Archives

This paper addresses the need for incorporating global virtual team (GVT) projects into cybersecurity education curricula in an effort to develop students' understanding of different cultures and hone their abilities to work across multiple time zones, communicate using digital communication platforms as well as improve their virtual project and time management skills. An example of a GVTs project, Virtual Business Professional, is presented in order to illustrate how collaborative online international learning (COIL) can be embedded into IT-related coursework. It is the authors' intention to encourage instructors and administrators at institutions of higher learning to support and carry out transdisciplinary GVT projects in order to best prepare graduates for the challenges of the 21st century global workplace.

This paper presents the findings of action research conducted to evaluate new modules created to teach learners how to apply machine learning (ML) and artificial intelligence (AI) techniques to malware data sets. The trend in the data suggest that learners with cybersecurity competencies may be better prepared to complete the AI/ML modules’ exercises than learners with AI/ML competencies. We describe the challenge of identifying prerequisites that could be used to determine learner readiness, report our findings, and conclude with the implications for instructional design and teaching practice.

Social media usage is extremely prevalent and so is the oversharing of personal information online. This paper aims to examine the factors that influence information disclosure on Facebook and how participation in groups may affect sharing behaviors. Groups can provide a more intimate and supportive environment, which may lead to excessive information sharing. An online survey was conducted on Amazon's Mechanical Turk platform with 373 accepted responses from self-reported Facebook users. The data was analyzed to determine which demographic and personality factors are correlated with oversharing behaviors on user profiles and within Facebook groups. This work has implications for understanding how individuals seek support online and what information they feel comfortable disclosing. Oversharing may increase user feelings of social support but also may make users vulnerable to cyberbullying and social engineering attacks.

As the demand for secure coding education grows, there is a need for improvements in how secure coding is taught and in preparing students to develop more secure software. As time in a Computer Science classroom is finite, educational efforts should be placed on targeting the most common types of vulnerabilities to better prepare students to avoid common security pitfalls in coding. Existing research in this area mainly focuses on developing vulnerability detection tools rather than analyzing the types of commonly produced vulnerabilities by students. Limited research exists in determining common student-produced vulnerabilities, and the available studies differ from the types of vulnerabilities that are researched in vulnerability detection literature. Our research works to further establish the types of vulnerabilities produced by students by using a static analysis tool on assignment code submissions in an undergraduate Programming II (CS2) course. We present our findings on what types of vulnerabilities are commonly produced by students and contrast them with what is commonly researched in the literature. We find there is little overlap between the vulnerability types reported by our study and other studies in the research area. This research has potential implications for secure coding education in a Computer Science curriculum. Further work should be done to establish the contexts in which specific vulnerability types are more likely to be produced and how to best teach students to avoid producing these vulnerabilities.

Students, especially those outside the field of cybersecurity, are increasingly turning to Large Language Model (LLM)-based generative AI tools for coding assistance. These AI code generators provide valuable support to developers by generating code based on provided input and instructions. However, the quality and accuracy of the generated code can vary, depending on factors such as task complexity, the clarity of instructions, and the model's familiarity with the programming language. Additionally, these generated codes may inadvertently utilize vulnerable built-in functions, potentially leading to source code vulnerabilities and exploits. This research undertakes an in-depth analysis and comparison of code generation, code completion, and security suggestions offered by prominent AI models, including OpenAI CodeX, CodeBert, and ChatGPT. The research aims to evaluate the effectiveness and security aspects of these tools in terms of their code generation, code completion capabilities, and their ability to enhance security. This analysis serves as a valuable resource for developers, enabling them to proactively avoid introducing security vulnerabilities in their projects. By doing so, developers can significantly reduce the need for extensive revisions and resource allocation, whether in the short or long term.

With the increasing concerns over cybersecurity and space systems preparing the next generation of cybersecurity professionals is critical. In this research, undergraduate and graduate students were exposed to cybersecurity and space systems through practical antenna design and implementation in hopes of capturing pirate communication signals while in the Western Kentucky area. Students designed and built turnstile and helical antennas that focused on the 255 MHz and 318 MHz frequencies that interfaced with software-defined radios. With these systems, students were able to capture a limited range of low earth orbiting (LEO) satellite communications while ascertaining an understanding of satellite communication fundamentals. Overall, students were able to gain an understanding of antenna design, the importance of radio frequency, and satellite communications.

In the era of digitalization, massive amount of data has been generated from people's online activities or use of portable/wearable devices. The data often carries rich information about people. Therefore, privacy technologies are needed, from data generation to usage and from transmission to storage, to protect people's sensitive information. Although the research community is making great progress in addressing advanced privacy protection technologies, very few educational materials have been developed to incorporate the latest research results and engage students in learning privacy technologies, especially for younger generations. In this paper, we present our newly designed educational materials on privacy technologies, which can be used for training high quality cybersecurity professionals to meet the ever-increasing demand. The developed learning modules not only incorporate the latest research results in privacy technologies but also include effective hand-on lab activities. To help other institutions effectively teach privacy technologies, we organized a faculty training workshop in summer 2022. Twenty-nine faculty from twenty institutions nationwide participated in the training. Survey results show that the participants gained a better understanding of privacy issues and demonstrated strong interest in teaching privacy technologies after attending the workshop.

This study explores the performance of several Large Language Models (LLMs) across different facets of Cybersecurity Modules. Using prompt engineering, this work evaluates publicly available LLMs for their ability to assess the suitability of secure coding topics based on learning outcomes, categorize these topics following OWASP standards, and generate up-to-date examples for curriculum use. The findings would highlight the transformative role that LLMs would play for future advancements in Cybersecurity education.

Teaching cybersecurity professionals has changed from applying puzzle-based learning scenarios, general tabletops, and general gamification to an immersive learning environment. In today's teaching environment, there are known methods to teach cybersecurity tool techniques. However, beyond the technical aspect, cybersecurity professional need to understand the psychology of crime. These teaching and learning needs have become more prevalent in criminal justice, education, and computer science degree programs and aspects of job professions because learners need to understand and be able to recognize why crimes are committed. Thus, opening another major area of research in cybersecurity. Teaching someone what it means to protect systems, networks, and programs from digital attacks is difficult. Each person needs some frame of reference. Through their personal frame of reference, they discern and consume the information and find a basis for its purpose. This is known as the learning process and each individual journey is different. The learning process is affected by personal experience. Thus, creating a climate for misunderstanding through applying personal experiences to a situation that may have had a different personal or professional interaction. Because of misunderstandings and unconscious bias that occur in this type of learning structure, the misunderstandings and unconscious bias have the potentiality of being propagated into professional career interactions and investigations. Thus, this project will present a learning platform/framework to explore cybersecurity methods, discern interactions, explore the psychology of why a crime is committed through a collaborative virtual reality (VR) immersive environment.

This article proposes a research study conducted at Murray State University Cybersecurity and Network Management program to investigate the impact of work-related experiential learning on college students' career thoughts and attitudes within the context of cybersecurity career development. The Cybersecurity and Network Management program introduced the CNM 518 course based on the Public Infrastructure Security Cyber Education System (PISCES) project that offers practical, hands-on experiences. The proposed research project slated for Spring 2024, aims to assess how this work-related experiential learning influences students' career thoughts and attitudes, using the Career Thoughts Inventory as a measurement tool. This research project emphasizes the importance of reflective learning within CNM 518 and aims to contribute empirical evidence on the impact of work-related experiential learning on students' career thoughts and how such learning experiences positively influence the career decision-making processes and, subsequently, the broader field of cybersecurity education.