1 Just Say No to Teaching Ethical Hacking Gail Finley Department of Computer Science and Information Technology University of the District of Columbia January 22, 2009 Hampton University 1
2 Institution Only public institution of higher education in the District of Columbia and an HBCU Urban land grant institution Established in 1977 from the merger of: Federal City College 4 year, est Washington Technical Inst. 2 year, est DC Teachers College est Miner Teachers College 1851, 1879, 1929 Wilson Teachers College 1873, 1913, 1929
3 Organization President \ Provost and VP Academic Affairs David A Clark School of Law College of Arts and Sciences Divisions: Arts and Education; Science and Mathematics; Urban Affairs, Behavioral and Social Sciences School of Business and Public Policy School of Engineering and Applied Sciences Department of Engineering, Architecture and Aerospace Technology Department of Computer Science and Information Technology Department of Electrical Engineering
4 Students and Faculty Total of approx.6000 students Ethnic mix reflects the city: 73 % African American and 6 % Hispanic Departmental Data Majors estimate: 220 Full time faculty: 9
5 Faculty David Barnett Cisco program Gail Finley IA Education Bggyund Yu Sensor Networks Sheraly Zeadally Wireless networks
6 CS \IT Program Performance Expectations computer scientists should be prepared to work in a broad range of positions involving tasks from theoretical work to software development information technology professionals should be able to work effectively at planning, implementation, configuration, and maintenance of an organization s computing infrastructure ACM Computing Curriculum 2005 Overview Report, p27
7 CS \IT Security Requirements Common graduation outcomes for all computing programs understanding of security IT goes further in specific curriculum requirements for topics in Information assurance and security ABET Criteria for Accrediting Computing Programs
8 BS Information Technology at UDC Shared beginning programming courses Core areas: Networking Database Web Technologies Required concentration in one core area Required application domain\s
9 BS Information Technology (cont d) Interdisciplinary application domain/s supporting: Networking and database development Business courses in management, accounting and finance Forensics Criminal justice courses covering rules of evidence, courtroom protocol, law and privacy issues ; possible coordination with our law school Web technologies Graphic design courses
10 AAS Computer Science Technology Two year degree program as of December 1, the two year program has shifted to a newly formed Community College Options: Intended articulation with BS degrees Networking Software
11 BS CS /IT Information Assurance Courses Computer Networking CS\IT Network Security CS\IT Secure Computing Systems New Course not yet offered CS Digital Forensics New Course not yet offered IT
12 Professional Ethics Course Professional Ethics 200 level course Prior to this single course, ethics and societal issues were to be covered in several courses throughout the curriculum Textbook: The Gift of Fire, Baase, Sara
13 Computer Literacy Computer Concepts and Applications 2 credit lecture, 1 credit lab (meets for two hours) computer security issues: password selection, networks, botnets Expected outcome Increase student awareness on computer security issues from the start
14 IA Threads Implementation of Information Assurance topics in some BSIT/BSCS courses Operating system Software Engineering Databases
15 IA Research Additional courses to be developed for a future research concentration in Information Assurance could include: Wireless Security Security Management Computer/Handheld Forensics
16 Why? Just Say No There are three major concerns when teaching ethical hacking to students
17 First Concern Concern that we may be teaching dangerous skills to those who are not yet able to make mature decisions about when this is appropriate. A recent study showed one\third of faculty held this concern (Livermore). Some may think that it is just fun Some may consider hacking as a prank
18 Second Concern Some students, while excellent students, may have backgrounds that would make them unsuitable for such a class There are some who advocate screening students prior to the class. There are privacy issues to screening students prior to a class except for academic issues
19 Third Concern There is the issue of liability in hacking outside of laboratory experiments. Schools may be held liable. Faculty may be held liable. There are those who advocate that students sign an honor code prior to class.
20 References Livermore, Jeffery, What are Faculty Attitudes Toward Teaching Ethical Hacking and Penetration Testing?, Proceedings of the 11 th Colloquium fr Information Systems Security Education, Boston University, Boston, MA, June 4 7, Aycock, John, Heather Crawford and Rennie degraaf, Spamulator: The Internet on a Laptop, ITICSE 08. June 30 July 2, 2008, Madrid Spain.
CLEMSON UNIVERSITY College Of Business and Behavioral Science Department of Sociology and Anthropology TO THE SOUTH CAROLINA COMMISSION ON HIGHER EDUCATION PROGRAM PLANNING SUMMARY TO OFFER A NEW DEGREE
PROGRAMME SPECIFICATION KEY FACTS Programme name Award School Department or equivalent UCAS Code BEng Biomedical Engineering / BEng Biomedical Engineering with Placement BEng (Hons) School of Mathematics
Journal of Information Technology Education Volume 9, 2010 Design of an Information Technology Undergraduate Program to Produce IT Versatilists Ale Koohang, Liz Riley, Terry Smith, and Kevin Floyd Macon
SCHOOL OF COMPUTING & MATHEMATICAL SCIENCESB Computer Security and Forensics BSc Hons Greenwich Campus www.gre.ac.uk/cms Why study this programme? This degree will equip you to become an ICT professional
Information Systems Technology & Cybersecurity Programs Stay close. Go far. Computer Studies Faculty Trudy Gift Professor, Information Systems Technology 240-500-2214 firstname.lastname@example.org Carrie Pifer
[DRAFT] A Model Curriculum for Programs of Study A Model Curriculum for Programs of Study in Information Security and Assurance in Information Security and Assurance v. 6.0 February 2013 [DRAFT] http://infosec.kennesaw.edu/infoseccurriculummodel.pdf
Reported to the Board of Trustees May 17, 2007 Board Meeting May 17, 2007 PRESIDENT S REPORT ON ACTIONS OF THE SENATES Establish a Concentration in Policy Studies, Master of Education (MEd) in Instructional
BOARD OF REGENTS SUMMARY OF ITEM FOR ACTION, INFORMATION, OR DISCUSSION TOPIC: University of Maryland Eastern Shore: Master of Science in Cybersecurity Engineering Technology COMMITTEE: Education Policy
Policies and Procedures for the EDUCATION SPECIALIST CERTIFICATE Education Specialist programs in the College of Education are designed to strengthen the educational backgrounds of teachers, administrators,
2012-2013 Academic Year Regional Campuses Campus Accelerated Program for Adults (CAPA) Bachelor s Degree Programs Accounting Anthropology Behavioral Sciences Business Administration Child Development Computer
and Mission Information technology is a dynamic discipline that addresses the use of computing and I n t r o d u c t i o n information technology in business, education, government, and other organizations.
150 COLLEGE OF BUSINESS AND PUBLIC ADMINISTRATION Ellen Foster Curtis, Dean The College of Business and Public Administration presents strong theoretical and pragmatic programs at the graduate level which
PUBLIC ADMINISTRATION College of Business and Public Administration Ning Li, Program Director MPA EWU Spokane, 668 N. Riverpoint Blvd. Spokane, WA 99202-1677 Faculty: V. Elias, R. Fuller, W. Kelley, M.
Requirements for the Master s Degree in Curriculum and Instruction The requirements for the Master s Degree in Curriculum and Instruction are twofold: 1) Thirty-six credits of graduate coursework as described
National Center for Urban Education at the University of the District of Columbia Proposal submitted for consideration by the Academic Senate April 2010 Internal Review Committee members: Chris Myers Asch
Graduate Programs In Business Administration Accounting Student Learning Outcomes College of Business Administration M.S. in Accounting 1. Students will receive a high quality accounting education that
College of Business Kim LaFevor, D.B.A. Dean General Information Athens State University s College of Business is nationally accredited by the Accreditation Council for Business Schools and Programs (ACBSP),
Name of Institution: Francis Marion University Name of Program (include concentrations, options, and tracks): Healthcare Administration (HCA) (Tracks: Clinical and General) Program Designation Associate
College of Business Kim LaFevor, D.B.A. Dean General Information The Athens State University College of Business is nationally accredited by the Accreditation Council of Business Schools and Programs (ACBSP),
MA/MS in Education: Educational Leadership & Policy PACE Postsecondary, Adult & Continuing Education A specialty for those interested in the facilitation of adult learning in college and workplace settings.