Cybersecurity topics which make it into textbooks have historically been developed from real world threats which have been actualized in the real world. In fact, most risk management frameworks require cybersecurity threats to be ranked by a probability metric such as a likelihood and an impact score. Cybersecurity therefore is unlike other computing fields as it is most likely not developed in any part in isolation from the real world. This strong real world connection of the field can be emphasized directly to the student through regular cybersecurity lab and demo exercises. Our research contributes an new approach to cybersecurity learning through regular (i.e. weekly) lab demonstrations by either or both the instructor or students. The paper discusses a curriculum design where the cloud is employed for live cybersecurity demos to the students. A cloud service provider such as Amazon, Microsoft, or Google, can be employed in the classroom setting for the cybersecurity teaching and learnings. In some cases, our research has identified that these major cloud service providers offer free services for education. Our research can be used to guide further future curriculum designs gaps in cybersecurity or computing where traditional lab environments and resources are not available to both faculty and students.
Keywords: Cybersecurity, Teaching, Learning, Real Threats, Instructional Labs;
References:
[1] Renee Dopplick. 2015. Experiential cybersecurity learning. ACM Inroads 6, 2 (May 2015), 84-84.
[2] David Gould, Greg Block, and Simon Cleveland. 2018. Using Evolutionary Systems and Ideation Techniques to Enhance Student Cybersecurity Learning. In Proceedings of the 19th Annual SIG Conference on Information Technology Education (SIGITE '18). ACM, New York, NY, USA, 146-146.
[3] Harrison Ledford, Xenia Mountrouidou, and Xiangyang Li. 2016. Denial of service lab for experiential cybersecurity learning in primarily undergraduate institutions. J. Comput. Sci. Coll. 32, 2 (December 2016), 158-164.
[4] Anthony Peruma, Samuel A. Malachowsky, and Daniel E. Krutz. 2018. Providing an experiential cybersecurity learning experience through mobile security labs. In Proceedings of the 1st International Workshop on Security Awareness from Design to Deployment (SEAD '18). ACM, New York, NY, USA, 51-54.
[5] Rajesh Kalyanam and Baijian Yang. 2017. Try-CybSI: An Extensible Cybersecurity Learning and Demonstration Platform. In Proceedings of the 18th Annual Conference on Information Technology Education (SIGITE '17). ACM, New York, NY, USA, 41-46.
[6] Xenia Mountrouidou, Xiangyang Li, and Quinn Burke. 2018. Cybersecurity in liberal arts general education curriculum. In Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education (ITiCSE 2018). ACM, New York, NY, USA, 182-187.
[7] Animesh Pattanayak, Daniel M. Best, Daniel Sanner, and Jessica Smith. 2018. Advancing cybersecurity education: pink elephant unicorn. In Proceedings of the Fifth Cybersecurity Symposium (CyberSec '18). ACM, New York, NY, USA, Article 3, 1-7.
[8] Marco Ghiglieri and Martin Stopczynski. 2016. SecLab: An Innovative Approach to Learn and Understand Current Security and Privacy Issues. In Proceedings of the 17th Annual Conference on Information Technology Education (SIGITE '16). ACM, New York, NY, USA, 67-72.
[9] Te-Shun Chou and John Jones. 2018. Developing and Evaluating an Experimental Learning Environment for Cyber Security Education. In Proceedings of the 19th Annual SIG Conference on Information Technology Education (SIGITE '18). ACM, New York, NY, USA, 92-97.
[10] Sherly Abraham and Lifang Shih. 2015. Towards an integrative learning approach in cybersecurity education. In Proceedings of the 2015 Information Security Curriculum Development Conference (InfoSec '15). ACM, New York, NY, USA, Article 11, 1.