DESIGNING WEB LABS FOR TEACHING SECURITY CONCEPTS ABSTRACT

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "DESIGNING WEB LABS FOR TEACHING SECURITY CONCEPTS ABSTRACT"

Transcription

1 DESIGNING WEB LABS FOR TEACHING SECURITY CONCEPTS ABSTRACT Security education is critical in today s cyber threat environment. Many schools have investigated different approaches to teaching fundamental security concepts through lectures, hands on labs, security education tools, competitions, and integrated curricula. At our institution, we have used interactive tools in and out of the classroom to teach security concepts for several years. Several of our tools present concepts in a simulated environment with a higher level of abstraction than running a real tool on an actual machine. We have also begun experimenting with embedding the tools in a set of web pages that can be used to direct the student through the concepts, suggest experiments to try, and provide additional explanation of results. These web labs are well suited to remote access and online learning environments. This paper will describe the general design philosophy of such labs, give specific examples, and discuss our experience and future plans. INTRODUCTION Computer security and information assurance are important topics in computer science education. Security issues and principles are identified as core topic areas for computer science education by the ACM and IEEE recommended curricula ( The National Security Agency (NSA) and Department of Homeland Security (DHS) offer the Center of Academic Excellence (CAE) in Information Security Education designation to schools meeting stringent requirements in curricular topics, research, and institutional support ( Many new textbooks, recommended curricula, and teaching approaches have been developed to address these topics. Conferences and workshops such as the Colloquium for Information Systems Security Education (CISSE ) and the Information Security Education Curriculum Development (InfoSecCD) have been created to provide a forum for promoting information security education techniques at both the undergraduate and graduate levels. Different approaches to teaching security have been presented in these forums. One approach is to distribute security concepts across existing CS courses and integrate them at the point they are most relevant [8]. The advantage of this approach is that security is seen as an integral part of all areas of computer science versus a separate topic in and of itself. A different approach is to create separate security courses and/or set up complete programs and concentrations in security [1,2,4,13]. Perhaps, the most common approach is a hybrid of these two in which one or two security courses are available that focus on security concepts while fundamental security topics are distributed in existing courses such as networks, operating systems, software engineering, and databases. Regardless of the course structure chosen for teaching security, many educators advocate a hands on approach to teaching security and integrate a laboratory component into their program [7]. This provides a means for students to receive instruction on the concepts of security while gaining experience with the tools and techniques of security professionals. The Department of Computer Science at our institution has been teaching information security since Over the past 13 years, we have developed a variety of security curricula, tried numerous approaches to teaching specific concepts, developed labs for security education, created educational tools to foster student participation and understanding, and participated in various information security competitions. In 2003, our institution pursued and was recognized as a Center of Academic Excellence in Information Assurance Education.

2 HANDS ON TECHNIQUES Security Laboratories Our program emphasizes a hands on approach to security education through labs, interactive tools, and participation in competitions. Teaching students tools and techniques for information security leads to obvious issues regarding ethical challenges in ensuring students are aware of appropriate behavior and are held accountable for their actions. We dedicate several lessons in various courses to the ethical and legal issues and responsibilities associated with security. In addition to the ethical component, security labs face logistical challenges unlike other CS labs. Students are experimenting with potentially harmful malicious software that needs to be properly handled and isolated. At our institution, the security lab is not tied into either the school network or the internet. This needs to be taken into consideration when developing labs. The challenges of security labs become even greater for distance learning environments in which a centralized physical laboratory is not practical. One approach that some schools have taken to deal with this issue is the use of virtual machines [3]. While virtualization software is available for free, there is a large overhead in terms of laboratory management and maintenance. The largest problem we have faced with our security labs is the level of detailed underlying knowledge our students must have to fully utilize existing tools and understand their impact. While our students are exposed to multiple operating systems, their level of knowledge at the system administrator level is limited. We need to carefully construct labs to provide sufficient background for students to understand what is happening without either overwhelming them with system level details, or simply giving them a checkbox list of things to do without explanation. Interactive Classroom Visualizations To address the problem of lack of background knowledge while still providing a meaningful experience with security concepts, we have developed a suite of interactive tools that operate at a more abstract level [9,10,11]. These tools, known as interactive classroom visualizations, or ICV s, were originally developed for use in the classroom as active learning techniques [12]. They are short interactive tools for teaching concepts such as cipher algorithms, formal security models, public key infrastructure, security protocols, etc. They teach concepts at an abstract level and do not require students understand underlying system details to interact with and learn the concepts. These tools were developed specifically for instructor demonstration followed by student interaction as a classroom activity. They were not intended to be used in a standalone mode without additional instructional material. While this was adequate for the primary purpose of this approach, it does not allow the flexibility necessary for applications such as independent student exploration or distance learning. WEB LABS Concept

3 Extending the goals of the interactive classroom visualizations, our aim in developing security web labs is to demonstrate complex security concepts in an easily accessible way while requiring minimal prior preparation, lab support, or background knowledge. We accomplish this by focusing on higher levels of abstraction and providing sufficient informational context to make each lab largely standalone for the intended audience. Design Our web labs are designed to meet the following stated goals: Combine higher level of abstraction with sufficient explanatory context, Provide sufficient background information to ensure each lab is standalone, and Ensure the labs are interactive and experimental. We rely heavily on visualization components to achieve higher levels of concept abstraction. For example, when presenting relative password strengths, one approach is to numerically or mathematically present the size of the search space or amount of potential entropy. Our approach uses visualization to graphically relate the size of the search space between passwords of different lengths or consisting of larger character sets (e.g. numbers and special characters included). In addition to the visual demonstration of the concept, sufficient explanatory text is always included to fully describe the concept. Our audience ranges from college aged, non computer science freshman to senior level computer science and computer engineering majors. Keeping the audience in mind, we target the depth and amount of background information to ensure each lab can be a standalone experience. An example of this can be seen in our buffer overflow web labs. We begin the lab with a discussion of the Von Newman architecture and the concept of instructions and data sharing memory space. This background is essential to ensure each audience has sufficient foundation to understand the concept being introduced. A key to creating compelling web labs is to make them interactive and experimental in nature. Our suite of cryptographic web labs accomplishes this by providing the student the ability to interactively enter information, choose an encryption key and method, and watch the cipher text creation on the fly. This is further enhanced by guiding them through a set of experiments that interactively demonstrate different attack techniques for each encryption method. In the end, the concepts are built from a set of foundational information, through several different encryption methods, accompanied by multiple historical cryptographic attacks based on the relative strengths and weaknesses of each method. We find that designing web labs with the above stated goals in mind increases the students ability to complete them, increases their interest and enjoyment while working through complex topics, and increases their ability to understand and eventually apply the knowledge they have gained. Using Web Labs There are a number of ways to integrate web labs into a course or workshop. As mentioned earlier, we use them in a number of contexts. Here is a short list of possible ways they can be used followed by a discussion of their application in a few of the many ways we have employed them. Web labs can be used: Pre lecture to motivate or reinforce the concepts included in a preparatory reading,

4 Separate lab experience to demonstrate or reinforce concepts presented in a lecture, Distance learning the web labs can be accessed either online or offline in support of distance learning, In class as a learning focused exercise in class to work through difficult concepts with concrete examples, and In small groups the exercises can be used to initiate discussions and problem solving in small groups of students to enable collaborative learning. We employ web labs in many ways, ranging from high school level guided workshops through senior college level computer science classes. In many cases we even utilize the same web lab in these very different applications. We accomplish this by creating unique sets of questions and experiments targeted to the audience being taught. The web lab is focused on presenting, explaining, and demonstrating concepts. The targeted set of questions and experiments build on the conceptual material in the web lab to focus each set of students with the correct level of depth and difficulty. A few examples may best illustrate the ability to tailor the use of web labs in these ways. Our most versatile and widely used web lab to date is the suite of cryptography tools. We use these in a summer scientific seminar to guide high school seniors through the history and application of cryptography. We are careful to guide them through each cipher, its techniques, applications, and eventual attack and defeat in a historical context similar to the story of cryptography told in Simon Singh s excellent work The Code Book [13]. The experiments and exercises are presented and worked through with close instructor guidance by the entire class or in small groups of students. The material is presented at a much slower pace with less depth to ensure the group stays focused and engaged. Contrast this with our use of the same cryptography web labs used in our introduction to computing course consisting of mainly college freshmen. We cover the same material in a 50 minute class lecture that was presented in a roughly 3 hour workshop to high school students. For the college freshman we introduce the complexity required to break each cipher and begin to discuss the mathematical nature of the encryption. Lastly, we apply this same web lab in our college senior level cryptography course taken by computer science and systems engineering majors. In this context we assign the web lab as a prelecture exercise to review background material and set the stage for a much more rigorous in class lecture on the mathematical details and analysis of a variety of historically significant ciphers. The other web labs developed to date have proven to be equally versatile. The SQL injection lab is equally applicable in our information warfare course and our database course when accompanied with appropriate tailored questions and experiments. The buffer overflow web lab can be introduced in an operating systems class to demonstrate the concepts of stack frames and shared memory. Later in the curriculum, we more fully utilize the buffer overflow web lab in our information warfare course to demonstrate the core concepts of this exploit. OUR EXPERIENCE One of the motivations for creating security web labs was to provide a hands on laboratory experience without requiring the necessary background knowledge to run an actual tool in an actual environment. In addition, we wanted students to have sufficient explanation and direction to be able to complete the labs without instructor interaction or extensive reference material. Our initial experience with them is that they satisfy these requirements. Students are able to complete the labs in a timely fashion without requiring additional assistance. Students rate the labs as enjoyable and less frustrating than understanding the details associated with actual security tools. We have not attempted to quantify the

5 educational impact of the labs, as we have a small sample size of students and a formalized analysis with control groups is not practical. However, student reaction suggests the labs are an enjoyable and motivational part of the course. Currently, the following web labs have been completed: Cipher algorithms SQL Injection Database inference Password strength and cracking Buffer overflow Our existing Interactive Classroom Visualizations in formal models, security protocols, and public key infrastructure are being converted from standalone applications to the web lab format. Additional web labs are being developed in the areas of firewalls, access control, and denial of service. The tools will be hosted on a publically accessible web site for general use. Further information can be obtained by contacting the authors. BIBLIOGRAPHY [1] Azadegan, S., Lavine, M., O'Leary, M., Wijesinha, A., and Zimand, M An undergraduate track in computer security. In Proceedings of the 8th Annual Conference on innovation and Technology in Computer Science Education (Thessaloniki, Greece, June 30 July 02, 2003). D. Finkel, Ed. ITiCSE '03. ACM Press, New York, NY, [2] Bacon, T. and Tikekar, R Experiences with developing a computer security information assurance curriculum. J. Comput. Small Coll. 18, 4 (Apr. 2003), [3] Bullers, W. I., Burd, S., and Seazzu, A. F Virtual machines an idea whose time has returned: application to network, security, and database courses. In Proceedings of the 37th SIGCSE Technical Symposium on Computer Science Education (Houston, Texas, USA, March 03 05, 2006). SIGCSE '06. [4] Crowley, E Information system security curricula development. In Proceeding of the 4th Conference on information Technology Curriculum (Lafayette, Indiana, USA, October 16 18, 2003). CITC4 '03. ACM Press, New York, NY, [5] Ebeling, D. and Santos, R. Public Key Infrastructure Visualization. J. Comput. Small Coll. October [6] Ma, K Cyber security through visualization. In Proceedings of the 2006 Asia Pacific Symposium on information Visualisation Volume 60 (Tokyo, Japan). K. Misue, K. Sugiyama, and J. Tanaka, Eds. ACM International Conference Proceeding Series, vol Australian Computer Society, Darlinghurst, Australia, 3 7. [7] Mattord, H. J. and Whitman, M. E Planning, building and operating the information security and assurance laboratory. In Proceedings of the 1st Annual Conference on information Security Curriculum Development (Kennesaw, Georgia, October 08 08, 2004). InfoSecCD '04. ACM Press, New York, NY, [8] Petrova, K., Philpott, A., Kaskenpalo, P., and Buchan, J Embedding information security curricula in existing programmes. In Proceedings of the 1st Annual Conference on information Security Curriculum Development (Kennesaw, Georgia, October 08 08, 2004). InfoSecCD '04. ACM Press, New York, NY, [9] Schweitzer D. and Baird L., The design and use of interactive visualization applets for teaching ciphers. Proceedings of the 7th IEEE Workshop on Information Assurance, June 2006.

6 [10] Schweitzer D., Baird L., Collins M., Brown W., Sherman M. GRASP: A visualization tool for teaching security protocols. Proceedings of the 10th Colloquium for Information Systems Security Education, June [11] Schweitzer D., Collins M., Baird L. A Visual Approach to Teaching Formal Access Models in Security. Proceedings of the 11th Colloquium for Information Systems Security Education, June [12] Schweitzer, D., Gibson, D., Collins, M Active Learning in the Security Classroom, Proceedings of the Hawaii International Conference on System Science, HICSS 42,.[13] Vaughn, R. B., Dampier, D. A., and Warkentin, M. B Building an information security education program. In Proceedings of the 1st Annual Conference on information Security Curriculum Development (Kennesaw, Georgia, October 08 08, 2004). InfoSecCD '04. ACM Press, New York, NY, [13] Singh, S. The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography. Fourth Estate, London

Using Visualization to Teach Security

Using Visualization to Teach Security Using Visualization to Teach Security Dino Schweitzer, Wayne Brown Academy Center for Cyberspace Research, United States Air Force Academy, CO dino.schweitzer@usafa.edu Abstract. Interactive visualization

More information

Integrating Software Assurance and Secure Programming Concepts and Mindsets into an Undergraduate Computer Science Program

Integrating Software Assurance and Secure Programming Concepts and Mindsets into an Undergraduate Computer Science Program Integrating Software Assurance and Secure Programming Concepts and Mindsets into an Undergraduate Computer Science Program Striving to Achieve the Goals of the SEI/CERT Software Assurance Curriculum Project

More information

Center of Academic Excellence Cyber Operations Program 2013 Application

Center of Academic Excellence Cyber Operations Program 2013 Application Center of Academic Excellence Cyber Operations Program 2013 Application Name of Institution: Mailing Address of Institution: Date: Institution s President s Name and Official Email Address: Department

More information

NETWORK FIREWALL VISUALIZATION IN THE CLASSROOM *

NETWORK FIREWALL VISUALIZATION IN THE CLASSROOM * NETWORK FIREWALL VISUALIZATION IN THE CLASSROOM * 1st Lieutenant Justin Warner, 1st Lieutenant David Musielewicz, 1st Lieutenant G. Parks Masters, 1st Lieutenant Taylor Verett, 1st Lieutenant Robert Winchester

More information

SECURITY ACROSS THE CURRICULUM: USING COMPUTER SECURITY TO TEACH COMPUTER SCIENCE PRINCIPLES

SECURITY ACROSS THE CURRICULUM: USING COMPUTER SECURITY TO TEACH COMPUTER SCIENCE PRINCIPLES SECURITY ACROSS THE CURRICULUM: USING COMPUTER SECURITY TO TEACH COMPUTER SCIENCE PRINCIPLES Major Gregory White, Ph.D. Captain Gregory Nordstrom (ret.) 2354 Fairchild Dr., Suite 6K41 HQ USAFA/DFCS USAF

More information

Proceedings of the 10 th Colloquium for Information Systems Security Education University of Maryland, University College Adelphi, MD June 5-8, 2006

Proceedings of the 10 th Colloquium for Information Systems Security Education University of Maryland, University College Adelphi, MD June 5-8, 2006 GRASP: A Visualization Tool for Teaching Security Protocols Dino Schweitzer, Leemon Baird, Michael Collins, Wayne Brown, Michael Sherman, United States Air Force Academy Abstract Security protocols are

More information

A Systems Engineering Approach to Developing Cyber Security Professionals

A Systems Engineering Approach to Developing Cyber Security Professionals A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.

More information

TEACHING COMPUTER SECURITY WITH A HANDS-ON COMPONENT

TEACHING COMPUTER SECURITY WITH A HANDS-ON COMPONENT TEACHING COMPUTER SECURITY WITH A HANDS-ON COMPONENT Narayan Murthy Pace University, New York nmurthy@pace.edu Abstract To address national needs for computer security education, many universities have

More information

Interactive Web-based Teaching for Computing in an Engineering Degree*

Interactive Web-based Teaching for Computing in an Engineering Degree* Int. J. Engng Ed. Vol. 15, No. 5, pp. 358±364, 1999 0949-149X/91 $3.00+0.00 Printed in Great Britain. # 1999 TEMPUS Publications. Interactive Web-based Teaching for Computing in an Engineering Degree*

More information

Exploring Computer Science A Freshman Orientation and Exploratory Course

Exploring Computer Science A Freshman Orientation and Exploratory Course Exploring Computer Science A Freshman Orientation and Exploratory Course Stephen U. Egarievwe and Vivian J. Fielder Center for Internet Based Education and Research Department of Mathematics and Computer

More information

A Laboratory Based Capstone Course in Computer Security for Undergraduates

A Laboratory Based Capstone Course in Computer Security for Undergraduates A Laboratory Based Capstone Course in Computer Security for Undergraduates Mike O Leary Department of Computer and Information Science Towson University Towson, MD 21252 +1 410-704-4757 moleary@towson.edu

More information

Information Assurance Program at West Point

Information Assurance Program at West Point Information Assurance Program at West Point Daniel-Ragsdale@usma.edu John.Hill@usma usma.edu Scott.Lathrop@usma usma.edu Gregory.Conti@usma usma.edu USMA Information Assurance Program Institutional Support

More information

Course Specifications

Course Specifications Form (A) General Information Course name Course number Faculty Department Course type Course level Planning and Quality Assurance Affairs Course Specifications Information Security ITCS4301 Engineering

More information

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN 0-321-24744-2.

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN 0-321-24744-2. CSET 4850 Computer Network Security (4 semester credit hours) CSET Elective IT Elective Current Catalog Description: Theory and practice of network security. Topics include firewalls, Windows, UNIX and

More information

Active Learning in the Security Classroom

Active Learning in the Security Classroom Active Learning in the Security Classroom Dino Schweitzer US Air Force Academy dino.schweitzer@usafa.edu David Gibson US Air Force Academy david.gibson@usafa.edu Mike Collins ITT mike.collins@itt.com Abstract

More information

Teaching of Information Security in the Health Care and Nursing Postgraduate program

Teaching of Information Security in the Health Care and Nursing Postgraduate program Teaching of Information Security in the Health Care and Nursing Postgraduate program Tatjana Welzer 1, Marko Hölbl 1, Ana Habjanič 2, Boštjan Brumen 1, Marjan Družovec 1 1 University of Maribor, Faculty

More information

1. Introduction to ehealth:

1. Introduction to ehealth: 1. Introduction to ehealth: E-Health is one of the fastest growing areas within the health sector. The scope of e- Health involves application of the knowledge, skills and tools, which enable information

More information

Undergraduate Computer Security Education: A Report on our Experiences & Learning

Undergraduate Computer Security Education: A Report on our Experiences & Learning Undergraduate Computer Security Education: A Report on our Experiences & Learning Shiva Azadegan Michael O Leary Alexander Wijesinha Marius Zimand Towson University Abstract: Key words: We describe our

More information

Curran, K. Tutorials. Independent study (including assessment) N/A

Curran, K. Tutorials. Independent study (including assessment) N/A MODULE TITLE: MODULE CODE: Systems Security COM535 YEAR OF REVISION: 2013/14 MODULE LEVEL: 6 CREDIT POINTS: 20 MODULE STATUS: SEMESTER: 1 LOCATION: E-LEARNING: PREREQUISITE(S): CO-REQUISITE(S): MODULE

More information

Information Security Curriculum Creation: A Case Study

Information Security Curriculum Creation: A Case Study Information Security Curriculum Creation: A Case Study Bradley Bogolea College of Engineering The Pennsylvania State University University Park, Pa 16802 bdb194@cse.psu.edu Kay Wijekumar School of Information

More information

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY

MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing

More information

Teaching Game Development: At the Intersection of Computer Science and Humanities & Arts

Teaching Game Development: At the Intersection of Computer Science and Humanities & Arts Teaching Game Development: At the Intersection of Computer Science and Humanities & Arts David Finkel, Mark Claypool, Michael A. Gennert Department of Computer Science Fred Bianchi, Dean O Donnell, Patrick

More information

Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project

Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project Jaspal Subhlok Olin Johnson Venkat Subramaniam Ricardo Vilalta Chang Yun Department of Computer Science, University

More information

A New Undergraduate Major: Interactive Media and Game Development

A New Undergraduate Major: Interactive Media and Game Development A New Undergraduate Major: Interactive Media and Game Development David Finkel, Mark Claypool, Michael A. Gennert Department of Computer Science Fred Bianchi, Dean O Donnell, Patrick Quinn Department of

More information

Report on Game Design and Development Courses Meeting Knowledge Areas

Report on Game Design and Development Courses Meeting Knowledge Areas Report on Game Design and Development Courses Meeting Knowledge Areas Brent M. Dingle Summer 2014 Revised Fall 2014 and Spring 2015 Abstract This document approaches a Game Design and Development (GDD)

More information

An Accelerated Introductory Computer Science Course Sequence for Non-Traditional Master s Students

An Accelerated Introductory Computer Science Course Sequence for Non-Traditional Master s Students An Accelerated Introductory Computer Science Course Sequence for Non-Traditional Master s Students J. Denbigh Starkey Ray S. Babcock Anne S. DeFrance Computer Science Department Montana State University

More information

Introduction to Cyber Security / Information Security

Introduction to Cyber Security / Information Security Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be

More information

TEACHING COMPUTER SECURITY TO UNDERGRADUATES A Hands-On Approach

TEACHING COMPUTER SECURITY TO UNDERGRADUATES A Hands-On Approach TEACHING COMPUTER SECURITY TO UNDERGRADUATES A Hands-On Approach Rahul V. Tikekar Southern Oregon University Abstract: Increasing awareness of the vulnerabilities of computer systems has led to the introduction

More information

Security Goals Services

Security Goals Services 1 2 Lecture #8 2008 Freedom from danger, risk, etc.; safety. Something that secures or makes safe; protection; defense. Precautions taken to guard against crime, attack, sabotage, espionage, etc. An assurance;

More information

Integration of Mathematical Concepts in the Computer Science, Information Technology and Management Information Science Curriculum

Integration of Mathematical Concepts in the Computer Science, Information Technology and Management Information Science Curriculum Integration of Mathematical Concepts in the Computer Science, Information Technology and Management Information Science Curriculum Donald Heier, Kathryn Lemm, Mary Reed, Erik Sand Department of Computer

More information

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings

Computer Security. Principles and Practice. Second Edition. Amp Kumar Bhattacharjee. Lawrie Brown. Mick Bauer. William Stailings Computer Security Principles and Practice Second Edition William Stailings Lawrie Brown University ofnew South Wales, Australian Defence Force Academy With Contributions by Mick Bauer Security Editor,

More information

CS 450/650 Fundamentals of Integrated Computer Security

CS 450/650 Fundamentals of Integrated Computer Security CS 450/650 Fundamentals of Integrated Computer Security Course Information Department of Computer Science & Engineering UNR, Fall 2014 Class hours Tuesday & Thursday, 1:00 2:15am @ PE 101 Instructor E

More information

Electrical and Computer Engineering Undergraduate Advising Manual

Electrical and Computer Engineering Undergraduate Advising Manual Electrical and Computer Engineering Undergraduate Advising Manual Department of Engineering University of Massachusetts Boston Revised: October 5, 2015 Table of Contents 1. Introduction... 3 2. Mission

More information

Software Assurance Forum for Excellence in Code

Software Assurance Forum for Excellence in Code Software Assurance Forum for Excellence in Code Security Engineering Training: Building the Foundation for Software Security Success March 2012 About SAFECode The Software Assurance Forum for Excellence

More information

Cyber Exercises, Small and Large

Cyber Exercises, Small and Large First International Conference on Cyber Crisis Cooperation: Cyber Exercises 27 June 2012 Cyber Exercises, Small and Large Commander Mike Bilzor Computer Science Department U.S. Naval Academy Annpolis,

More information

Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment.

Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment. Provost s Learning Innovations Grant for Faculty Special Request for Proposal Course Development 2009-2010 Project Title: Including Real Networking Hardware in the Modeling and Simulation (M&S) Environment.

More information

Proposal for a Graduate Certificate in Information Assurance Education Track 2. Submitted. by the. School of Technology West Lafayette Campus

Proposal for a Graduate Certificate in Information Assurance Education Track 2. Submitted. by the. School of Technology West Lafayette Campus Graduate Council Document 03-24a Approved by the Graduate Council 11/20/03 Proposal for a Graduate Certificate in Information Assurance Education Track 2 Submitted by the School of Technology West Lafayette

More information

Multi-core Curriculum Development at Georgia Tech: Experience and Future Steps

Multi-core Curriculum Development at Georgia Tech: Experience and Future Steps Multi-core Curriculum Development at Georgia Tech: Experience and Future Steps Ada Gavrilovska, Hsien-Hsin-Lee, Karsten Schwan, Sudha Yalamanchili, Matt Wolf CERCS Georgia Institute of Technology Background

More information

INTRODUCING PROGRAMMING TO MIDDLE AND HIGH SCHOOLS USING GAME-BASED APPROACH. Emmanuel Udoh 1. INTRODUCTION

INTRODUCING PROGRAMMING TO MIDDLE AND HIGH SCHOOLS USING GAME-BASED APPROACH. Emmanuel Udoh 1. INTRODUCTION INTRODUCING PROGRAMMING TO MIDDLE AND HIGH SCHOOLS USING GAME-BASED APPROACH Emmanuel Udoh Indiana University Purdue University, Fort Wayne, Indiana; Email: udohe@ipfw.edu 1. INTRODUCTION Abstract: In

More information

Ccybersecurity Education

Ccybersecurity Education Ccybersecurity Education The Obstacle and Challenges Panel Discussion Summer Workshop on Cyber Security Education for Community College Faculty in West Texas Texas Tech University August 13, 2013 COMPUTER

More information

CONDENSING THE CC-2001 CORE IN AN INTEGRATED CURRICULUM

CONDENSING THE CC-2001 CORE IN AN INTEGRATED CURRICULUM CONDENSING THE CC-2001 CORE IN AN INTEGRATED CURRICULUM Ingrid Russell, CS Department, University of Hartford, irussell@hartford.edu Michael Georgiopoulos, EECS, University of Central Florida, michaelg@mail.ucf.edu

More information

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification 1. Module Title Information Security 2. Module Code: CS403INS 3. Module Level - Forth Stage 4. Module Leader Safwan M. 5. Teaching Semester 7 and 8 Soran University Faculty of Science and Engineering Computer

More information

The USNA Cyber Program

The USNA Cyber Program The USNA Cyber Program Turning Midshipmen into Cyber Warriors CAPT Paul Tortora, USN Director, Center for Cyber Security Studies Bottom Line Up Front All Midshipmen now take two Cyber Security Courses

More information

Instructional Design Strategies for Teaching Technological Courses Online

Instructional Design Strategies for Teaching Technological Courses Online Instructional Design Strategies for Teaching Technological s Online Jiangping Chen 1, Ryan Knudson 1, 1 Department of Library and Information Sciences, University North Texas, 1155 Union Circle #311068,

More information

Mastery approaches to mathematics and the new national curriculum

Mastery approaches to mathematics and the new national curriculum October 2014 Mastery approaches to mathematics and the new national curriculum Mastery in high performing countries The content and principles underpinning the 2014 mathematics curriculum reflect those

More information

UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW

UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW John C. Knight, Jane C. Prey, & Wm. A. Wulf Department of Computer Science University of Virginia Charlottesville, VA 22903

More information

(IŞIK - IT201) 1 / 6 COURSE PROFILE. Theory+PS+Lab (hour/week) Local Credits. Course Name Code Semester Term ECTS

(IŞIK - IT201) 1 / 6 COURSE PROFILE. Theory+PS+Lab (hour/week) Local Credits. Course Name Code Semester Term ECTS COURSE PROFILE Course Name Code Semester Term Theory+PS+Lab (hour/week) Local Credits ECTS Network Security IT527 Fall 3 + 0 + 0 3 8 Prerequisites None Course Language Course Type Course Lecturer Course

More information

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute

Certifications and Standards in Academia. Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Certifications and Standards in Academia Dr. Jane LeClair, Chief Operating Officer National Cybersecurity Institute Accreditation What is it? Why is it important? How is it attained? The National Centers

More information

Software Assignments for a Course in Secure E-Commerce

Software Assignments for a Course in Secure E-Commerce Software Assignments for a Course in Secure E-Commerce Chris Steketee and Phillip Lock Advanced Computing Research Centre, School of Comp and Info Science University of South Australia, Mawson Lakes, SA

More information

CYBER DEFENSE COMPETITION: A TALE OF TWO TEAMS *

CYBER DEFENSE COMPETITION: A TALE OF TWO TEAMS * CYBER DEFENSE COMPETITION: A TALE OF TWO TEAMS * Yan Bei and Robert Kesterson Institute of Technology University of Washington, Tacoma Tacoma, WA 253-692-5863 yanb@u.washington.edu Kyle Gwinnup and Carol

More information

TEACHING INTRODUCTORY COMPUTER GRAPHICS WITH THE PROCESSING LANGUAGE

TEACHING INTRODUCTORY COMPUTER GRAPHICS WITH THE PROCESSING LANGUAGE TEACHING INTRODUCTORY COMPUTER GRAPHICS WITH THE PROCESSING LANGUAGE Dino Schweitzer, Jeff Boleng, Paul Graham United States Air Force Academy, CO 80840 dino.schweitzer@usafa.edu ABSTRACT Different approaches

More information

The Importance of Using Hacker Contests and Mindset in Teaching Networks and Information Assurance

The Importance of Using Hacker Contests and Mindset in Teaching Networks and Information Assurance The Importance of Using Hacker Contests and Mindset in Teaching Networks and Information Assurance Thomas A. Babbitt This paper was completed and submitted in partial fulfillment of the Master Teacher

More information

The CS Principles Project 1

The CS Principles Project 1 The CS Principles Project 1 Owen Astrachan, Duke University Amy Briggs, Middlebury College Abstract The Computer Science Principles project is part of a national effort to reach a wide and diverse audience

More information

The International Research Foundation for English Language Education

The International Research Foundation for English Language Education Title of Report: Nursing and medical technology Case Report Author: Najma Janjua, Ph.D., Professor Training Organization: Kagawa Prefectural University of Health Sciences 1 Kagawa, Japan Date of Publication:

More information

Network Security Course Specifications2011-2012

Network Security Course Specifications2011-2012 Assiut University Faculty of Computers & Information Department of Information Technology Quality Assurance Unit Network Security Course Specifications2011-2012 Relevant program B.Sc. in Computers and

More information

Master of Science in Information Systems & Security Management. Courses Descriptions

Master of Science in Information Systems & Security Management. Courses Descriptions Master of Science in Information Systems & Security Management Security Related Courses Courses Descriptions ISSM 530. Information Security. 1 st Semester. Lect. 3, 3 credits. This is an introductory course

More information

Major prerequisites by topic: Basic concepts in operating systems, computer networks, and database systems. Intermediate programming.

Major prerequisites by topic: Basic concepts in operating systems, computer networks, and database systems. Intermediate programming. Elective course in Computer Science University of Macau Faculty of Science and Technology Department of Computer and Information Science SFTW498 Information Security Syllabus 2nd Semester 2011/2012 Part

More information

CURRICULUM VITA. Michael J. Tammaro. Department of Physics University of Rhode Island Kingston, RI 02881 (401) 874-2079 tammaro@uri.

CURRICULUM VITA. Michael J. Tammaro. Department of Physics University of Rhode Island Kingston, RI 02881 (401) 874-2079 tammaro@uri. CURRICULUM VITA Michael J. Tammaro Department of Physics University of Rhode Island Kingston, RI 02881 (401) 874-2079 tammaro@uri.edu EDUCATION Ph.D., August 1997, Theoretical Condensed Matter Physics,

More information

Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle

Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle Criteria for Accrediting Computer Science Programs Effective for Evaluations during the 2004-2005 Accreditation Cycle I. Objectives and Assessments The program has documented, measurable objectives, including

More information

EC-Council. Program Brochure. EC-Council. Page 1

EC-Council. Program Brochure. EC-Council. Page 1 Program Brochure Page 1 Certified Ethical Hacker Version 7 Revolutionary Product releases the most advanced ethical hacking program in the world. This much anticipated version was designed by hackers and

More information

Stimulating Software Security Education at Community Colleges Through Training Workshops

Stimulating Software Security Education at Community Colleges Through Training Workshops Stimulating Software Security Education at Community Colleges Through Training Workshops Akbar Siami Namin Computer Science Department Texas Tech University Lubbock, TX, USA akbar.namin@ttu.edu Fethi A.

More information

Issues in offering numeric based courses in an online environment

Issues in offering numeric based courses in an online environment Abstract Issues in offering numeric based courses in an online environment Scott Mensch Indiana University of Pennsylvania When developing online classrooms it is necessary to ensure that all learners

More information

A LOOK BACK: UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW

A LOOK BACK: UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW A LOOK BACK: UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW John C. Knight, Jane C. Prey, & Wm. A. Wulf Department of Computer Science University of Virginia ABSTRACT

More information

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.

More information

Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project

Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project Tablet PC Video based Hybrid Coursework in Computer Science: Report from a Pilot Project Jaspal Subhlok Olin Johnson Venkat Subramaniam Ricardo Vilalta Chang Yun Department of Computer Science, University

More information

Providing an Undergraduate Research Experience in a Senior Level Security Course

Providing an Undergraduate Research Experience in a Senior Level Security Course Providing an Undergraduate Research Experience in a Senior Level Security Course Dino Schweitzer, Jeff Boleng, and Steven Hadfield, United States Air Force Academy Abstract Student research can be a powerful

More information

Course Title MG6029 Advanced Network Engineering 1 Version: July 2011

Course Title MG6029 Advanced Network Engineering 1 Version: July 2011 Course Title MG6029 Advanced Network Engineering 1 Version: July 2011 Course Code 513.622 Level 6 Credits MIT credits 15 NQF Course Hours Lecture directed learning: 45 Self directed learning: 105 Made

More information

FORBIDDEN - Ethical Hacking Workshop Duration

FORBIDDEN - Ethical Hacking Workshop Duration Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once

More information

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) Page 1 of 6 Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits) TNCC Cybersecurity Program web page: http://tncc.edu/programs/cyber-security Course Description: Encompasses

More information

Conley, D. T. (2010). College and Career Ready: Helping all Students Succeed Beyond High School. San Francisco: Jossey Bass.

Conley, D. T. (2010). College and Career Ready: Helping all Students Succeed Beyond High School. San Francisco: Jossey Bass. 1 Conley, D. T. (2010). College and Career Ready: Helping all Students Succeed Beyond High School. San Francisco: Jossey Bass. (Abstract prepared for AVID Postsecondary by Harriet Howell Custer, Ph.D.)

More information

A Design Paradigm in Undergraduate Electrical Engineering Curriculum

A Design Paradigm in Undergraduate Electrical Engineering Curriculum A Design Paradigm in Undergraduate Electrical Engineering Curriculum Habib Rahman Saint Louis University Department of Electrical and Computer Engineering McDonnell Douglas Hall, 3450 Lindell Boulevard

More information

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun CSCI 454/554 Computer and Network Security Instructor: Dr. Kun Sun About Instructor Dr. Kun Sun, Assistant Professor of Computer Science http://www.cs.wm.edu/~ksun/ Phone: (757) 221-3457 Email: ksun@wm.edu

More information

Two Models of a Cryptography and Computer Security Class in a Liberal Arts Context

Two Models of a Cryptography and Computer Security Class in a Liberal Arts Context Two Models of a Cryptography and Computer Security Class in a Liberal Arts Context Suzanne Fox Buchele Southwestern University 1001 East University Avenue Georgetown, TX 78626 bucheles@southwestern.edu

More information

RFI Summary: Executive Summary

RFI Summary: Executive Summary RFI Summary: Executive Summary On February 20, 2013, the NIH issued a Request for Information titled Training Needs In Response to Big Data to Knowledge (BD2K) Initiative. The response was large, with

More information

90% of data breaches are caused by software vulnerabilities.

90% of data breaches are caused by software vulnerabilities. 90% of data breaches are caused by software vulnerabilities. Get the skills you need to build secure software applications Secure Software Development (SSD) www.ce.ucf.edu/ssd Offered in partnership with

More information

AN ANALYSIS OF THE CURRICULUM COMPONENTS OF COMPUTER FORENSICS UNDERGRADUATE COURSES IN THE UNITED KINGDOM

AN ANALYSIS OF THE CURRICULUM COMPONENTS OF COMPUTER FORENSICS UNDERGRADUATE COURSES IN THE UNITED KINGDOM AN ANALYSIS OF THE CURRICULUM COMPONENTS OF COMPUTER FORENSICS UNDERGRADUATE COURSES IN THE UNITED KINGDOM Paula Thomas Faculty of Advanced Technology, University of Glamorgan 2 CF37 1DL, Pontypridd pthomas@glam.ac.uk

More information

Computer Science Curriculum Revision

Computer Science Curriculum Revision Computer Science Curriculum Revision Background Undergraduate programs in computing-related disciplines began to emerge in the 1960s. At that time there were only three kinds of computing-related programs:

More information

Tele-Lab IT Security: An Architecture for Interactive Lessons for Security Education

Tele-Lab IT Security: An Architecture for Interactive Lessons for Security Education Tele-Lab IT Security: An Architecture for Interactive Lessons for Security Education Ji Hu hu@ti.uni-trier.de Christoph Meinel meinel@ti.uni-trier.de Michael Schmitt michael.schmitt@teststep.org ABSTRACT

More information

National Cyber League (NCL) Syllabus

National Cyber League (NCL) Syllabus Note to Faculty The NCL Syllabus is intended as a supplement to a CompTIA Security+ class, or related Network Security course. A primary goal of the NCL is to integrate exercises and competitions into

More information

Master of Science in Computer Science

Master of Science in Computer Science Master of Science in Computer Science Background/Rationale The MSCS program aims to provide both breadth and depth of knowledge in the concepts and techniques related to the theory, design, implementation,

More information

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis

CMSC 421, Operating Systems. Fall 2008. Security. URL: http://www.csee.umbc.edu/~kalpakis/courses/421. Dr. Kalpakis CMSC 421, Operating Systems. Fall 2008 Security Dr. Kalpakis URL: http://www.csee.umbc.edu/~kalpakis/courses/421 Outline The Security Problem Authentication Program Threats System Threats Securing Systems

More information

PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES

PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES PANEL TITLE: UNIVERSITY APPROACHES TO INFORMATION SECURITY EDUCATION - CHALLENGES, ISSUES, SUCCESSES, AND OPPORTUNITIES PANEL CHAIR: Dr. Rayford Vaughn ( Mississippi State University): Dr. Vaughn teaches

More information

MS-55096: Securing Data on Microsoft SQL Server 2012

MS-55096: Securing Data on Microsoft SQL Server 2012 MS-55096: Securing Data on Microsoft SQL Server 2012 Description The goal of this two-day instructor-led course is to provide students with the database and SQL server security knowledge and skills necessary

More information

Toward Curricular Guidance in the Cyber Sciences

Toward Curricular Guidance in the Cyber Sciences Toward Curricular Guidance in the Cyber Sciences 1 6 J U N E 2 0 1 5 2 0 1 5 C I S S E L A S V E G A S D A V I D G I B S O N, U S A I R F O R C E A C A D E M Y B E T H H A W T H O R N E, U N I O N C O

More information

INNOVATION IN UNDERGRADUATE COMPUTER SCIENCE EDUCATION

INNOVATION IN UNDERGRADUATE COMPUTER SCIENCE EDUCATION INNOVATION IN UNDERGRADUATE COMPUTER SCIENCE EDUCATION Amruth N. Kumar (Moderator) Ramapo College of New Jersey, Mahwah, NJ amruth@ramapo.edu Jack Beidler University of Scranton, PA beidler@scranton.edu

More information

Masters in Artificial Intelligence

Masters in Artificial Intelligence Masters in Artificial Intelligence Programme Requirements Taught Element, and PG Diploma in Artificial Intelligence: 120 credits: IS5101 CS5001 CS5010 CS5011 CS4402 or CS5012 in total, up to 30 credits

More information

Foundations of Computer Security

Foundations of Computer Security Foundations of Computer Security Lecture 1: Dr. Bill Young Department of Computer Sciences University of Texas at Austin Lecture 1: 1 Course Topics Topics we will cover include: What is computer security?

More information

Security in Computer Literacy- A Model for Design, Dissemination, and Assessment

Security in Computer Literacy- A Model for Design, Dissemination, and Assessment Security in Computer Literacy- A Model for Design, Dissemination, and Assessment Claude F. Turner Department of Computer Science Bowie State University (301) 860-3965 cturner@bowiestate.edu Blair Taylor

More information

Animating Programs and Students in the Laboratory

Animating Programs and Students in the Laboratory Animating Programs and Students in the Laboratory James F. Korsh Paul S. LaFollette, Jr. Department of Computer and Information Sciences Temple University Philadelphia, PA 19122 Raghvinder Sangwan Department

More information

SUMMER WORKSHOP ON CYBER SECURITY

SUMMER WORKSHOP ON CYBER SECURITY August 12-16, 2013 Security SUMMER WORKSHOP ON CYBER SECURITY CYBER SECURITY EDUCATION DR. AKBAR NAMIN Texas Tech University August 12-16, 2013 Supported by National Science Foundation 1 August 12-16,

More information

A STATISTICS COURSE FOR ELEMENTARY AND MIDDLE SCHOOL TEACHERS. Gary Kader and Mike Perry Appalachian State University USA

A STATISTICS COURSE FOR ELEMENTARY AND MIDDLE SCHOOL TEACHERS. Gary Kader and Mike Perry Appalachian State University USA A STATISTICS COURSE FOR ELEMENTARY AND MIDDLE SCHOOL TEACHERS Gary Kader and Mike Perry Appalachian State University USA This paper will describe a content-pedagogy course designed to prepare elementary

More information

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus

Department of Computer & Information Sciences. INFO-450: Information Systems Security Syllabus Department of Computer & Information Sciences INFO-450: Information Systems Security Syllabus Course Description This course provides a deep and comprehensive study of the security principles and practices

More information

New Program Development on Networking Information Technology

New Program Development on Networking Information Technology atmae white paper July 2014 New Program Development on Networking Information Technology Developing the 21st Century Workforce Dr. Xiaobing Hou Dr. Karen Tracey Dr. Shuju Wu Central Connecticut State University

More information

Progressive Teaching of Mathematics with Tablet Technology

Progressive Teaching of Mathematics with Tablet Technology Progressive Teaching of Mathematics with Tablet Technology 1 Progressive Teaching of Mathematics with Tablet Technology Birgit Loch University of Southern Queensland, Australia lochb@usq.edu.au Diane Donovan

More information

Teaching Portfolio. Teaching Philosophy

Teaching Portfolio. Teaching Philosophy Teaching Portfolio Teaching Philosophy Over the course of my education, I have had the privilege of interacting with some truly excellent teachers, who have shaped my knowledge, reasoning, and technical

More information

A Curricular Strategy for Information Security Engineering

A Curricular Strategy for Information Security Engineering A Curricular Strategy for Information Security Engineering Abstract Richard Smith Department of Computer and Information Sciences (formerly QMCS) University of St. Thomas Existing textbooks and training

More information

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance

Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance Protect Your Organization With the Certification That Maps to a Master s-level Education in Software Assurance Sponsored by the U.S. Department of Homeland Security (DHS), the Software Engineering Institute

More information

Gaming for Middle School Students: Building Virtual Worlds

Gaming for Middle School Students: Building Virtual Worlds Gaming for Middle School Students: Building Virtual Worlds CHARLES R. HARDNETT Spelman College Computer Science Department Atlanta, GA 30314 hardnett@spelman.edu ABSTRACT We can begin engaging new talented

More information

EECS 588: Computer and Network Security. Introduction January 14, 2014

EECS 588: Computer and Network Security. Introduction January 14, 2014 EECS 588: Computer and Network Security Introduction January 14, 2014 Today s Class Welcome! Goals for the course Topics, what interests you? Introduction to security research Components of your grade

More information