcomes of existing implementations. To better understand and explore gamification in CSO education, a deeper analysis of current gamification applications is needed. This research outlines and conducts a methodical, comprehensive literature review using the Systematic Mapping Study process to identify implemented and evaluated GAs in undergraduate CSO education. This research serves as both a comprehensive repository and synthesis of existing GAs in cybersecurity, and as a starting point for further CSO GA research. With such are view, future studies can be undertaken to better understand CSO GAs. A total of 74 papers were discovered which evaluated GAs undergraduate CSO education, through literature published between 2007 and June 2022. Some publications discussed multiple GAs, resulting in a total of 80 undergraduate CSO GAs listing at https://bit.ly/3S260GS. The study outlines each GA identified and provides a short overview of each GA. It also provides a summary of engagement-level characteristics currently exhibited in existing CSO education GAs and discusses common themes and findings discovered in the course of the study.

The need for Cybersecurity competence has become a strategic area for all types of organizations today, be it large or small, for profit or nonprofit. This is an area of particular concern for smaller nonprofit organizations; and especially for ones in rural areas with limited budgets and manpower to address their Cybersecurity issues and needs. Cyber-attacks, such as ransomware attacks, distributed denial of service attacks (DDoS), and phishing attacks wreak havoc on the networks and systems necessary for supporting the populace via services provided by nonprofits. The problems associated with the various types of hacks, be it from outside nefarious individuals/groups or careless internal personnel, are particularly difficult for nonprofits in rural communities with limited resources for Cybersecurity infrastructure and limited staff proficient in Cybersecurity knowledge and skills. We have developed a Cybersecurity assessment process that can be used to ascertain key needs and weaknesses with respect to Cybersecurity for nonprofits in such rural communities in Pennsylvania. Beyond identifying these needs and weaknesses, this grant-sponsored work-in-progress research aims to also provide some guidance to rural nonprofits with "best practices" and related content that can be easily implemented despite their small budgets and staff.

Cybersecurity exploits that take advantage of weak passwords continue to succeed in virtually every industry. This motivates interest in empirically determining the extent to which websites that invite visitors to create new user accounts on them encourage or require users to engage in better password management practices, including strong passwords. This project examined a statistically significant sample of websites to assess how closely they voluntarily adhere to the National Institute of Standards and Technology's authoritative guidance on password policies. Over 100 representative websites were selected from industries that consistently report the most breaches in the Verizon Data Breach Investigation Report. Their respective user account creation processes were assessed via a scorecard approach based on observations collected when following standardized experimental procedures. Scorecard data then were aggregated and analyzed for trends. The research findings highlight potential vulnerabilities that persist in online account password creation practices, leaving many websites susceptible to brute force attacks due to cyber hygiene lapses. Recommendations to help remediate compliance gaps and as paths forward to build upon this work include refining the proposed scorecard, creating and using standardized user registration and profile manager plugins, widely adopting user-friendly password management tools, and enacting tougher legal consequences for website hosts when breaches occur.

CyberAlumni is a case study of a new model for using peer to peer digital networks to harden cybersecurity education. The CyberAlumni organization was founded in 2021 with the goals of pursuing continuing education and collaborations with academia, industry, and government to bridge the gap between curriculum and job placement. This model serves to accelerate the professional development and acquisition of top-level cybersecurity talent while recursively bolstering cybersecurity curriculum in the process. All goals were achieved within one year, leading to further investigation of applying this model at scale in conjunction with courses offered through NSA Centers of Academic Excellence.

Gamification presents potential benefits in courses that traditionally require the comprehension of complex concepts and a high level of technical and abstract thinking. Courses in Cyber Security Operations (CSO) undergraduate education meet these criterion. This research evaluates organizational constructs that have been applied to gamification applications (GAs) in CSO education. It utilizes framing theory and frame-reflective discourse analysis to outline frames based on engagement levels and analyzes the current distribution of GAs. The following organizational constructs for GAs in data structures and algorithms education apply to CSO education: Enhanced Examination (EE), Visualization of Abstract Ideas (VAI), Social and Collaborative Engagement (SGE), Dynamic Gamification (DG), and Collaborative Gamification Development (CGD). Three additional frames are identified: Missions and Quests (MQ), Simulations (Sim) and Aspirational Learning (AL). MQ GAs have process-driven quests, stories, and/or descriptive scenarios to augment engagement. Sim GAs use environmental immersion to demonstrate real world problem solving while allowing freedom of movement. AL GAs use goal-based designs like Capture The Flag (CTF) missions to enhance engagement. Twenty-seven existing CSO GAs fit within the MQ frame as CSO education lends itself well to these types of experiences. Seventeen CSO GAs fall within the AL GA frame, many of these manifesting as CTF missions. Seventeen CSO GAs fit in the EE Frame due to their optimization in the analysis of learning progress. Nine Sim GAs were successfully deployed in CSO education, followed by 4 VAI, 3 SGE, and 3 DG GAs.

Everyone has a role to play in cybersecurity and cyber risk management, but people without security backgrounds seldom understand - let alone accept or endorse - such roles. Public and private organizations face common challenges in facilitating more secure behaviors among employees. As part of their missions, most colleges and universities in the United States have general education programs that aim to instill certain competencies and characteristics in all graduates (for individual and greater good). This paper proposes that a cybersecurity general education course could help improve common workplace challenges in cybersecurity training and awareness, and that such a course could align with each institution’s general education goals to benefit not only graduates but also communities and society writ large.

Cyber Security as an education discipline covers a variety of topics that can be challenging and complex for students who are new to the subject domain. With this in mind, it is crucial that new students are motivated by understanding both the technical aspects of computing and networking, and the real-world implications of compromising these systems. In this paper we approach this task to create an engaging outreach experience, on the concept of cyber-physical systems, using a Scalextric racetrack. In the activity, students seek to compromise the underlying computer system that is linked to the track and updates the scoreboard system, in order to inflate their own score and to sabotage their opponent. Our investigation with this technique shows high levels of engagement whilst providing an excellent platform for teaching basic concepts of enumeration, brute forcing, and privilege escalation. It also provokes discussion on how this activity relates to real-world cases of cyber-physical systems security in the sports domain and beyond.

Designing curriculum and teaching delivery programs that can meet the needs of specialized groups of employers and students is challenging in the best of times. When extra criteria are added, such as making a degree program fully online when also limited with the number of fully qualified faculty due to constrained resources, flexibility is a requirement. This is a case study of one such program development project that saw the design and development of a Master-level program of study in Cybersecurity that was designed at one level of expected faculty resource availability that had to rapidly evolve in a new direction due to significant resource restrictions. Built on a model of maximizing the productivity of a few fully qualified faculty by leveraging less qualified but very capable part-time staff to meet the needs of online delivery of large sections of graduate instruction.

This paper presents an assessment of the methods and benefits of adding network intrusion detection systems (NIDS) to certain high-security air gapped isolated local area networks. The proposed network architecture was empirically tested via a series of simulated network attacks on a virtualized network. The results show an improvement of double the chances of an analyst receiving a specific, appropriately-severe alert when NIDS is implemented alongside host-based measures when compared to host-based measures alone. Further, the inclusion of NIDS increased the likelihood of the analyst receiving a high-severity alert in response to the simulated attack attempt by four times when compared to host-based measures alone. Despite a tendency to think that networks without cross-boundary traffic do not require boundary defense measures, such measures can significantly improve the efficiency of incident response operations on such networks.

The rapid adoption of Software Defined Networking (SDN) in the industry has exposed certain security risks today some of which are unique to its paradigm. Security issues around the use-cases that expose these risks are fundamentally aligned with the networking and cybersecurity concepts that are taught at the graduate level in academia. In this paper, we present a number of lab activities on SDN security that are inspired from practical use-cases in SDN deployments. The goal of this effort is to help students give a shape to their thought process about the practical security implications of SDN deployments and gain valuable practical domain knowledge in securing an environment with such deployments.